-
QUESTION
Emergency Management Perspectives on Cyber security
- Weeks 5-6 Written Assignment
• (submit as single MS Word file under Assignments; The Paper must be in APA format with an Introduction and Conclusion. Please use the attached template)
o Part 1 (Refer to Week 5 Readings)
§ After reading Moore at al. (2010), Goodyear, Portillo, Goerdel & Williams (2010) and Deloitte-NASCIO (2013), develop a cybersecurity/EM Policy Analytical model in which you will recommend and justify the most effective way to manage emergency management related cybersecurity issues at the state level.
§ Utilize additional resources as needed.
§ Conclude with a research or policy question for further research.
§ You must utilize literature and cite properly.
• Part 2 (Refer to Week 6 Readings)
o After reading the article, respond to the following four questions bellow.
o Separate each response with the sub-headed question statement):
§ Larry Clinton describes government-industry partnership as similar to a parent-child relationship, wherein the parent (government) feels the need to exhibit some tough love on an uncooperative and immature child (the private sector). The analogy breaks down, however, when one realizes that in this case the "child" (industry) is actually far bigger, stronger, and has more resources than the supposed parent. Clinton argues it is the parent (government) in this case that is ultimately reliant on the child for cyber security. While industry cyber systems are vulnerable to attack-as are virtually all infrastructures historically- the market has produced an array of effective means to protect their cyber systems. The problem is the lack of proper implementation of cyber security best practices and relatively simple fixes, like software updates and security patches. Title each response with the question text:
o What needs to be done and how do we get people to do it?
o Will a traditional regulatory model work in this space?
o Does a newer model to address uniquely 21st century issues need to be developed?
o Whom should the government regulate?
o Conclude with a research or policy question for further research.
o You must utilize literature and cite properly.
o Use APA style
o Provide in-text citations and references.
Submit both Parts as a single Microsoft Word document
Name the file "EDMG600Weeks5-6_YourLastName.doc/x" (e.g., EDMG600Weeks5-6_Pesic.doc/x). Upload the document under Assignments.
Insert the Long Title: Use Upper- and Lower-Case Font and Bold
Insert the Long Title of Your Paper Bold
Begin the paper with an introduction of your topic. An introduction has an attention getter, purpose or thesis statement, and an overview. An attention getter can begin with any of the 6 ways: (1) Anecdote, (2) Question, (3) Quotation, (4) Humor, (5) Shocking Statistic, or a (6) combination of them (http://classroom.synonym.com/5-types-attention-getters-essays-2877.html). After you introduce the topic, state the purpose of the paper. The purpose can be as simple as restating the objective of the assignment. The purpose of this paper is to (state purpose). (Overview) The paper will address the following: (List topics)
Cybersecurity/EM Policy Analytical Model
Discuss/develop a cybersecurity/EM Policy Analytical model in which you will recommend and justify the most effective way to manage emergency management related cybersecurity issues at the state level. Provide a detailed discussion and proved APA formatted citations. Ensure your paragraphs are supported.
Research or Policy Question for Further Research
State a research or policy question.
What Needs to be Done and How do We get it Done
Discuss and evaluate the arguments, themes, tenets and assertions. Provide a detailed discussion and proved APA formatted citations. Ensure your paragraphs are supported.
Will a Traditional Regulatory Model Work?
Discuss and evaluate the arguments, themes, tenets and assertions. Provide a detailed discussion and proved APA formatted citations. Ensure your paragraphs are supported.
Does a Newer Model Need to be Developed for Uniquely 21st Century Issues?
Discuss and evaluate the arguments, themes, tenets and assertions. Provide a detailed discussion and proved APA formatted citations. Ensure your paragraphs are supported.
Whom Should the Government Regulate?
(Describe the main points and tenets of the arguments). Ensure you address all points on the scoring rubric. Please provide example to support your research or assumptions. Real world events, experiences, opinions based on research, conclusions based on research. Be sure to use in text citation (Author, 2014).
Research or Policy Question for Further Research
State a research or policy question.
Conclusion
Conclusions wrap up what you have been discussing in your paper. After moving from general to specific information in the introduction and body paragraphs, your conclusion should begin pulling back into more general information that restates the main points of your argument. Conclusions may also call for action or overview future possible research. The following outline may help you conclude your paper:
In a general way,
- Restate your topic and why it is important,
- Restate your thesis/claim,
- Address opposing viewpoints and explain why readers should align with your position,
- Call for action or overview future research possibilities.
References
Clinton, L. (2011). A relationship on the rocks: Industry-government partnership for cyber defense. Journal of Strategic Security, 4 (2), 97-112. DOI: http://dx.doi.org/10.5038/1944-0472.4.2.6. Retrieved from http://scholarcommons.usf.edu/jss/vol4/iss2/7
Deloitte-NASCIO. (2013). Cybersecurity study state governments at risk: A call for collaboration and compliance. Deloitte and the National Association of State Chief Information Officers.
Goodyear, M., Portillo, S., Goerdel, H. T., Williams, L. (2010). Cybersecurity management in the states: The emerging role of Chief Information Security Officers. IBM Center for the Business of Government.
Moore, M., Wermuth, M.A., Castaneda, L.W., Chandra, A., Noricks, D., Resnick, A.C….. Burks, J.J. (2010). Bridging the gap: Developing a tool to support local civilian and military disaster preparedness. Santa Monica, CA: RAND, 21-80.
- Weeks 5-6 Written Assignment
| Subject | Technology | Pages | 11 | Style | APA |
|---|
Answer
-
Cyber Security Management Policy
Introduction
The importance of cyber security management has not only become a matter of national concern, but also a chief consideration when socio-economic importance is in question. Given the current security breaches in both government and private companies systems, interruptions have been faced, and in some cases, losses have been reported. In the quest to address cyber security concerns, a number of policies have been adopted to help in curbing these crimes and ensure consistency, reliability and efficiency of different systems. In the first part of this paper, two scholarly articles (Moor et al., 2010 and Deloitte, 2013) will be reviewed to provide a recommendation and justification for emergency management cyber security policy model. Consequently, the second part will provide responses to a number of questions based on the articles reviewed.
The policies will trace the internet users’ paths to control their navigation and ensure they are on the recommended track, aligned to the cyber security stipulated guidelines. Without the control measures for the internet users and providers, they can deviate from the pre-determined perspectives and cause discrepancies in information access and sharing (Moore et al., 2010). When individual’s or organizations’ sensitive data reaches the public domain, it no longer remains private but becomes irretrievable, which increases its risk of manipulation and exploitation by attackers (Goodyear et al., 2010). Cybercrime perpetrators have developed various schemes to reach and exploit the peoples' computer Operating Systems (OS) and expose sensitive data to the public.
Cybersecurity/EM Policy Analytical Model
The traditional regulatory model should formulate various policies efficacious in barring internet users, internet providers, and hackers from obtaining and sharing personal and sensitive data with the public. The policies should vividly explain the consequences of illegally obtaining and sharing information about a particular individual or organization. The policies should get standardized globally, and concerned government agencies should act accordingly to bring the perpetrators behind bars (Goodyear et al., 2010). It has been noticed that many individuals are not aware or concerned about the existing policies and regulations governing cybersecurity, and they think that it is the government's mandate to ensure that the internet is free from insecurity menace. The critical policy should focus on enlightening the populations on the policies aimed at protecting the internet.
Research or Policy Question for Further Research
Does educating or capacity building among various communities accessing the internet and creating regulations effective in enhancing cybersecurity?
What Needs to be Done and How do We get it Done
Educating the public on the policies governing cybersecurity and building capacity of individuals on various initiatives to protect their gadgets, emails, and data sharing is essential in curbing high incidences of cyber-crimes. Public sensitization also introduces the public to their role in solving or avoiding cybersecurity issues by creating awareness on the encryption of sensitive information. Additionally, awareness will enable them to understand various impacts of avoiding measures aligned to securing data from cyber perpetrators (Goodyear et al., 2010). Lastly, public awareness will impact e-business as the world is rapidly transforming from physical retails to online retails. Most organizations should adopt sophisticated security measures to avoid information/data breach.
Cybersecurity framework should continuously get updated to identify and solve emerging critical and recurring patterns concerning cyber threats and help create an emergency management system that will help realize the damages associated with cyber-attacks. The framework will ensure the institutionalization of a unique plan to counter cyber insecurity issues. Furthermore, it will bring the attention of local and state governments to work unanimously, and in a coordinated manner with the private sector in solving the increasing cyber insecurity. According to Goodyear et al. (2010), a partnership between various levels of government and private, as well as coordination of federal resources is mandatory in finding a solution to the problem.
Moreover, incident response policy will enhance citizens’ awareness of their role in the interventions and measures taken to enhance cybersecurity. The policy will act as a levelling ground for communication and formulation of formidable frameworks that help bridge the cyber insecurity, and help set immediate interventions for any threat attempt (Goodyear et al., 2010). The policy will also enhance the ethical decision-making process among various stakeholders concerned with tightening cybersecurity.
Policy concerning personal device use will bar individuals from illegally obtaining and sharing organizations’ data. The policy will ensure that the employees are governed from accessing their various institutions' information to extort or blackmail them for personal gains (Moore et al., 2010). Moreover, the policy will ensure that users protect their devices with stronger passwords, as well as update the security of their software and use secured networks.
Lastly, data sharing and emailing policies ensure that email and data sharing are overseen effectively and the devices in use protected. A study by Jayawarden et al. (2015) recommends enacting a policy that prevents employees from accessing certain attachment files directed to the organization unless the source is authenticated and safe. Moreover, various institutions should scrutinize the files send to their emails to determine the authenticity of senders, and more importantly ensure that the data is consistent (Moore et al., 2010). The sharing of data and emails should get done only on the company's network, and any breach of the set standards should lead to suspensions and job contract termination, as stipulated in the policy concerned with discipline.
Will a Traditional Regulatory Model Work?
According to Jayawarden et al. (2015), a combination of informal and formal approaches will ensure flexible, sectorial, and incremental policies that will strengthen the cybersecurity issue. As Clinton (2011) adds, the traditional regulatory model will work in one condition that the regulatory processes are cautiously handled, and the political factors tend to major on the intended floor, rather than creating a ceiling for acceptable characteristics. The creation of new models without streamlining the old model will allow a window of opportunity to the Advanced Persistent Threats (APT) to compromise the already formulated policies (Clinton, 2011). The traditional model should be accessed in terms of their costs and innovativeness. The model is sound and widely accepted because it is rooted in public-private partnerships.
Does a Newer Model Need to be developed for uniquely 21st Century Issues?
There is a need to develop a newer model to tackle the increasing issues of cyber-crimes. As such, the model should not necessarily aim at creating new regulations because of the interconnected issues related to the internet. The new model should aim at countering the high incentives aimed at facilitating cyber-attacks. It is clear that perpetrators offer great financial incentives in favor of people behind cyber-crimes, and thus the crime is linked to high profitability. The new model should also figure out how to protect or eradicate sites that educate users on cyber-attack methods and techniques. The new model should be unique in ensuring that cybersecurity enhancement methods are not overburdening the people, but they are productivity in securing the internet sector (Clinton, 2011). Lastly, the formal model should bridge the old model's existing gaps rather than replace the old model.
Whom Should the Government Regulate?
In partnership with private sectors, the government should develop desirable regulations to regulate internet system vendors, internet users, internet service providers, and companies concerned with web pages (Clinton, 2011).
Research or Policy Question for Further Research
Why are several interventions to enhance cybersecurity such as public-private partnerships, emailing, data sharing regulations, and public awareness not successful in addressing the problem of cybersecurity? Does this imply that the interventions are not implemented effectively, or cyber attackers are using technology that is ahead of the policymakers, or are they part of the system in charge of cyber security?
Conclusion
Cyberspace occupies the global socioeconomic space in the current century. Cyberspace has become an essential infrastructure on which modern-day societies depend on, and it has changed how people communicate and interact. However, cybersecurity threat has also become a global problem because of fear of losing and compromising sensitive data by cybercriminals; therefore, enhancing cybersecurity is an indispensable global issue. Some studies have insisted on modifying the old regulatory model, others have recommended developing a newer model, while others have proposed both the old and new regulatory models. The stakeholders mandated to find a solution to the problem should employ both models because some of the threats are reoccurring ones, while others are new.
Moreover, the Devolution of cybersecurity to personal companies and internet users, and monitoring cybersecurity by both government and private agencies will ensure a high level of sanity in the IT industry. The devolution and monitoring process should be guided by a precisely developed policy that indicates the responsibilities of the involved parties, and set the terms of pre-determined agreements. The policy should accord both parties equal powers in decision-making and create interventions that impact cybersecurity. This way, the policy will enable resource mobilizations from various agencies and create tactful interventions to mitigate the cyber-threat issues. This paper recommends further research on why policies and other interventions developed to curb cyber threats have not been successful.
References
-
Clinton, L. (2011). A relationship on the rocks: Industry-government partnership for cyber defense. Journal of Strategic Security, 4 (2), 97-112. DOI: http://dx.doi.org/10.5038/1944-0472.4.2.6. Retrieved from http://scholarcommons.usf.edu/jss/vol4/iss2/7
Deloitte-NASCIO. (, 2013). Cybersecurity study state governments at risk: A call for collaboration and compliance. Deloitte and the National Association of State Chief Information Officers.
Goodyear, M., Portillo, S., Goerdel, H. T., Williams, L. (2010). Cybersecurity management in the states: The emerging role of Chief Information Security Officers. IBM Center for the Business of Government.
Jayawardane, S., Larik, J. E., & Jackson, E. (2015). Cyber Governance: Challenges, Solutions, and Lessons for Effective Global Governance. The Hague Institute for Global Justice Policy Brief.
Moore, M., Wermuth, M.A., Castaneda, L.W., Chandra, A., Noricks, D., Resnick, A.C….. Burks, J.J. (2010). Bridging the gap: Developing a tool to support local civilian and military disaster preparedness. Santa Monica, CA: RAND, 21-80.
Related Samples
[/et_pb_text][et_pb_divider color="#E02B20" divider_weight="2px" _builder_version="4.9.3" _module_preset="default" width="10%" module_alignment="center" custom_margin="|||349px||"][/et_pb_divider][/et_pb_column_inner][/et_pb_row_inner][et_pb_row_inner use_custom_gutter="on" _builder_version="4.9.3" _module_preset="default" custom_margin="|||-44px||" custom_margin_tablet="|||0px|false|false" custom_margin_phone="" custom_margin_last_edited="on|tablet" custom_padding="13px||16px|0px|false|false"][et_pb_column_inner saved_specialty_column_type="3_4" _builder_version="4.9.3" _module_preset="default"][et_pb_blog fullwidth="off" post_type="project" posts_number="5" excerpt_length="26" show_more="on" show_pagination="off" _builder_version="4.9.3" _module_preset="default" header_font="|600|||||||" read_more_font="|600|||||||" read_more_text_color="#e02b20" width="100%" custom_padding="|||0px|false|false" border_radii="on|5px|5px|5px|5px" border_width_all="2px" box_shadow_style="preset1"][/et_pb_blog][/et_pb_column_inner][/et_pb_row_inner][/et_pb_column][et_pb_column type="1_4" _builder_version="3.25" custom_padding="|||" custom_padding__hover="|||"][et_pb_sidebar orientation="right" area="sidebar-1" _builder_version="4.9.3" _module_preset="default" custom_margin="|-3px||||"][/et_pb_sidebar][/et_pb_column][/et_pb_section][et_pb_section fb_built="1" specialty="on" _builder_version="4.9.3" _module_preset="default" custom_padding="0px|0px|0px|||"][et_pb_column type="3_4" specialty_columns="3" _builder_version="3.25" custom_padding="|||" custom_padding__hover="|||"][et_pb_row_inner _builder_version="4.9.3" _module_preset="default" custom_margin="|||-44px|false|false" custom_margin_tablet="|||0px|false|false" custom_margin_phone="" custom_margin_last_edited="on|tablet" custom_padding="28px|||||"][et_pb_column_inner saved_specialty_column_type="3_4" _builder_version="4.9.3" _module_preset="default"][et_pb_text _builder_version="4.9.3" _module_preset="default"]-
QUESTION
Week 4 Discusssion
This is a discussion question that I need answered. I need the second portion of the questioned answered thoroughly, both bullet points. I have highlighted it in yellow to show that it is what I need answered. I need this r returned to me completed without any grammatical or punctual errors. The company that I want this question written about is Nissan Motor Corporation.
Choose ONE of the following discussion question options to respond to:
Using Adverse Conditions to a Company's Advantage
- Chakravorti (2010) discusses four methods that corporate innovators use to turn adverse conditions to their advantage. Examine an organization of your choice and briefly discuss how the organization might use one of these methods.
-OR-
Assessing Risk and Reward
- Using the company of your choice, identify an important and difficult decision that they faced. What were the most important risks and the most important rewards of the decision?
- What data, analysis or perspective would you have used to help Sr. Management decide if the rewards outweighed the risks?
| Subject | Business | Pages | 4 | Style | APA |
|---|
Answer
Assessing Risk and Reward
The Nissan Motor Company is one of the leading automobile makers in the world. The Japanese carmaker has primarily enjoyed a successful run, allowing it to enter various regional and international markets such as the United States. However, the changing business environment was not favorable to the company in 2019. Notably, the cooperation recorded losses amounting to 7.8%. The experience pushed the management into making tough decisions, requiring almost all of its North American workforce to go for unpaid leaves.
In late 2019, the company announced that the decline in sales necessitated a two-day unpaid leave for the North American workers. The stated days for the vacation were January 2 and 3rd (Chicago Tribune, 2019). Notably, this move was a crucial decision for the company because of its conflicting impacts. Whereas on the positive side, it could help the firm minimize expenses, it threatened to affect the public perception of the company regarding employee welfare.
The rewards for the decision involved cutting expenses by not paying the workers on leave, which eventually would translate into reduced expenses. Another reward was that the decision could allow the company to optimize performance by evaluating employee performances then developing new milestones. However, on the low side, the company risked affecting its public image and brand name, especially in the North American market. As per Chakravorti (2010), the way an organization treats its employees influences the firm's public perception. Thus, Nissan risked eliciting a negative public perception. With a distorted public image, the company could fail to revive its declining sales.
I would have advised the management of Nissan to utilize the Predictive Analytic perspective in determining the right decision to take. Ideally, the approach tries to predict what might happen in the future if particular decisions or actions are undertaken at the moment (Traymbak & Aggarwal, 2019). Looking at the situation at Nissan, the company needed to develop a goal such as increasing sales. After that, they would have made decisions aimed at realizing the set goal. In this regard, the predicted outcome could give the management an overview of whether more risks existed or significant rewards could be realized.
.
References
-
Leeson, R. (2003). Ideology and the International Economy: The Decline and Fall of Bretton Woods. Springer.