Interview with Author of Recent Advances in Cybersecurity - Free Chapter Included

What made you write Recent Advances in Cybersecurity?

I wanted to bring critical cybersecurity and critical infrastructure protection issues to the front stage, and expose the ICT and cybersecurity research communities to the current problems, policies and practices. Furthermore, I wanted to provide a rich inventory of leading ICT nation states’ experience and practices in cybersecurity issues and critical infrastructure protection.

What new knowledge did you gain whilst writing the book?

One of the main conclusions that arose after researching the issues raised in this book was that we should all come together: individuals, states, NGOs and international organizations, to protect the surplus of ICT innovations. Children, families, critical infrastructures, digital democracy and freedom of speech are only a few of the things that are at stake here. Cross border cyber attacks, legal problems, cross border cyber crime attribution and technical crime attribution issues should be addressed in the near future.

The kindle version of Recent Advances in Cybersecurity is available for purchase on Amazon.

Below is chapter twelve of Recent Advances in Cybersecurity by Elsadig Saeid

United States Experience

Current National plan and future Directions

United States is the leading country in the world in information security and critical infrastructure protection. Although there is a large gap in the development of information and communications technologies between US and other countries, the US has constant ego to lead the world in this area. Thus each year, considerable amount of budget spent in research, development, and innovations in this area.

In 2010 and as a part of American Recovery and Reinvestment Act, the US government announced National Broadband Plan[157]. The six log term goals of this plan are as follows:

1. At least 100 million U.S. homes should have affordable access to actual download speeds of at least 100 megabits per second and actual upload speeds of at least 50 megabits per second.

2. The United States should lead the world in mobile innovation, with the fastest and most extensive wireless networks of any nation

3. Every American should have affordable access to robust broadband service, and the means and skills to subscribe if they so choose

4. Every American community should have affordable access to at least 1 gigabit per second broadband service to anchor institutions such as schools, hospitals, and government buildings

5. To ensure the safety of the American people, every first responder should have access to a nationwide, wireless, interoperable broadband public safety network

6. To ensure that America leads in the clean energy economy, every American should be able to use broadband to track and manage their real-time energy consumption

The US Federal Communication Commission (FCC), supervise the implementation of this plan by look up the statistics and indicators. Figure 12.1, show the main web page of the National Broadband Plan (Source: www.Broadband.gov)

Figure 12.1: the main web page of the US National Broadband Plan (Source: www.Broadband.gov)

Critical Sectors

In the US, the Ministry of the Homeland Security in according to the Presidential Policy Directive 21 (PPD-21) defines critical infrastructures as “the infrastructure provides the essential services that underpin American society. Proactive and coordinated efforts are necessary to strengthen and maintain secure, functioning, and resilient critical infrastructure – including assets, networks, and systems – that are vital to public confidence and the Nation's safety, prosperity, and well-being. based on this definition, the following Sectors are identified as State critical Infrastructures’[158].

• Information Technology Sector
• Telecommunications sector
• Chemical Sector
• Commercial Facilities Sector
• Dams Sector
• Commercial Nuclear Reactors، Materials، and Waste Sector
• Government Facilities
• Transportation Systems Sector
• Emergency Service Sectors
• Postal and Shipping Services Sector
• Agriculture and Food sector
• Public Health and Healthcare Sectors
• Energy Sectors
• Banking and Finance Sectors
• Defence Industrial Base Sector
• Critical Manufacturing Sectors

Past and Present Initiatives and Policies

In US, People recognize the importance of critical information infrastructures protection since 1990. In the United States, any attack can have a major impact on the economy and national security of the country and the world. Given the proportion of this sensitivity, the federal government has introduced a number of initiatives, and has taken a series of preventive measures to protect the critical infrastructure of Informatics and Communications. These initiatives and measures have been summarized as follows:

• Establishment of the Presidential Commission on Critical Infrastructure Protection (PCCIP) in 1997(include both Government and private sectors members) [159].
• Presidential directive 62 and 63 on 1998 to protect critical infrastructure [160].
• National Plan for Information [161] Systems Protection, 2000
• Homeland Security Executive Orders[162] and the establishment of the homeland security department in 2003
• Homeland Security Presidential Directive / HSPD-7 2003 [163] awarding the responsibility of the critical infrastructure protection to the homeland security department
• National strategy for homeland security 2002, Which includes the following points:
• National Strategy to Secure Cyberspace [164]
• Increase the national resistivity against cyber-attacks
• Reduce the loss by reducing the down time (when there is an attack)
• The National Strategy for the Physical Protection of Critical Infrastructures and Key Assets [165].
• National Strategy for Information-Sharing this strategy defines the information sharing protocol between different government sectors. This strategy updated in 2012 after the Wikileaks problem [166].
• Department of Defence Strategy for Operating in Cyberspace: this strategy is announced in 2011 to fulfill the following [167]:
• Using the defence tools for information security
• Search for new tools for information security
• Cooperate and sharing knowledge
• Building relations based on the information securities
• Support innovation
• The national Strategy to Combat Transnational [168]Organized Crime: Addressing Converging Threats to National Security: this strategy is announced in 2011
• The International Strategy for Cyberspace: Prosperity، Security، and Openness in a Networked World: This strategy is announced in 2011 [169, 170].
• National Strategy for Trusted Identities in Cyberspace: this strategy is developed in 2011 to strengthen the information security and critical infrastructure protection [171]
• Safeguarding American Consumers & Families Privacy: the aim of this cybersecurity initiative is to protect American companies, consumers, and infrastructure from cyber threats, while safeguarding privacy and civil liberties[172].
• Executive Order Promoting Private Sector Cybersecurity Information Sharing 2015: the aim of this executive order is to lay out a framework for expanded information sharing designed to help companies work jointly and work with the federal government, to quickly identify and protect against cyber threats.

Organizational and institutional Overview

During the dawn of the information security and critical infrastructure protection age, the US government delegated the duty of safeguarding critical infrastructure to agencies within the commerce ministry, namely the Critical Infrastructure Assurance Office (CIAO). This office collaborated closely with the Federal Bureau of Investigation (FBI) to probe into cybercrimes and coordinate cybersecurity incident responses. However, with the evolution of the information and communications sector, coupled with a rise in cyber-attack rates, the government founded the Department of Homeland Security (DHS) to reinforce the protection of critical infrastructure, supported by the subsequent organization:

1. National Office of Infrastructure Protection (OIP): this provide the following services:

• Lead the operation/ plan of the critical infrastructure protection
• Evaluate the risk management plans
• Supervise the information sharing between different sectors
• Collect the data and make the necessary analysis about risk
• Establish international relations for information security and critical infrastructure protection.

2. Office for Cybersecurity and Communications (CS&C): this office coordinates between different on risk managements and cyber attack incidents handling. The main objective points are [173]:

• The telecommunication network should provide it is a service all time and under any condition.
• The national information security sector should work will all private and public sectors to protect the critical infrastructure
• Office of Emergency Communications (OEC): this office is working to develop an emergency communication system to make sure that the government order is coordinated at the emergency time.

3. US Department of State: the state department is working closely with the Defense department and foreign alliance to support all initiatives related to information security to reduce risk and vulnerability.

4. Congressional Focus: working as part of the homeland security committee to support the following directions:

• Communication and critical information protection
• Support the research initiatives related to information security and risk managements.
• Making sure that all communication and information system can work at emergency time;
• Supporting the national intelligence, information sharing, and risk management information

5. Government Accountability Office (GAO): This office generates periodic reports on cybersecurity incidents and the status of the country to compete cybercrime.

6. Defense Community group: This is work on developing strategic cybersecurity strategy for define and industrial defense systems.

7. Computer Crime and Intellectual Property Section: This section working within the department of justice’s to articulate laws and legislations related to computer crime and intellectual properties.

8. Protected Critical Infrastructure Information Program (PCIIP): the goal of this program is to boost information sharing in between private sectors

9. Information Sharing and Analysis Centers (ISACs): (figure 12.2, http://www.isaccouncil.org/memberisacs.html): on these information sharing centers, interrelated industrial group such as Microsoft, Intel, CA, NortonLIfeLock, CSC, IBM, Oracle, eBay, EWA-IIT، Harris، Hewlett Packard, BAE Systems, IT, and VeriSign, In. are forming information sharing focal point to share risk information.

Figure 12.2: the website for information sharing centers (Source: http://www.isaccouncil.org/memberisacs.html)

10. InfraGard office: this office coordinate between the private sectors and the FBI on research and development related to information security and critical infrastructure protection[174].

11. The office of National Cyber Security Alliance (NCSA): the purpose of this office is to gather industrial group and sectors in information sharing group to enable them to share valuable common information security and critical infrastructure practice and effective incident response handling techniques. Figure 12.3, shows the main web page of these groups(www.staysafeonline.org)

Figure 12. 3: National Cyber Security Alliance (NCSA) (www.staysafeonline.org)

Early Warning and Public Outreach

In the United States, the following organizations are responsible to provide the technical support and rise up the public awareness of cybersecurity issues:

1. CERT Coordination Center, Carnegie Mellon (http://www.cert.org/): this Centre is supported by the federal government to develop research and innovations and coordinate the efforts of CERT teams )

2. US Computer Emergency Response Team (US-CERT): established at the University Of Garage Mellon to prevent cybercrimes and provide advanced technical support and respond in emergencies;

Figure 12.4: The main Web page of the United States Computer Emergency Response Team (Source:www.us-cert.gov)

3. Federal Bureau of Investigation (FBI): FBI is responsible by the role of Law to investigate cybercrimes:

4. OnGuardOnline.gov (www.onguardonline.gov) this website is supported by research centers and large companies to raise the public awareness about protecting private data.

5. Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) (http://ics-cert.us-cert.gov/): this center provides advanced technical support on cybersecurity of the industrial systems.

Figure 12.5: the main webpage of the OnGuardOnline (Source: www.onguardonline.gov/‎)

Figure 12.6: the main webpage of the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) (Source: http://ics-cert.us-cert.gov/)

6. The Defence Cyber Crime Center (DC3): figure 12.7 shows the main webpage (http://www.dtic.mil) this center has three labs:

• Defence Computer Forensics Laboratory (DCFL): this lab responsibilities include investigation of cybercrimes and research and development.
• Defence Cyber Investigations Training Academy (DCITA): this academy provides advanced training in all aspects of cybersecurity
• Defence Cyber Crime Institute (DCCI): responsible to carry out advanced research and support the innovations.

Figure 12.7: the main webpage of the Defense Cyber Crime Center (DC3) (Source :www.dtic.mil)

Child Online Protection (COP)

The United States realize and recognize the importance of the child protections in the cyberspace from the early days. Thus, the government legislate may Laws in this regards:

• Children's Online Privacy Protection Act (1998): this act obligate websites to store child privacy data. [175].
• Children's Internet Protection Act(2000): this act obligate schools and public libraries to deploy technical security tools to control child navigation in the internet [176]
• Protecting Children in the 21st Century (2007 ): this act is complimentary to the 2000 child protection act which give further right to the educational institutes to control children in the cyberspace [177, 178]

There are also many organizations that provide valuable material on the internet to increase the public awareness about risk online in the cyberspace; one of these important organizations is the National Center for missing and Exploited Children (http://www.missingkids.com/home) figure12.8, the main web page.

Figure 12.8 the main centre webpage of the National Center for missing and Exploited Children (Source: http://www.missingkids.com)

Laws and Legislations

Given the large influence of information and communications technology revolution to the daily life of people, from the early age of this great revolution US government realize and understand the importance of the regulation of this sector. Today, in the US, the most important Laws related to the information and communications sectors can be summarized as follows:

• Federal Advisory Committee Act (FACA) of 1972 [179].: this Law defines and regulates the information sharing between the government sectors.
• Computer Fraud and Abuse Act (CFAA) 1986:
• computer misuse act 1986 and modified in 1994 and 2007 respectively to accommodate new cybercrime [180].
• Executive Order 13010 to establish critical infrastructures protection [181].
• SA PATRIOT Act of 2001: this Law authorizes the FBI to investigate cybercrime, access private information if needed. Although there is a lot of problems associated with this Law, president Obama renew this Law in 2011 for 4 years [182] [183].
• Executive Order 13228; EO 13228, 2001 to establish the department of Homeland Security s and Homeland Security council[184].
• Executive Order 13231 of October 16، 2001 to protect critical infrastructures based on information system [185].
• Homeland Security Act 2002: this Law gives the right to the Homeland Security to access large amount of private data :
• Freedom of Information Act (FOIA): This Law exclude critical infrastructure operators form publishing [186].
• Terrorism Risk Insurance Act 2002 (modified and updated in 2005 and 2007 respectively) this Law identifying the amount of money can be paid back by the insurance company back to the user if there is an attack [187]
• Adam Walsh Child Protection and Safety Act 2007 [188].