Cybersecurity Directives and Laws Report (Assessment)

What was PDD-63 signed by President Clinton and how did it set the pace for cybersecurity directives and future laws?

Presidential Decision Directive 63 (PDD-63), also titled “Combating Terrorism”, was the document that identified the unconventional methods of attack that might be used against the nation, assessed the danger of cyberattacks, and the need for preparation. This directive paved the way for future measures against cybercrimes and laid the groundwork for more cooperation between the public and private organizations, in pursuit of national security (McGowan, 2013).2. Describe how the Patriot Act dealt with cybersecurity.

The Patriot Act maintained that law enforcement in collaboration with national security should be able to use every technological development of the 21^st century to prevent threats (Eastton & Taylor, 2011). The Patriot Act addressed the threat of cyber terrorism by enabling surveillance of online communications and Web use, as well as ordering the creation of Electronic Crimes Taskforce, which would focus on investigating cybercrimes (Aspects of Cyberterrosim Covered by the Patriot Act, 2006).

Describe the National Strategy for the Physical Protection of Critical Infrastructures and Key Assets and how it attempts to protect cyber assets.

The purpose of this document was to create and develop the guiding principles for improving the protection of the nation’s critical infrastructures and key assets by reducing their vulnerability to physical attacks from terrorists. The document presented cyber systems as part of these critical infrastructures (Department of Homeland Security, 2003). As part of the initiative, it meant that integrated risk modeling would be conducted to study vulnerabilities as well as the consequences of an attack on these systems. Finally, the information systems and networks were to be assessed and identified in order to better understand the full scope of the dangers.

What is PPD-21 and how does it fit into the protection of cyber assets in the United States?

PPD-21 is a Presidential Decision Directive issued in 2013 by President Barack Obama, titled “Critical Infrastructure Security and Resilience”. It is a cybersecurity executive order that redefined the organizations and companies “where a cybersecurity incident could reasonably result in catastrophic regional or national effects on public health or safety, economic security, or national security”, and include them as a part of the US, in order to mitigate the threat of cyber attacks and improve responses (Exec. Order No. 13636, 2013).

List and briefly describe the 16 critical industry infrastructures.

The critical infrastructure sectors according to PPD-21 are (Critical Infrastructure Sectors, 2013):

• Chemical Security (mostly privately-owned companies, includes basic and specialty chemicals, agricultural chemical, pharmaceutical, and consumer products industry segments).
• Commercial Facilities Sector (includes industries involved in shopping, entertainment, business, and accommodation).
• Communications Sector (is especially important, as it is an enabling factor for all other infrastructure sectors).
• Critical Manufacturing Sector (this sector is responsible for metals manufacturing, machinery that is used in other sectors, electrical equipment manufacture, and transportation production).
• Dams Sector (damn maintenance and proper function).
• Defense Industrial Base Sector (research and development, as well as production and maintenance of military equipment).
• Emergency Services Sector (includes all services that save lives, property, and environment, and help communities and individuals to recover from disasters and emergencies).
• Energy Sector (provides the energy supply for the economy to function properly)
• Financial Services Sector (includes organizations like banks, credit unions, investors, etc).
• Food and Agriculture Sector
• Government Facilities Sector (includes a wide variety of federal, state, local, and tribal owned organizations, which provide services critical to effective functioning of the state).
• Healthcare and Public Health Sector (plays a vital role in maintenance of public health, and in dealing with the outcomes of terrorist acts, disease outbreaks, and other disasters).
• Information Technology Sector (similarly to communications is vital for intercollaboration of different sectors and their functioning, but is also a source of potential dangers which need to be assessed).
• Nuclear Reactors, Materials, and Waste Sector (includes industries which use nuclear power).
• Transportation Systems Sector (transportation of goods and people inside and outside the state).
• Water and Wastewater Systems Sector (a vital sector, which need protection to ensure public health, and most human activities).

How do the specific sectors work with each other to provide cyber security?

Information Technology Sector, Government Facilities Sector, and Communications Sector work tightly together to provide cybersecurity by eliminating all identify and eliminate cyber vulnerabilities and, together with the other sectors, maintain effective and up-to-date facilities for threat prevention, as well as share information critical to the sector’s safety (Whitman & Mattord, 2011).

References

Aspects of Cyberterrosim Covered by the Patriot Act. (2006). Web.

Critical Infrastructure Sectors. (2013). Web.

Department of Homeland Security, (2003). The National Strategy for the Physical Protection of Critical Infrastructures and Key Assets. Web.

Eastton, C., & Taylor, J. (2011). Computer Crime, Investigation, and the Law Boston, MA: Course Technology, Cengage Learning.

Exec. Order No. 13636, 3 C.F.R. (2013).

McGowan, M. L. (2013). 15 Years After Presidential Decision Directive (PDD) 63. Web.

Whitman, M. E., & Mattord, H. (2011). Reading & Cases in Information Security: Law & Ethics, Boston, MA: Course Technology, Cengage Learning.