Cybersecurity in the United States Essay (Critical Writing)

Introduction: Proposal

Research Question

National security is a complicated phenomenon that relies on many aspects, and cybersecurity is among them. People tend to spend more time online because communication, financial transactions, and other operations can be performed on the Internet. This information means that these individuals are subject to different threats and risks in this area because they store, manage, and transform personal data online. Simultaneously, various governmental, financial, healthcare, and other organizations also go online, which denotes that their data and operations can also be targets of cybercrime activities. That is why the late 20^th century witnessed as the first cybercrime legislation pieces appeared to govern the sphere under analysis (Lukings & Lashkari, 2022). Thus, there is no doubt that the Internet, cybersecurity, and appropriate legislation are critical phenomena in the modern world, which justifies the presence of many articles and studies focusing on the topic.

As a rule, the problem of cybersecurity is considered an external threat. For example, the infamous scandal in the United States occurred in 2016, when the Russian cyberattacks affected the 2016 US presidential election (Lawson & Middleton, 2019). However, little attention is drawn to whether internal processes contribute to the problem, but it is possible to expect that these events and phenomena are also impactful. In particular, one can suggest that the President’s actions can influence the issue. Thus, the current research project is going to address the following question: Is there a significant connection between the US President’s approach to cybersecurity and the actual presence of the given phenomenon? Based on the question, one can develop an effective hypothesis or thesis statement. Thus, the President’s more aggressive approach to fight against the problem leads to a higher rather than lower prevalence of cybercrimes.

Design

In an attempt to answer the research question and test the hypothesis, one should implement an appropriate scientific design. It seems that a qualitative methodology should be used because it allows for arriving at reasonable conclusions without performing any mathematical calculations and using statistics. As for a design, a systematic literature review is a suitable option because this approach offers many advantages. In particular, one should clarify that this design is used “to identify and retrieve international evidence that is relevant to a particular question or questions and to appraise and synthesize the results of this search” (Munn et al., 2018, p. 2). In other words, this approach helps researchers identify and summarize qualitative data that will help answer research questions and test hypotheses.

When it comes to a systematic literature review, a significant question is what information sources are used because the quality and reliability of data are of crucial importance. The given research paper focuses on three types of information sources. Firstly, evidence is extracted from timely books and published scholarly articles since they represent expert opinions regarding the selected topic. Secondly, Internet resources offer valuable information because online studies, news articles, and expert organizations’ reports provide readers with an overview of acute issues and commentaries on what these events mean. Thirdly, the literature review section deals with secondary analysis of federal legislation pieces and executive orders. That approach was chosen because primary analysis of these documents would be time and effort-consuming, and the given research paper does not attempt to perform a comprehensive overview of legislation pieces.

Literature Review

The given section is going to present synthesized findings regarding the topic under analysis. All the data is grouped under different subheadings for increased ease of reading and understanding. The first subsection comments on the issue of cybercrimes and offers their definition. The US cybercrime legislation overview is the central point of the second subsection, and significant attention is also drawn to the laws passed during the Trump’s and Biden’s offices. This information is necessary to understand whether the presidents approached cybercrimes differently.

Defining Cybercrimes

At present, it is challenging to find an exhaustive definition that would comprehensively describe what cybercrime is. This statement denotes that different scholars, experts, and organizations can offer slightly or significantly different definitions. For the purposes of this paper, specific wording should be used. According to Schreider (2020), “cybercrime is a criminal act in which computer-based equipment, automated services, or communications mechanism is either the object or the means of perpetrating legal or regulatory restricted or prohibited offenses” (p. 18). In addition to that, it is reasonable to state that specific actions are considered cybercrimes. For example, they include electronic theft, cyberbullying, data breach, hacking, blackmail, espionage, and many others (Lukings & Lashkari, 2022). These literature findings are sufficient for readers to understand what cybercrimes are and what examples of this misbehavior exist in the present world.

US Cybersecurity Legislation Overview

As has been mentioned, cybercrimes became a significant issue for society in the late 20^th century. That is why it is not surprising that the first legislation pieces started appearing at that time to regulate this new sphere. The Privacy Act of 1974 is the first “foundational legislation governing federal government use of personal information” (Lukings & Lashkari, 2022, p. 110). However, one should admit that this law only referred to the federal government, meaning that no attention was drawn to regulate the sphere of cybersecurity in other spheres. In addition to that, the Computer Fraud and Abuse Act appeared in 1986 as criminal law and civil statute to allow for compensation and other reliefs to people suffering from misbehavior using computers (Lukings & Lashkari, 2022). This information demonstrates that American policymakers made specific attempts to regulate the online sphere.

Since the Privacy Act of 1974 only governed the federal government performance, additional sector-specific regulations were created in the late 20^th-early 21^st centuries. Firstly, the 1996 Health Insurance Portability and Accountability Act (HIPAA) was adopted to ensure that healthcare organizations and professionals take specific measures to ensure that patients’ personal data is protected in the online sphere (Agarwal, 2018). Secondly, the Gramm-Leach-Bliley Act (GLBA) was passed in 1999 to ensure that financial institutions safeguarded customers’ sensitive data and explained their information-sharing practices to clients (Lukings & Lashkari, 2022). Thirdly, the 2002 Homeland Security Act included the Federal Information Security Management Act (FISMA) that made every government agency follow particular information security procedures (Lukings & Lashkari, 2022). These regulations were developed to ensure that responsible agencies contributed to safety in cyberspace.

In addition to that, a few federal laws were passed for the same purpose. For example, the Cybersecurity Enhancement Act of 2014 provided an ongoing public-private partnership to facilitate cybersecurity and make the online environment safer for ordinary citizens (Agarwal, 2018). Furthermore, the Federal Exchange Data Breach Notification Act of 2015 explains how health insurance agencies should act if their clients’ personal information is subject to cybercrime activities (Agarwal, 2018). These findings reveal that the US government made numerous efforts to address cybersecurity.

The following step of the given literature review is to focus on how Donald Trump approached the issue of cybercrimes. At this point, it is reasonable to highlight that Trump’s presidency began with a cybersecurity threat because Russian cyberattacks accompanied the 2016 election (Lawson & Middleton, 2019). That is why it is not surprising that President Trump followed an aggressive approach toward establishing cybersecurity in the United States. His administration’s tactics was so decisive that it became known as the “Madman Theory” offense-oriented approach (Boussios, 2020). For example, Trump issued Executive Order 13800, Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure, to clarify possible responses in the face of intensifying cybersecurity threats (Cybersecurity & Infrastructure Security Agency, 2020). One should admit that this proactive strategy is associated with significant drawbacks, and the following discussion will focus on it.

Now, it is possible to show findings demonstrating inefficiencies of Trump’s approach. Sufficient evidence demonstrates that the Trump administration used cybersecurity legislation to impose sanctions against specific individuals and groups that were accused of having connections with Russian spies (Claussen, 2020). It is possible to claim that this fact is an example of how individuals faced discrimination. In addition to that, Trump’s desire to protect Americans from cybercrimes made his administration impose strict regulations that often threatened democracy and limited freedom on the Internet (Fidler, 2020). These findings reveal that the online environment witnessed many limitations during Trump’s rule.

In 2020, Joseph Biden came to office and changed the nation’s approach to cybersecurity. In contrast to his predecessor, Biden focused on defending human rights in the cybersecurity area (Mhajne, 2021). That decision was necessary because Trump’s administration crossed the line in taking preemptive actions to protect the citizens from cyber threats. One should admit that Biden signed the Executive Order on Improving the Nation’s Cybersecurity to “make cybersecurity recommendations after a significant cyber incident” (Smith, 2021, p. 266). This information demonstrates that Biden’s administration changed its approach and relied on defensive actions in managing and maintaining cybersecurity. In addition to this, it is necessary to conclude that Biden decided to adopt a strategy of deterrence, while retaliation was considered a possible and even justified departure from soft policies (Yoo & Stradner, 2022). According to these findings, one can state that Biden used a distinct approach to cybersecurity.

Conclusion

In conclusion, the paper has demonstrated that the issue of cybersecurity in the United States deservedly obtains much scientific attention. The first laws to govern the area emerged in the late 20^th century, meaning that this legislation sphere has witnessed much development up to now. The literature review section has also demonstrated that Donald Trump and Joseph Biden, with their administrations, followed different approaches to ensuring cybersecurity. Trump was hyper-aggressive in preventing potential cyber threats, while his successor relied on soft principles of governing. While it is evident that the Presidents’ approaches are different, the remaining part of the paper should consider how and whether the prevalence of cybercrimes differed during Trump’s and Biden’s terms in office. This information is expected to demonstrate that Trump’s approach was less efficient because it was associated with a higher prevalence of cybercrimes.

References

Agarwal, H. (2018). A glance at the United States cyber security laws. Appknox. Web.

Boussios, E. G. (2020). Hacking back: Trump’s ‘madman theory’ approach to cybersecurity. Journal of Applied Security Research, 16(4), 514-525. Web.

Claussen, K. (2020). Routledge handbook of international cybersecurity. Routledge.

Cybersecurity & Infrastructure Security Agency. (2020). Executive order on strengthening the cybersecurity of federal networks and critical infrastructure. Web.

Fidler, D. P. (2020). President Trump’s legacy on cyberspace policy. Council on Foreign Relations. Web.

Lawson, S., & Middleton, M. K. (2019). Cyber Pearl Harbor: Analogy, fear, and the framing of cyber security threats in the United States, 1991-2016. First Monday. Web.

Lukings, M., & Lashkari, A. H. (2022). Understanding cybersecurity law and digital privacy: A common law perspective. Springer Nature.

Mhajne, A. (2021). A human rights approach to US cybersecurity strategy. Carnegie Council for Ethics and International Affairs. Web.

Munn, Z., Peters, M. D., Stern, C., Tufanaru, C., McArthur, A., & Aromataris, E. (2018). Systematic review or scoping review? Guidance for authors when choosing between a systematic or scoping review approach. BMC Medical Research Methodology, 18(1), 1-7. Web.

Schreider, T. (2020). Cybersecurity law, standards, and regulations (2^nd ed.). Rothstein Publishing.

Smith, D. C. (2021). Cybersecurity in the energy sector: Are we really prepared? Journal of Energy & Natural Resources Law, 39(3), 265-270.

Yoo, J., & Stradner, I. (2022). The best defense… State-sponsored cybercrime costs billions and endangers national security. When will President Biden finally do something about it? Hoover Digest, (1), 135-138.