Threat to US National Security, and Possible Response

The main threat faced by US national security is cyber threats. The main policy recommendation for cyber threats is that the government should work with invested partners to integrate everyone on the cyber-attack issues. The success in the fight of cyber-attacks requires a joint effort of the state and all other organizations and citizens to ensure that they are cyber-secure. Cyber threats have been an issue for US security for a long time, as argued by (Homeland Security, 8). Homeland security report confirms that cyber-attacks are classified first under the significant threats to the US in 2020.

In addition to confirmation of cyber-attacks as the primary threat facing the US national security from the Homeland report, the current world is more digital. Critical government information is stored and can be retrieved online. Most of the financial services and even labor forces have data online. When the wrong personnel accesses such data, they can be utilized against a nation. The Homeland security report also claims that cyberattacks might deny the citizens a right to their democratic processes by negatively impacting the election processes. Cyber-attacks have the possibility of acquiring critical government information and even launch cyber wars on the nation. Such can cause negative impacts and instability in the government. Therefore, there is a need to focus more efforts on processes that might help mitigate possibilities for cyber-attacks.

Despite the threats that the government is facing from cyber-attacks, confirmed through the Homeland Security report, Dotty (344) claims that people often point to the cybersecurity risk as a means of futurize threat to the polity. Dotty further claims that most of the cybersecurity risks mentioned are always imaginary ad fictionalization to create a climate of fear. Such fear often leads to people taking actions to mitigate the risks, which might end up being beneficial to some companies. However, for the case of the US, such is not true. The Homeland Security report (8) mentions the viability of cyber-attacks to the US from other states, while Bobric (18) outlines various attacks in the past from different actors.

According to Amir, Shai, and Tsafrir (1200), cybercrime is not easy to persecute or investigate. Different countries have varying laws against cybercrime, which makes it even harder to get to the perpetrators. Amir et al. (1178) also claim that cybercrime has not been a priority for a long time in most economies worldwide. There are no laws that guide the cyber-attacks issues since the initial planners never foresaw issues of importance. Therefore, while focusing on cyber-attacks issues, there is a need to realize the diversity of cybercrime laws across the world and governments’ limitations in the same process. The US government also lacks enough ability to defend itself against cyber-attacks, as other nations’ cyber capabilities still overpower them. The assertion is confirmed through various attacks that the US has had, which proves their vulnerability. Bobric (18) outlines such attacks, including; Iranian attack on Wall Street, Sony Pictures hack by North Korea, the cyber thefts of intellectual and personal properties by China, and Russian interference with the US elections in 2016.

 

Policy Alternatives for the US on Cyber-attacks issue

The main policy alternatives for the US on the cyber-attacks issues are as detailed below;

Raising Awareness Through Public Outreach Campaigns

Most people fall victim to cybersecurity due to a lack of knowledge of dealing with the issue (Bobric, 23). Some of the cases that awareness can help in cyber-attacks are advising individuals to stop opening mail they do not trust, which might be phishing. With the Coronavirus’ advent, phishing emails can be utilized as click baits with topics about Coronavirus. For instance, emails can be sent with topics that prompt individuals to click and learn more about the virus. In such instances, they fall victim to phishing, and their machines are attacked. Sufficient awareness will require informing and teaching people how to deal with the cyber-attacks issue. Despite the bare knowledge of threats of cyber-attacks, the government should consider teaching the citizens ways of dealing with the attacks, such can be achieved through seminars, and even inclusion in the curriculum.

From the Homeland Security Report, the government has already approved cyber-attacks as a major threat to the security of the US. Such should make them focus on channeling funds to the cause of raising awareness. It is the responsibility of all the citizens to fight cyber-attacks, as everyone is the victim. The main challenge that the policy alternative will face is how the whole country can be educated on policy issues. The efforts might not manage to reach everyone, and many resources might also be required for the process. The best way forward to deal with the challenge is to incorporate the awareness in the curriculum, where students will be taught of cybersecurity while still at school, regardless of their course or profession. Such will raise a nation that is fully aware of cybersecurity.

Working with Invested Partners

Cyber-attacks do not just negatively impact the government but are also detrimental to corporations. It is the government’s responsibility to ensure that they come up with effective means of ensuring they jointly deal with the cyber-attacks. The government should engage in a joint effort with other interested organizations to ensure they improve detection capabilities, preventing, mitigating, and responding to cyberattacks at different levels. Such will involve a call for all interested organizations on cyber security to join efforts in coming up with best methods of dealing with the issue. The responsible government agency will coordinate the process, and work together with the engaged corporations to enhance cybersecurity. Through a corporation with other organizations and partners who wish to invest in the process, the government can effectively address cyber-attacks.

The corporations will also help the government formulate means to address the available gaps and coordinate law enforcement measures on the issues that deal with cyber-attacks. Such can be achieved through seminars regularly carried to ensure that cyber-attacks are discussed, investigated, and possible to mitigate. Working through invested partners should focus on creating a community that enhances the processes of dealing with cyber-attacks in all measures. Such a process will positively impact national economic security and all efforts in creating a safe cyberspace. However, the government might find a challenge in ensuring that all the invested partners work together for the same purpose. Through the Homeland Security Department, a vetting of all the organizations should be carried to ensure that all the involved organizations have the same aim.

Strengthening of the National Cyber Response Plan

Bobric (19) argued that the previous planners and developers had little concern on cyber-security issues, as they less anticipated the same. As outlined before, the growth of cyber-attacks even in the US government leads to the need for serious mitigation of the attacks. The implementation of the National Cyber Incidence Response Plan in 2014 was an effective means of enhancing planning by the government for cyber-attacks (Bobric, 20). The National Cyber Response Plan has always focused on ensuring that the government is always prepared at all costs. However, the focus should be on strengthening the plan to ensure that the government protects all the entities in the country. The plan should also focus on engaging all the available stakeholders in the issue of cyber-attacks, to enhance its effectiveness in case of any form of attack.

Pros and Cons of the Policy alternatives

Raising Awareness Through Public Outreach Campaigns

The main advantage of raising awareness is creation of enthusiasm and support among people to deal with the cybersecurity issue. Raising awareness will also help to mobilize action, local knowledge and resources towards the fight of cyber-attacks. However, raising awareness might pose a challenge to reach to all the citizens. Therefore, such efforts can be directed to inclusion of the cybersecurity issues to the school curriculums, to ensure that every child grows with knowledge of cybersecurity and possible attacks.

Working with Invested Partners

The main advantage of working with invested partners is the access of diverse knowledge, skills, and experiences in dealing with cyber-attacks. The process will also have enough funding from the partners in creation of possible means of mitigating the cyber-attacks challenges. However, working with invested partners might pose a challenge on potential differences and conflicts among the partners. Such can be mitigated through effective partnership agreements, and vetting of the essential partners for the process.

Strengthening of the National Cyber Response Plan

The main advantage of strengthening the National Cyber Response Plan is enhancing its effectiveness on the fight of cyber-attacks. However, the efforts might be futile with the challenges from the Cybersecurity and Infrastructure Security Agency (CISA). The efforts might diminish the work of CISA, as they were responsible for formation of the National Cyber Response Plan. Therefore, CISA should be responsible in such policy issue.

Recommendations on a Policy Alternative

The main policy recommendation for US is to focus mainly on working with invested partners, with aim on integrating everyone involved in the cyber-attack issues. Currently, there are various efforts around the outlined policy alternatives in the US government. However, the efforts are not fully directed towards ensuring the full protection of the US against cyber-attacks. The choice on working with invested partners is from the realization that cyber-attacks does not just affect the government. Everyone is negatively affected by organizations, states, territorial agencies, and even the community at large. It is the government’s responsibility to integrate all the entities that face a threat from cyber-attack and corporate to develop effective means of dealing with the attacks and issues negatively affecting them. The corporation of all stakeholders will help reduce the chances of cyber-attack.

Policy Implementation

The main policy recommendation is the ability of government to work with invested partners to integrate everyone in the cyber attacks issue. Most of the organizations already have various policy formations from within, which helps them fight the cyber-attacks. The major aim of the government is to come up with a joint effort in the fight, and offer protection for the most vulnerable entities that might not manage to effectively control the issues on cyber-attacks. After the congress approval of the policy, the implementation will rely on two main agencies, United States Departments of Homeland Security, and the CISA.

The policy will broaden the scope of both CISA and the Homeland Security Department. The functions of CISA is to work with the government departments in building national capacity against cyber-attacks. Through the policy, CISA will have to work with more organizations who will identify as the invested partners. The aspect of broadening its scope of service might be challenging due to availability resources, and the identification of the exact partners. The implementation of National Cyber Incidence Response Plan might also cause conflict of its functions with CISA. The Homeland Security might lack clarity on the operations guidelines towards their input in the policy implementation.

A smooth policy implementation process will require a situation where all the barriers are effectively mitigated. CISA should be responsible strengthening the duties of the National Cyber Incidence Response Plan, to avoid possibilities of any conflict. The government should also channel enough funding for the policy implementation through the Congress approval. The Homeland Security Department can help CISA in the process through identification of possible invested partners from the government’s records. The department can also ensure that all the partners in the project are not a threat to the cybersecurity through adequate background checks from their databases. The participation of CISA and the Homeland Security Department in the policy implementation should be clear, and the two agencies work hand-in-hand to the end.