Homeland Security Cyber Security

Homeland Security Cyber Security

Introduction

The terrorist act of September 11, 2001, was a wake call for the Americans. It reminded Americans that the America soil was no longer safe and secure from terror attacks. The emotional devastation and anguish from this horrific event demanded something to be done to deter the occurrence of such tragedy in future. As a result, President George Walker together with his cabinet hatched the idea of the establishment of the Department of Homeland Security. The department was established to work in collaboration with federal agencies and state governments to detect, prepare, protect, respond and recover from any terrorist attacks or threats in the American soil (Gillen, & Morrison, 2015). Since its inception, the department of homeland security has ensured that the United States is free from terrorist attack and threats. Through encouraging specialization, departmentalization and centralization homeland security has been able to secure ports, airlines as well as connecting dots in the bid to combat terrorism.

Nevertheless, although a lot of efforts have been put in place to ensure processes with the Homeland Security run efficiently and effectively, the issue of information technology has not been taken care effectively. Ideally, the daily lives of the Americans, the economic vitality, as well as the overall national security,  depend on a stable, safe and resilient cyberspace. When the cyberspace and the underlying infrastructure are vulnerable to physical and cyber threats, the security of the nation is said to be at a standstill. Many, terrorists and other people interested in jeopardizing the security of the Americans usually exploits vulnerabilities in information technology systems to steal data that is used to disrupt, destroy, as well as threaten the delivery of essential services.

In a bid to ensure that cyberspace is kept secure, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Information Security Management Act 15 were established. The latter aimed to focus on improve and strengthen the Department’s security systems towards the establishment of secure cyberspace. The CISA, on the other hand, was established to help in building a national capacity capable of defending against cyber attacks. Besides, it was to help the Department of Homeland Security to work collaboratively with the Federal government to provide cybersecurity tools as well as response services and assessment capabilities for safeguarding government information system networks. The establishment of these two acts is proof that the Department of Homeland security has put efforts to secure information system networks at the national level.  However, recent studies indicate that some Cyber Security is still an issue and bug concern within the Homeland security community. Tremendous weaknesses in the IT manager with the department have been noted.

Problems Associated With Information Technology Management

According to Schwalbe (2015), a myriad of challenges is affecting the processes of Homeland security towards securing cyberspace. The most common challenges that have been noted which are associated with poor IT management include network security issues, cloud confusion, and hardware and software issue. Too much paperwork in a world where technology is the order of the day has also been noted as an undoing to Homeland security. These challenges together put the Department of Homeland security and other federal government security network systems at the risk of being hacked. When a security system is hacked, it puts the department in the risk of massive data loss. Data backup is an aspect that the department has compromised. Failure to put up proper procedures and strategies within the next few years will jeopardize not only the security of the federal government information systems but also the overall national security.

Sylves (2014) observes that the problem with the Department of Homeland security is not a failure to backup data through the newest available technological techniques. Instead, the primary problem is failing to reach optimal. Not having optimal measures to backup data within the department jeopardizes the national security in cases of system failure, natural disasters, or human mistakes. Failure to backup data gives terrorists an avenue to steal critical data which they use to plan attacks. The other notable challenge with the Department’s information technology management is the issue of managing documents. The Department of Homeland Security is a complex department. In this regards, it required to have software and hardware supported by the newest technologies. According to Sylves (2014), this has not always been the case within the department. The software run by the Department of Homeland security has been noted to allow vulnerabilities (Sylves, 2014).

Evaluating cybersecurity future across computer networks

Is cybersecurity headed in the right direction? This is a question which is running in the headlines of the mass media and news platforms in the United States.  Cybercrime is spreading at a fast rate due to the growing need for the use of computers and escalation in the number of social media users (Carlton & Levy 2015). It has become challenging for security agencies to halt this vice because the perpetrators hide their identity and take advantage of the anonymity. This kind of trend coupled with other reasons makes it very hard to net down criminals. This essay seeks to answer the question about the future of cybercrimes in the US and other nations who cannot survive without the use of computer networks (Collins, 2016).

Cybersecurity generally surrounds safeguarding the computer network from unauthorized infiltration into the systems which may tamper with the integrity of the stored data; via manipulation or even total loss. The larger the size of the network the more significant the security issues (Abubakar et al., 2015). Extensive systems grapple with more security attacks than the smaller ones. This is because their vulnerable points also increase, and can be accessed by intruders.  Moreover, networks with many users imply the use of many passwords. As a result, a computer hacker can try to infiltrate to as many places as possible.

There are different forms of cybercrimes that the Department of Homeland Security is concerned with. The first is phishing, which is defined as the attempt by the unscrupulous individuals to illegally obtain confidential or financial data from the users of the internet, usually through emails that seem like real and emanating from a credible source (Staheli et al., 2014). Typically the mail may appear to be original but has a link that leads to an illegitimate website which replicates the true one. The second is identity theft, which occurs when unscrupulous people steal your private data intending to open new accounts, buy property, rent, and file taxes using your credentials. The third firm cybercrime is hacking. According to (Fisher, 2014), a hacker is a person who uses his or her skills in breaching defences and exploiting any form of weakness within a system of computers. The last form of cybercrime that the Department of Homeland Security is concerned with is cyber terrorism. Cyber terrorism is defined as a premeditated, politically instigated attack contrary to computer systems, information, computer programs or data which cause violence in contrast to clandestine agents, sub-national groups or competitor targets (Kostopoulos, 2017).

Cyber insecurity incidences

One of the significant cases that can be cited regarding insecurity across computer networks is the issue of theft in a government institution and other financial institutions. In contemporary society, government and other financial institutions account holders have faced the hacking of their accounts by people who hid their identity.  These kinds of criminals succeed in the stealing through the installation of programs with viruses in the systems of the bank to ensure that the networks are corrupted for them to steal large data and sums of money (Zhang et al., 2015).

Besides, private data theft is another case of cyber insecurity. In this instance, cybercriminals steal confidential data so that they may use it to conduct other illegal business dealings. People need to be extremely cautious about the security of their data stored within computer systems. Furthermore, biometric machines can offer the best solution for this insecurity case. Computer security engineers can make sure that proper verification is done on all individuals who are entering a particular computer network. In this way, they will be able to counter any imminent interference to private and confidential data within their systems (Kostopoulos, 2017)).

Legal constraints to the combating of cybercrime

Kostopoulos, (2017) Argues that the battle against cybercrime has been a tough one and might be harder if not well dressed. The judicial service in the US has tried to combat this vice, but their labour bore fewer fruits. When there seems to be a law that prevents the perpetuation of the crime, people continue to learn more about how to hide their anonymity to make the legal mechanisms appear ineffective in handling the cybercrime cases. The US has been grappling with the following constraints regarding the elimination of cybercrime.

The issue of curbing cybercrime is not a one agency thing. It requires collaborated efforts from all the government agencies. However, it is not all government agencies within the United States states that are willing to collaborate in warding off cybercrime. Some of the government agencies do not face a massive burden regarding this vice as others. That is why they leave the ones negatively affected suffering alone. Furthermore, there are limited resources and incentives to drive away cybercrime in other government agencies. These reasons among others bring about the lack of cooperation registered in dealing with cybercrime within the United States (Staheli et al., 2014).

Moreover, the edicts, processes and procedures are entirely different concerning combating crime. This means that there is a big challenge in dealing with cybercrime.  The victims of this vice who are organizations, companies and individuals do not get the right explanation they deserve after being aggrieved by cybercriminals.

The future of   cybersecurity at stake

If the issue of cyberbullying, insecurity and terrorism is not addressed amicably within the shortest period, the following risks are imminent: There is likely to be increased and rampant government involvement in dealing with the problem of cybercrimes (Kostopoulos 2017). The government through the Department of Homeland Security is mandated and obliged to safeguard businesses, people and organizations security. Cybercrime is increasing rapidly globally. Therefore there are high chances that the government involvement will be high in the future in combating this vice. The more the technology is increasing and getting sophisticated, the more engineers are coming up with strong security measures (Selby 2017). Hackers, on the other hand, are getting updated about the engineers’ developments. Thus, they tirelessly work to pull down the instituted measures of cybersecurity. This means that hacktivism will escalate with technological advancement.

Recommendations to the Department of Homeland Security

Eliminating cybercrime is not a walk in the park. Nevertheless, it can be done. To counter cybercrime, an organization requires an educated and well-trained workforce to deal with the issue. Cybersecurity has become one of the major global issues and concerns. A computer science specialization in cybersecurity is imperative for any person with the interest of tackling cyberbullying. It should be understood that this issue does not involve mere phishing, identity theft or physical attack on computer networks or individuals; it affects large scale computer networks like those of state security or government. The attack on the cybersecurity of the military of a nation, for instance, can jeopardize the efforts of defending the nation against terrorist attacks. This is because the terror groups can identify the areas of weakness in the security organs of a state then decide to plan a series of attacks that kill many people (Collins 2016). Cybersecurity has become a very necessary infrastructure and acts as the backbone of the vital state organs and ministries, economy, and security among others. It is for this reason that biometric machines are essential in identifying any person entering a particular computer network. This kind of computerized identification scans fingerprints, iris, and voice among other things to gauge the real identity of a person. Biometric machines reduce the probability of a cyber-criminal intrusion into a computer network.

Before delving into this aspect of curing the cybercrime disease, it is important to note that measures proposed in this paper cannot be operationalized without the development of a credible local framework of investigating cybercrimes (Zhang et al., 2015). Again proper education about cybercrime reporting should be enhanced such that the burden of evidence is not left in the hands of the aggrieved party, but credible state organizations will do it for them.-meaning that their job will only be reporting incidences of cyberbullying. The following are the methods that can be used by the Department of Homeland Security for averting cybercrimes.

Passing international law which bars cybercrime

There is no existing law regarding investigating and apprehending international cybercriminals. Mostly it has been that when they commit a certain evil like hacktivism, they run to countries whose law cushions them, this has been the major challenge in addressing the menace of cybercrime (Abubakar et al., 2015). Passing international law will make sure no single criminal escapes the hooks of the law. This will also ensure true justice is granted the offended people or organizations.

Avoiding and elimination of suspicious and weak links respectively

Organisations and citizens at large should be advised to avoid following any unknown link when using computers (Kott et al., 2015). Otherwise, they end up being misdirected by cybercriminals, hence the loss of their data. Besides, the weak links to the penetration of hackers and information phishers should be eliminated. This move will ensure that there is no loophole created to allow cybercriminals to access computer infrastructure or the data thereof.

Installation of Data Filters

Data filters should be fitted in the computer network to block any doubtful and unknown information from a suspicious hacker (Zhang et al., 2015).

Firewalls, biometric control and strong passwords

Selby (2017) states that biometric controls, use of strong passwords and firewalls should not be ignored. The utilization of firewalls and passwords has proved easy to manipulate. The latter actually can be fetched from a computer after a person excuses himself for a short nature call; hence, jeopardizing his or her digital data. With this in mind, people ought to be extremely cautious while dealing with computer systems and networks to safeguard their information integrity.

The following measures should be used by the Department of Homeland Security managing its information security systems.

Encryption of all confidential information and shredding them before they are disposed of: It might be difficult to prevent data leakage through ARP table poisoning perfectly (Shu et al., 2016). This is the reason why data encryption will be effective since it will prevent data spoofs from reading the encrypted information.  To read the encrypted files, they must have a secret code for decrypting which they will not have access. It is without doubts that data encryption does not provide security for data at all times but also maintains data integrity and protection of privacy. Once the data has been encrypted, hackers and spoofs will not be able to get the information they seek which they might need for malicious usage. This will help the company to safeguard anonymity as well as privacy. As a result, there will be reduced opportunities for surveillance by hackers. The only drawback with this measure is that, once the secret code or the password is forgotten, the company may not be able to recover the data (Bays et al., 2015).

Installing antivirus software into the network system: Antivirus software is readily available in the market and at an affordable price. The company will need to spend little money to acquire this software and keep their network secure. By installing antivirus software in the computer network system, the company will reap the benefits of not only protection from viruses, spam, and hackers but also the benefit of restoration of corrupted data, as well as extended life of the computer networks. While implementing this countermeasure, the company needs to be aware of the fact that antivirus software slows down the computer network (Bays et al., 2015).

Keeping websites certificates up to date: The company has the human resources that are well able to conduct a regular inspection of the websites. This means that the company will not struggle in maintain their websites secure to help in eliminating the threat of phishing.  By keeping websites certificates up to date, it will ensure that the company’s website data will be safe from third-party hacking or interception. Besides, trust and data integrity will be ensured. This will be made possible by ensuring that the interaction between the web browser and the servers is intact.

Developing strong access control policies such as role-based access control and biometric identification system: By the fact that the threat of weak access control emanates from inside the company, using this countermeasure will be effective regarding ease of control of the personnel within the company. Such a measure will be of substantial importance in secretly having an eye on the staff and encouraging them to own their success. By restricting network access based on an individual’s role, this countermeasure helps to reduce administrative work and information technology support which in turn strengthens the security of the network system (Zhang et al., 2015). Additionally, this countermeasure will maximize operational efficiency and improve compliance.

Conclusion

Department of Homeland has done considerably well in combating terrorism in the United States. Through encouraging specialization, departmentalization and centralization homeland security has been able to secure ports, airlines as well as connecting dots in the bid to combat terrorism. Nevertheless, with the world technologically advancing easily, Homeland security community has not been able to address the issue of CyberSecurity comprehensively.  On the same breath, cybercrimes are increasing terribly. The addressing of this challenge has been complicated. For instance, the legal mechanisms and laws do not adequately prove person guilt due to lack of credible proof of him or her having done the vice. Again, no international law eliminates jurisdictional constraints concerning the netting of cybercriminals. Nevertheless, cybercrime can be reduced through the use of Firewalls, biometric control and strong passwords; elimination of suspicious data links; avoiding and elimination of suspicious and weak links; passing international law which bars cybercrime, and installation of filters in the computer network.

 

References

Abubakar, A. I., Chiroma, H., Muaz, S. A., & Ila, L. B. (2015). A review of the advances in cybersecurity benchmark datasets for evaluating data-driven based intrusion detection      systems. Procedia Computer Science, 62, 221-227.

Bays, L. R., Oliveira, R. R., Barcellos, M. P., Gaspary, L. P., & Madeira, E. R. M. (2015).            Virtual network security: threats, countermeasures, and challenges. Journal of       Internet           Services and Applications, 6(1), 1

Carlton, M., & Levy, Y. (2015, April). Expert assessment of the top platform independent cybersecurity skills for non-IT professionals. In SoutheastCon 2015 (pp. 1-6). IEEE.

Collins, A. (2016). Contemporary security studies. Oxford university press.

Fischer, E. A. (2015). Federal laws relating to cybersecurity: Overview of major issues, current laws, and proposed legislation. Congressional Research Service, 7(5700), 6-12.

Kostopoulos, G. (2017). Cyberspace and cybersecurity. Auerbach Publications.

Kott, A., Alberts, D. S., & Wang, C. (2015). Will cybersecurity dictate the outcome of future  wars?. IEEE Computer, 48(12), 98-101.

Selby, J. (2017). Data localization laws: trade barriers or legitimate responses to cybersecurity risks, or both?. International Journal of Law and Information Technology, 25(3), 213-232.

Shu, Z., Wan, J., Li, D., Lin, J., Vasilakos, A. V., & Imran, M. (2016). Security in software-defined networking: Threats and Countermeasures. Mobile           Networks and      Applications, 21(5), 764-776.

Staheli, D., Yu, T., Crouser, R. J., Damodaran, S., Nam, K., O’Gwynn, D., … & Harrison, L.         (2015). Visualisation evaluation for cybersecurity: Trends and future directions. In         Proceedings of the Eleventh Workshop on Visualization for Cyber Security (pp. 49-56).            ACM.

Zhang, Y., Wang, L., Xiang, Y., & Ten, C. W. (2015). Power system reliability evaluation with           SCADA cybersecurity considerations. IEEE Transactions on Smart Grid, 6(4), 1707-          1721.

Zhang, Z. K., Cho, M. C. Y., & Shieh, S. (2015, April). Emerging security threats and countermeasures in IoT. In Proceedings of the 10th ACM Symposium on             Information,    Computer and Communications Security (pp. 1-6) ACM.