Cyber Security

1. Examine the National Initiative for Cyber Security Education and describe the initiative. The National Institute of Standards and Technology (NIST) is leading the NICE initiative, comprised of over 20 federal departments and agencies, to ensure coordination, cooperation, focus, public engagement, technology transfer and sustainability.

The mission of NICE is to enhance the overall cyber security posture of the United States by accelerating 15 the availability of educational and training resources designed to improve the cyber behavior, skills, and 16 knowledge of every segment of the population, enabling a safer cyberspace for all. The vision of NICE is a secure digital nation capable of advancing America’s economic prosperity and 19 national security in the 21st century through innovative cyber security education, training, and awareness on a grand scale.

NICE will achieve this vision through the implementation of three goals: 1. Raise awareness among the American public about the risks of online activities. 2. Broaden the pool of skilled workers capable of supporting a cyber-secure nation. 3. Develop and maintain an unrivaled, globally competitive cyber security workforce.

2. Assess the value of the NICE framework. Discuss the importance of this framework in regard to the security profession and individual organizations.

After assessing the value of the NICE framework, I can conclude the following important framework in regard to the security profession and individual organization: The critical infrastructure – such as the electricity grid, financial sector, and transportation networks that sustain our way of life – has suffered repeated cyber intrusions, and cyber-crime has increased dramatically over the last decade. The President has thus made cyber security an Administration priority.

When the President released his Cyberspace Policy Review almost two years ago, he declared that the “cyber threat is one of the most serious economic and national security challenges we face as a nation.” To protect and defend the nation’s digital information and infrastructure, the United States must encourage cyber security competence across the nation and build an agile, highly skilled workforce capable of responding to a dynamic and rapidly developing array of threats.

Purpose

The NICE Strategic Plan identifies goals and objectives that will contribute to the realization of a cyber-50 secure public and a globally competitive cyber security workforce. NICE Goals

1. Raise awareness among the American public about the risks of online activities. 2. Broaden the pool of skilled workers capable of supporting a cyber-secure nation. 3. Develop and maintain an unrivaled, globally competitive cyber security workforce.

3. Suggest three (3) examples that illustrate the importance of the National Initiative for Cyber Security Education initiative. The importance of the cyber security education initiative is crucial. The critical infrastructure such as the electricity grid, financial sector, and transportation networks that 38 sustain our way of life.

•Electric Grid
•Financial Sector
•Transportation

The expected outcomes of this initiative and NICE partnerships: NICE Partnerships

Stakeholders have a special connection to NICE and are interested in how the initiative will affect them. Many NICE stakeholders are already actively involved in planning, administering, and deploying activities that support the goals of the initiative. These efforts, as well as many others, are critical to the effective implementation of NICE. It is critical; therefore, that partnerships with active stakeholders be promoted and that new partnerships be established to forge working relationships, leverage efforts across the nation, and maximize the impact of stakeholder activities. The partnerships contribute directly to the NICE goals and objectives through integrated educational, awareness, and workforce development activities.

4. Describe the expected outcomes of this initiative.
The goals and objectives of this initiative include:
•Increase public awareness of cyber security risks
•Responsible use of the Internet
•Cyber security as a career path

The plan is to develop the next generation of cyber security workers and encourage interest in science, technology, engineering and mathematic (STEM) disciplines. All of these career options will help train the next generation of utility employees, including those with the aptitude to work on smart grid related issues.

5. Evaluate how organizations can implement the NICE framework to prevent internal and external attacks. Only in the universal adoption of the National Cyber security Workforce Framework can we ensure our nation’s enduring capability to prevent and defend against an ever-increasing threat. Therefore, it is imperative that organizations in the public, private, and academic sectors begin using the Framework’s lexicon (labels and definitions) as soon as possible. The Framework is at the core of this vital capability as it enables all organizations to describe their cyber security work and workforces with an unprecedented level of consistency, detail, and quality.

It is only with this understanding that organizations can analyze and explain the factors and dynamics that influence the workforce and work requirements. This in turn supports maturing to a predictive model that will anticipate requirements, gaps, needs, and other critical strategic and operational workforce issues. NICE developed the National Cyber security Workforce Framework (the Framework) to codify cyber security work and to identify the specialty areas of cyber security professionals.

6. Determine how the NICE framework addresses the legal and ethical issues in the field of information security. Laws on computer crime need to address all these situations. As we know, computers maybe stolen or they may be damaged. In these cases they will be considered tangible property, and their value will be sought. However, what is about the value of the data on the computer? Breaking in to someone’s house and stealing is considered burglary. However how should unauthorized access to computer systems be handled? Not only could someone steal valuable data, they could also use the machine to gain access to other trusted machines.

Computer systems may be used to develop destructive code for viruses and Trojans that could cause widespread damage to other systems. Computers hold valuable information, the misuse of which could aid in a number of other crimes such as fraud, identity theft etc. There is also the issue of copyrights and illegal use of software programs. Computer related laws and statutes have a direct effect on computer security. They determine how computer security intrusions should be handled and investigated, and what kind of evidence is required in order to prosecute perpetrators. Very often security policies will be based on the kinds of laws available, since due diligence and due care form an important part of today’s legal systems.

×