X

Thank you for sharing!

Your article was successfully shared with the contacts you provided.
The National Infrastructure Protection Center (NIPC) in February issued a public advisory to heighten awareness of an increase in global hacking activities resulting from the growing tensions between the United States and Iraq. According to NIPC, during times of increased international tension, illegal Internet activities escalate. Against this backdrop, the White House has issued a report titled “The National Strategy to Secure Cyberspace” to provide a framework to protect the Internet. According to President Bush’s cover memorandum to the report, “the policy of the United States is to protect against the debilitating disruption of the operation of information systems for critical infrastructures, and, thereby, help to protect the people, economy and national security of the United States.” Thus, President Bush declares that “we must act to reduce our vulnerabilities to these threats before they can be exploited to damage the cybersystems supporting our Nation’s critical infrastructures and ensure that such disruptions of cyberspace are infrequent, of minimal duration, manageable and cause the least damage possible.” The report goes on to articulate five national priorities, and for each such priority, action items are recommended. Whether these action items will be followed, and if so, whether they will effectively protect the Internet, remain to be seen. Interestingly, the report toward the outset notes that “the private sector is best equipped and structured to respond to an evolving cyber threat.” Thus, “a federal role … is only justified when the benefits of intervention outweigh the associated costs.” Query whether private industry, in these crippling economic times, will step forward and spend money to ward off cyberattacks? Companies may do this if they perceive that their own vital functions may be disabled by such attacks. NATIONAL PRIORITIES FOR CYBERSPACE The report identifies five national priorities. The first national priority is a “National Cyberspace Security Response System” to allow “rapid identification, information exchange and remediation … [to] mitigate the damage caused by malicious cyberspace activity.” Eight action items are set forth: establishing architecture for responding to “national-level” cyberincidents, developing analyses of cyberattacks and vulnerability assessments, encouraging private sector consideration of the “health” of cyberspace, expanding cyberwarnings in coordinating crisis management, improving national incident management, coordinating voluntary participation in contingency plans, exercising cybersecurity plans for federal systems, and improving public-private sharing of information regarding cyberattacks, threats and vulnerabilities. The report states that “privacy and civil liberties must be protected in the process,” but how this will happen is not spelled out in a meaningful way. The second national priority is a “National Cyberspace Security Threat and Vulnerability Reduction Program.” In broad fashion, eight action items are provided to reduce threats and related vulnerabilities: enhancing law enforcement’s ability to prevent and prosecute cyberspace attacks, creating national vulnerability assessments, securing the Internet by improving protocols and routing, fostering the use of trusted digital systems, reducing and remediating software weaknesses, improving physical security of cybersystems and securing emerging systems. The third national priority is a “National Cyberspace Security Awareness and Training Program.” Four action items are stated to improve awareness, education and training: promoting a comprehensive national awareness program to empower all Americans “to secure their own parts of cyberspace,” fostering adequate training and education programs, increasing the efficiency of existing of federal training programs and promoting private sector support for professional cybersecurity certifications. The fourth national priority is “Securing Governments’ Cyberspace.” Here, the report correctly notes that while the government administers only a minority of the critical infrastructure systems in the United States, the government nevertheless performs essential services in vital areas such as agriculture, food, water, public health, emergency services, defense, social welfare, information and telecommunications, energy, transportation, banking and finance, chemicals, and postal and shipping. Accordingly, five action items are set forth: continuously assessing threats and vulnerabilities to federal cybersystems, maintaining authorized users of federal cybersystems, securing federal wireless local area networks, improving security in government outsourcing and procurement and encouraging local governments to establish information technology security programs. The fifth and last national priority is “National Security and International Cyberspace Security Cooperation.” To be most safe, the report is quite right in stating that there must be a system of international cooperation to facilitate information sharing, to reduce vulnerabilities, and to deter and prosecute malicious actors. Indeed, cyberattacks can come from practically any geographic location, whether inside our outside the United States. Six action items are provided: strengthening cyber-related counterintelligence efforts, improving attack attribution and response, facilitating dialogue and partnerships among international public and private sectors, establishing national and international watch-and-warning networks to detect and prevent cyberattacks and encouraging other countries to accede to the Council of Europe Convention on Cybercrime or to ensure that their laws are at least as comprehensive. MOVING FORWARD The United States, as well as other countries, have come to depend on the Internet for mission-critical and vital life functions. Plainly, serious disruptions in cyberspace could wreak terrible havoc in many areas of our lives. Thus, efforts to secure and protect the Internet are worthwhile, whether or not the United States is experiencing tensions with Iraq. The tensions with Iraq today could become tensions with another country later. Even without tensions with another sovereign state, the Internet remains vulnerable to attacks from terrorist groups and others bent on cybercrime. But as with most things ambitious, the devil is in the details. Protecting civil liberties is one of those details that must not be overlooked or dealt with inadequately. Plus, relying primarily on private industry to get the job done may not lead to a sufficiently organized and coordinated effort. Still, hope springs eternal. Ideally, major attacks on the Internet will not happen. But if they do occur, let’s cross our fingers that sufficient protections will have been put in place in advance. Eric Sinrod is a partner in the San Francisco office of Duane Morris ( www.duanemorris.com), where he focuses on litigation matters of various types, including information technology disputes. Mr. Sinrod’s Web site is www.sinrodlaw.com, and he can be reached at [email protected]. To receive a weekly e-mail link to Mr. Sinrod’s columns, please type Subscribe in the subject line of an e-mail to be sent to [email protected]. If you are interested in submitting an article to law.com, please click herefor our submission guidelines.

This content has been archived. It is available exclusively through our partner LexisNexis®.

To view this content, please continue to Lexis Advance®.

Not a Lexis Advance® Subscriber? Subscribe Now

Why am I seeing this?

LexisNexis® is now the exclusive third party online distributor of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® customers will be able to access and use ALM's content by subscribing to the LexisNexis® services via Lexis Advance®. This includes content from the National Law Journal®, The American Lawyer®, Law Technology News®, The New York Law Journal® and Corporate Counsel®, as well as ALM's other newspapers, directories, legal treatises, published and unpublished court opinions, and other sources of legal information.

ALM's content plays a significant role in your work and research, and now through this alliance LexisNexis® will bring you access to an even more comprehensive collection of legal content.

For questions call 1-877-256-2472 or contact us at [email protected]

 
 

ALM Legal Publication Newsletters

Sign Up Today and Never Miss Another Story.

As part of your digital membership, you can sign up for an unlimited number of a wide range of complimentary newsletters. Visit your My Account page to make your selections. Get the timely legal news and critical analysis you cannot afford to miss. Tailored just for you. In your inbox. Every day.

Copyright © 2020 ALM Media Properties, LLC. All Rights Reserved.