Cyber Security Information Sharing Act 2015 Coursework (Coursework Sample)

Cyber Security Information Sharing Act 2015
Name
Class
November 14, 2016
Introduction
The Cyber Security Information Sharing Act of 2015 was legislation generated in response to the knowledge that Internet use is becoming increasingly important in daily life. As such, there is a need for Internet activities to be policed to the extent that governments are able to offer protections to their users. Currently, people suffer at the hands of a range of cyber attacks that are designed to steal money, compromise information, or damage people’s computers. By enhancing the screening of computer activities, it will be possible for the government to track the individuals responsible for these harmful actions, and to hold them accountable for them.[(Kazan 2016)]
Individuals who support the Cyber Security Information Sharing Act of 2015 that allowing the government to take control of some aspects of Internet security will be helpful because the government has the ability to have the greatest oversight over the actions of their citizens on Internet networks. However, some opponents of this act liken it to government spying, and are concerned that the government will use this act as an excuse to gain information from members of the citizenry without their permission. In addition, opponents of the act also believe that government intervention means that private businesses that currently attempt to safeguard the Internet from cyber attacks will not receive the same kind of business, and therefore experience harm by this legislation. However, it is important to emphasize that at the present time, modern businesses have not implemented security solutions that are deemed efficient at a large scale, which is why the federal government intervened to provide aid to Internet users across the country.
This act was first proposed to the U.S. Senate on July 10, 2014, and passed more than a year later on October 27, 2015. This act is the first of its kind because it intends to police Internet activity, which many people had argued was an ongoing need since the inception of the Internet. Since the Internet is now connected to many aspects of our lives, including our homes, telephones, cars, and more, it is imperative that we approach this technology in a manner that maximizes safety. This can only be accomplished by supporting the implementation of the Cyber Security Information Sharing Act of 2015 because this legislation was designed to ensure our protection as we use the Internet.[(Mitchell and Examiner 2016)]
Opposing Views
Special Interest Groups
Many special interest groups and stakeholders have varied opinions about the Cyber Security Information Sharing Act of 2015 due to the different implications that this act will have on their regular practices. The major opponent of this legislation includes both small and large businesses. These organizations include telecommunications companies, in addition to mainstream social media companies including Twitter, Yelp, and Reddit. However, not all business organizations are opposed to the presence of this legislation, and some indicated that this act would help their industry. In particular, the Software Alliance wrote a letter to the Senate to request that the bill be brought up for debate, which indicates that at first, many technology companies did support the bill. Interestingly, many technology companies do support cyber threat sharing legislation because this will make it safer for consumers to use their own products, but many businesses do not support Cyber Security Information Sharing Act of 2015 because they do not approve of all aspects of the content that it contains.[(Greenberg 2016)]
Government Officials
Government officials in the Senate were largely in support of the Cyber Security Information Sharing Act of 2015, and this is apparent because approval was present across party lines. Senators Dianne Feinstein (D-CA) and Richard Burr (R-NC) were the two individuals who fought for the passage of this act. However, the decision to pass the Cyber Security Information Sharing Act of 2015 was not unanimous, as many other well-known politicians, including Rand Paul (R-KY) and Bernie Sanders (I-VT) opposed this legislation. Furthermore, when the Cyber Security Information Sharing Act of 2015 was being debated as a bill, the Department of Homeland Security demonstrated support for it. However, this opinion changed because the wording of the bill was changed such that the Department of Homeland Security would not be the only government agency receiving data from Internet monitoring. To eliminate the department’s access to the private information of its users, it recently initiated the Privacy Impact Assessment, which allows it to filter the information that it receives more readily.[(Mitchell and Examiner 2016)] [(Park 2015)]
Civil Liberty Organizations
Civil liberty groups were largely against the Cyber Security Information Sharing Act of 2015, and were shocked when this legislation passed in the Senate. These organizations believe that this legislation will be used to conduct surveillance on the citizenry, rather than effectively protect them. Thus, an important concern is that the Cyber Security Information Sharing Act of 2015 will reduce Internet privacy because the government will be aware how private citizens are using these features. However, it is also important to consider that legislation that is similar has been passed in the United Kingdom, and that many other countries recognize the importance of regulating Internet activity and crime.
Provisions of the Act
This legislation enabled companies to allow monitoring programs on their information systems, in addition to including other forms of defense that will allow them to more effectively determine the source of the infiltration. Ultimately, many organizations wanted to participate in this type of activity in the past, but they did not do so because they feared that they would be subject to liability under the Electronic Communications Privacy Act. Thus, the Cyber Security Information Sharing Act of 2015 was drafted in a manner that would prevent companies from being punished for protecting themselves against these potential invasions.
There are several actions that a company is now permitted to take under the Cyber Security Information Sharing Act of 2015 that will allow them to protect themselves from cyber attacks. In particular, these companies are now authorized to monitor their own party’s system, in addition to the systems held by their users in order to protect themselves. This is a valuable move because users must agree to this monitoring in many instances to be able to use a particular system. While many people are worried that companies will be able to simply access their data whenever wanted, this is not true. Instead, consent is simply needed to use given website or information portal. Individuals who do not agree with these terms of use do not need to use the site. Ultimately, the Cyber Security Information Sharing Act of 2015 indicates that companies will not be taken to court as a result of this action.
In addition, as companies monitor their threats, they will be permitted to share these threats with the government. This will allow threats that some companies detect to be managed at a greater level. When certain users and access sources are associated with a greater degree of negative activity compared to the average user, reporting this data to the government for investigation will allow other companies and individuals to be protected against these attacks. In particular, the Cyber Security Information Sharing Act of 2015 indicates that cyber threat indicators and defensive measures could be reported to the government for purposes of cybersecurity. Cyber threat indicators will help the government determine the information that is necessary to identify the threat, including the type of threat, its source, and any additional information that the company has about this topic. A defensive measure includes a description of the action that was taken to prevent the cyber attack, but companies are unable to harm third parties in their attempt to keep their own information private.[(Fransen, Smulders and Kerkdijk 2015)]
Companies are required to protect the information that they share with the government to an extent based on the wording of the Cyber Security Information Sharing Act of 2015. In particular, data must be scrubbed before sharing. This means that any information that does not specifically pertain to the attack should be removed to restore a sense of privacy to the user. The government does not want companies to share the personal data of an individual, unless this information could be potentially used to stop a cyber crime or catch an individual who is accountable for this action.
In order for companies to be provided with legal protection according to Cyber Security Information Sharing Act of 2015, all information sharing must be performed in the manner indicated in this legislation. Sharing and reporting of cyber security breaches is no longer relevant when these companies fail to take the acts necessary to protect the personal data that is associated with cyber attack information. In particular, this legislation indicates that a process coined by the DHS must be used by these companies to obtain protection from liability concerning these acts. Furthermore, companies that intend to share information concerning these attacks with their local governments are able to do so as well, but they do not need to specifically apply for these liability privileges.
Several pieces of legislation have been put into place to regulate this practice more effectively. In particular, the Cyber Security Informatio...