CMP 620 University of Maryland Global Campus Cybersecurity Awareness Summary
Step 1: Cybercrime Awareness Before you can begin preparing for the upcoming report, you must understand the basics of how the legal systems in the United States deal with cybercrime and how organizations comply with laws, regulations, and policies. Complete the Cybercrime Awareness eLearning module to get an overview of the US legal and justice systems, followed by a discussion of cybercrime, cyberterrorism, prevention, deterrence, investigative authorities, general compliance, cybersecurity laws, regulations, policies, standards, and guidelines. While completing the module, answer the following questions: What is the relationship between criminal and civil court systems as they apply to cybersecurity policy? What is compliance? What can US organizations do to comply with regulations? What policies and technologies can be used to address regulatory issues? How can US organizations monitor compliance with cybersecurity policies and relevant regulatory requirements? List the laws and regulations mentioned in the module. List information security strategies, plans, policies, and procedures mentioned in the module that can be used to reduce regulatory risk. You will use these answers to write your summary in the next step. Step 2: Write the Cybercrime Awareness Summary Using the notes, you took on the Cybercrime Awareness module in the last step, write a one- to two-page summary. You may use your own insights; however, each of the following items must be briefly discussed: What is the relationship between criminal and civil court systems as they apply to cybersecurity policy? What is compliance? What can US organizations do to comply with regulatory issues? What policies and technologies can be used to address regulations? How can US organizations monitor compliance with cybersecurity policies and relevant regulatory requirements? List the laws and regulations mentioned in the module. List information security strategies, plans, policies, and procedures mentioned in the module that can be used to reduce regulatory risk. Submit your summary for feedback. Step 3: Research the Background of the CFAA Now that you have an overview of cybercrime awareness and how organizations can comply with laws and regulations and reduce regulatory risk, you are ready to look more closely at specific statutes. Begin by researching the current version of the Computer Fraud and Abuse Act (CFAA). Your research will provide the basis for your analysis in the next step. Your analysis will include: background of the CFAA examples of how the CFAA might positively address the general misuse of computer systems and reduce computer crime examples of abuses and overreaching by the government in applying the law discussion of how effective the CFAA is in protecting organizations from cyberattacks Step 4: Write the CFAA Analysis After completing your research on the Computer Fraud and Abuse Act, write a one-to-two-page analysis of the statute and its effectiveness. This analysis will be Exhibit A for the final assignment. Include in your analysis: A background of the CFAA examples of how the CFAA might positively address the general misuse of computer systems and reduce computer crime examples of abuses and overreaching by the government in applying the law discussion of how effective the CFAA is in protecting organizations from cyberattacks Submit your written analysis for feedback. Step 5: Identify State Statutes Now that you have analyzed the federal statute addressing computer fraud and abuse, you will identify computer crime statutes, or Computer Fraud and Abuse Act state clones from three different states. Note and review these statutes carefully as you will use them in the following step. Step 6: Computer Crime Comparison Table Now that you have identified CFAA clones from at least three states, you will compare and contrast them with one another and the CFAA. Be sure to include specific vulnerabilities that the statutes are intended to address regarding computer access. Document your conclusions in the first section of the Computer Crime Comparison Table titled "Statute Comparisons." This table will aid you in developing your solutions. Submit your table for feedback. Step 7: Research State Case Judicial Opinion So far in this project, you have familiarized yourself with cybercrime and laws that were written to protect against cybercrime. In this step, you will determine how effective you believe these statutes to be. Identify at least one actual use case for each state as well as for the CFAA to acquaint yourself with how well state/CFAA laws have been implemented. Continue to complete the Computer Crime Comparison Table that you began in Step 6. Document your conclusions in Section 2, Actual Cases. Submit your table for feedback. Step 8: Document New Developments You have increased your awareness of cybercrime and the measures that are taken to address it. You have analyzed the CFAA and compared similar state statutes. You are almost ready to begin developing your recommendations to amend the CFAA, but first, you will need to explore recent developments. Review and note developments in national and international laws, regulations, policies, and ethics as they relate to cybersecurity. Also, identify new developments in current legislative and regulatory processes as they apply to cybersecurity policy. These developments should be referenced in your oral statement. Step 9: Summarize and Develop Your Solutions In order to develop recommendations to include in your presentation, you must first prepare your solutions. Summarize your recommended solutions ranked in order of "must implement," "highly recommended," and "generally recommended." You will use this solutions summary to develop your recommendations in your oral statement. These solutions will be the focus of your oral statement. Step 10: How to Write an Oral Statement to Congress Now that you have developed your solutions, you are ready to create a draft of your oral statement. To get started, complete the following: Review best practices for preparing an oral statement to a Congressional committee or other policy-making body or public forum. For more tips on how to deliver an oral statement to a congressional committee, consult Delivering an Oral Statement for guidance. Create a two-to-three-page written draft of your statement. Reference the CFAA and at least one state statute. Reference new developments in cybersecurity governance and legislative and regulatory processes. Submit your draft to your instructor for feedback. Step 11: Present Written and Oral Versions of Statement Now that you have a draft of your written statement, it is time to finalize it in order to prepare for your oral statement. Be sure to incorporate any feedback your instructor provided into the final version. Your goal in delivering this statement is to educate Congress on the implications this legislation will have on your industry. It is important that your statement is clear, concise, and demonstrates your knowledge of the issues. Submit your two-to-three-page written statement with the following attached as appendices: Cybercrime Awareness Summary, Computer Fraud and Abuse Act Analysis, and Computer Crime Comparison Table. The appendices do not contribute to the length of the written statement.