Cybersecurity Strategy, Law and Policy

User Generated

oyrffvat

Computer Science

Description

Instructions

The Chief Technology Officer (CTO) has indicated that your organization has been requested by the National Security Council (NSC) to comment on the upcoming National Cybersecurity Strategy. The NSC has asked for specific recommendations as it relates to the next cybersecurity strategy, private / public partnerships, and comments on how specific technologies should be incorporated into the assessment.

The CTO has asked you to lead a group of experts to provide the organizational input. The specific questions you must respond to are provided below.

  • Review the General Data Protection Regulation (GDPR) proposed by the European Commission (EU). It includes many provisions and arguably strengthen data protection for individuals within the EU. It even includes the right to be forgotten. The United States does not have a similar regulation. There have only been a few regulations implemented related to US citizens private data, which include medical and financial industries. Some argue implementing regulation such as GDPR in the United States would hinder innovation. They contend that the End User License Agreements (EULA) provide sufficient protections and allow the citizens to make the choice of what is and is not shared. As a private sector organization do you believe that an equivalent to GDPR should or should not be implemented in the United States.
      • Use additional sources as needed and be sure to critically analyze the questions, addressing the pros and cons in your proposal.
      • Use visuals where appropriate.
  • The Department of Defense (DoD) Cyber Strategy discusses the protection of critical infrastructure and the homeland. What does that mean to private organizations such as yourself? If the majority of critical infrastructure in the United States is owned by the private sector, what responsibility does the DoD have in this regard? Some would argue our laws are outdated and thus the DoD has little authority to assist. Others would argue our laws were purposely established such that the private sector would defend itself and not need assistance from the military. Obviously, for the DoD to assist they would need the private organizations data. Said another way, they would need your data as a private citizen/customer of that organization. Those that believe our laws need to be updated argue giving up privacy for protection is legitimate. Others will argue that we should not give private information of citizens to the government for any reason. As a citizen would you feel comfortable with this? As a private organization, would you feel comfortable giving information that may contain your customers private data to the DoD? Is there a third solution (middle ground) you would propose that enables privacy but also enables cybersecurity?
    • Use additional sources as needed and be sure to critically analyze the questions, addressing the pros and cons in your proposal.
    • Use visuals where appropriate.
    Make sure you clearly address the following questions
    1. General Data Protection Regulation (GDPR) by the EU Analysis
    a.) As a private sector organization do you believe that an equivalent to GDPR should or should not be implemented in the United States?
    1. Department of Defense (DoD) Cyber Strategy Analysis
    a.) Cyber Strategy discusses the protection of critical infrastructure and the homeland. What does that mean to private organizations such as yourself? b.) If the majority of critical infrastructure in the United States is owned by the private sector, what responsibility does the DoD have in this regard? c.) As a private organization, would you feel comfortable giving information that may contain your customers’ private data to the DoD? d.) Is there a third solution (middle ground) you would propose that enables privacy but also enables cybersecurity?

User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

Attached.

Surname 1

Student’s Name
Professor’s name
Course code
Date
Cybersecurity Strategy, Law and Policy
General Data Protection Regulation (GDPR) by the EU Analysis
General Data Protection Regulation, also referred to as GDPR, are rules that have been
developed to give citizens, European Union (EU) citizens to be precise, more control on the
collection, usage, and movement of their personal information (Voigt & Axel, 56). The GDPR
took effect this year on 25th May and various companies and nations have already started working
on adopting these established of rules. However, they have been arguments on whether or not the
US should implement the GDPR. Before I give my opinion, I am first going to explain what GDPR
entails, its pros and cons.
What does GDPR entail?
As mentioned earlier, they are rules meant to give EU customers and citizens more control
over concerning their personal data. The personal data in question include names of individuals,
their addresses and pictures. GDPR requires that the consumers and citizens’ data collected be as
minimal as possible. Irrelevant data should be deleted. Also, there must be consent before any data
is collected, processed and used. GDPR has also given consumers the rights to force websites
search engines to delete or rather delist particular information. This is in conformity with the right
to be forgotten (Voigt & Axel, 115).

Surname 2

Consumers have also been given an authority to export their personal information and those who
will expose and misuse their information will face heavy fines and penalties. GDPR...

Similar Content

Related Tags