Running head: IT 1

History, Legal Perspective and Future Threats of Cyber Security

Student’s Name

Institutional Affiliation
IT 2

Contents
Introduction.................................................................................................................................................3
Historical Reference point of Cyber Security...............................................................................................3
1960’s Era of Credential Protection.............................................................................................................4
1980’s Internet Boom and Start of Cyber Security Threats.........................................................................4
Clamping down the Cyber Security Threats.................................................................................................5
Increase in Cyber Security Threat at a Public Level.....................................................................................5
Critical Infrastructure Protection.................................................................................................................6
Infrastructure Sectors Comprising the Part of CIP.......................................................................................6
Importance of CIP........................................................................................................................................7
Challenges to the Framework of CIP............................................................................................................7
Cyber Intelligence and Conflict....................................................................................................................8
Understanding the Criticality of the Cyber Intelligence...............................................................................8
Cyber Intelligence and Conflict....................................................................................................................9
How Cyber Intelligence is going to be leading to resolve the Conflict.........................................................9
Legal Issues in the Cyber Security..............................................................................................................10
How to Mitigate Policy Challenges in Cyber Security................................................................................10
Other Pitfalls to Avoid...............................................................................................................................11
Future Threats in Cyber Security...............................................................................................................12
Increased Vulnerability of the Cloud Systems...........................................................................................12
AI Enhancement and Fuzzing.....................................................................................................................13
Machine Learning Infringement................................................................................................................13
Conclusion.................................................................................................................................................13
IT 3

History, Legal Perspective and Future Threats of Cyber Security

Introduction

Cyber security is something that has become an important part of the organizational risk

management and information systems these days. As the number of cyber threats increasing, it

has become important for the business to make sure that it takes the necessary measures to make

sure that they take care of their information system infrastructure and develop adequate cyber

security measures so that they are able to mitigate the risks that are witnessed to their systems.

As the big data management has become an important part of the business processes, it has

become important for the business to make sure that they are aware of their responsibilities with

respect to the cyber security management. At a formal level, cyber security is defined as the

process through which an entity tends to protect its computers, servers and other IT infrastructure

from the external cyber security threats. The term has been used in different ways, and it

constitutes of the security management of the network, the applications and the software’s that

are used in the organization and end user data management. Cyber security is something that has

evolved considerably during the course of the last two decades, as legal issues have emerged

with respect to the data management and how mitigation of the future threats is supposed to be

done.

Historical Reference point of Cyber Security

The steady rise of technology started with the advent of personal computers and how

computers become an integral part of the organization security management. With the advent of

internet and networking, there have always been people who have targeted the larger

organizations as well as the personal data of the users for various purposes. As the technology
IT 4

and processes have evolved, there has been change in the extent of the cyber threats as well

during last decade or so. Here it is going to be seen how cyber security protocols have evolved

and what are some of the major reference points in this regard.

1960’s Era of Credential Protection

If one has to pinpoint at the start of the cyber security management, then the major

starting point has to be the password and credential protection. The organizations had started to

use computer more extensively in 1960’s and as the usage increased, they prompted the users to

make sure that how they take care of their credentials. To make sure that it happens, multiple

layers of protection were being initiated with the intent of ensuring that data protection is going

to be made possible. From there it transition to the phase of ARPANET.

1980’s Internet Boom and Start of Cyber Security Threats

It was at the start of 1980’s when the organizing started to use internet for the information

management purpose and one can argue that it was the starting point when cyber security started

to emerge as a major talking point amounts the individuals. With internet, there were new

methods and ways through which hackers and cyber criminals were able to access the users and

they started to adopt new approach to attach the private users and the organizations (Tarter,

2017). During the course of the late 1980’s, when the advent of networking initiated, there was a

major expansion and there was greater connectivity amongst government institutes, military

organizations and even governments as they started to use internet for their communication and

information management (Al-Sartawi, 2020). The early worm’s and viruses were quite harmless

in nature, as they just used to slow down the speed of the internet, but as more valuable data was

being stored on network servers, the cyber criminals started to become nefarious in their

activities and it was the same time period internet was readily available to public (Bada & Nurse,
IT 5

2019). The network security started to emerge as a major threat during the same time period and

the major stakeholders that were using internet had to make sure that they adopt security

measures with respect to how their network infiltration activities are going to be taken care off. It

was during the same time period when the firewalls and antiviruses were being used and these

security privileges were being provided to the masses to make sure that how they would take

care of their personal computer usage as well (Tarter, 2017). The advent of the firewall was a

major reference point was it made sure that how it was able to create some sort of a physical

structure that would make sure that how spreading of the files would be taken care off within the

context of the organization.

Clamping down the Cyber Security Threats

As the data and the information became more sensitive, there was a realization that how

crucial it was to make sure that cyber security threats are being clamped down, and the

organization and governments made sure that how regulations are being developed in this regard.

Serious sentence were being implemented to the criminals that were infiltrating the system.

There was an advancement of the information security and there was evolution as well.

Increase in Cyber Security Threat at a Public Level

As the usage of internet started to become more mainstream, the threat of cybercrimes

started to become more serious. There were attacks on the major servers and organizations such

as NHS, Yahoo and thus there was a realization that users and the organizations are need to be

made more aware of the cyber security threats that are faced by them (Tarter, 2017). As the

hackers and criminals are also the critical infrastructure protection has become an integral part

for the individual as well as the organization wise users these days and how they tend to manage

those issues is an important part of the cyber security management.

IT 6

Critical Infrastructure Protection

The idea of CIP is about how the organization and individuals can make sure that they are

prepared with respect to mitigation of the serious incidents of cybercrime and how the critical

infrastructure of the organization can be saved from a serious threat (Tarter, 2017). It all started

when as per the Presidential Directive, a national program was being setup with the premise of

making sure that how the Critical Infrastructure Protection can be made sure at the end of the

organization (Valeriano & Maness, 2018). The same model was being implemented by some of

the other countries around the world, where the member countries that have signed the charter

are supposed to make sure that they integrate cybercrime laws within their national boundaries

and manage the cyber secure threats at the national level.

Infrastructure Sectors Comprising the Part of CIP

CIP tends to define the organizational responsibilities for various sectors that must adhere

to these protocols. Some of the areas where it is being implemented are as followed.

 Banking and Finance: The department of treasure is entrusted with the responsibility of

making sure that they develop the system for the protection of the information

management system.

 Transportation: The department of Transportation in each of the respective state and

country must make sure that they protect their municipal corporation infrastructure

 Law Enforcement Agencies: It comprises of the intelligence agencies and other LEA’s

that are supposed to make sure that they adhere to the guidelines that are set by

Department of Justice and FBI to make sure that they maintain order when running their

activities (Deka et al, 2018).

IT 7

The CIP protocols though are not limited to those areas though, as more or less all the

governmental departments and areas where public interests are involved must make sure that

they adhere to the cyber security guidelines.

Importance of CIP

The CIP started as something as a watchdog and was considered to be involved in more

of an advisory role, that has changed though with the passage of time, as they have become an

integral part of the systems where pubic interest is involved. One can find out many instances

when the areas of public interests are compromised when it comes to the way infrastructure

management is supposed to be carried out (Srinivas et al, 2019). One of the major impact the

presence of CIP has over the systems and networks that as compared to the past, when they used

to enjoy certain degree of freedom and autonomy with respect to their information systems, with

the adherence of the CIP guidelines, they are more less mandated to make sure that they tend to

follow these protocols with respect to the information management.

Challenges to the Framework of CIP

There are many challenges that are faced when it comes to the creating an infrastructure

that constitutes all the elements of the cyber security that is likely to affect the business. One of

the major starting points is that how the national capability and the organizational resources

might vary from one state to the other and that might create challenges with respect to how the

scaling and cost efficiency is supposed to be done (Srinivas et al, 2019). The other challenge is

that how it is going to be made sure that the broader challenges that are faced at the cyber

security front are going to be managed when it comes to the implementation of these changes

and how organizations are going to be adapting to these changes.

IT 8

Cyber Intelligence and Conflict

As discussed, as the threats that are faced at the individual as well as the institutional

level are increasing, it is important to make sure that not only protection against the current

threats is being made possible, instead a more proactive approach is being developed that looks

at the possible threats that are going to be emerging in the future (Srinivas et al, 2019). The here

is to make sure that how strategy development is going to be made possible in the given era

when there is going to be more focus towards making sure that a more pro-active approach is

developed.

Understanding the Criticality of the Cyber Intelligence

One of the common strategies when it comes to the cyber security strategy and

intelligence is to make sure that the trace of the activity is being found and effort is being made

to mitigate those threats. The starting point here is to make sure that how the digital trail of these

people is being followed and then how the consolidation effort is going to be done to make sure

that the mitigation of these threats would be made possible (Srinivas et al, 2019). Furthermore,

the other objective of the cyber intelligence is to make sure that how the level of awareness

amongst the common user is going to be increased as well as providing institutional insight to the

users so that they are more aware about the extent of the cyber threat and how it is going to be

managed at the first place (Srinivas et al, 2019). The other major aspect of the cyber intelligence

is that how the process of the digital transformation of the data is going to be carried out and how

methods of intelligence is going to be used to ensure that more broader strategy is developed in

this regard.
IT 9

Cyber Intelligence and Conflict

The analysts have predicted that how data and information systems have become an

integral part of the security management and how they are different as to some of the conflicts

that are witnessed in the past. In some ways, the new age is going to be different from anything

that is witnessed in the past and has its own set of challenges. The LEA’s and the intelligence

have dubbed it as a 5th domain of the informational warfare (Srinivas et al, 2019). The possible

point of conflict is that how these threats are going to be mitigated as we intend to move forward

and what are some of the challenges that the businesses have to face with respect to the

management of that conflict (Dupuis, 2017). The biggest challenge in this regard is that how it is

going to be made sure that the force fitting of the cybercrime is going to be managed in the same

time period and how the organizational stakeholders are going to be managing the possible forms

of conflict in the given time period (Srinivas et al, 2019). The other challenge going forward is

going to be the classification of the cyber conflict with respect to the domain.

How Cyber Intelligence is going to be leading to resolve the Conflict

There are many features and quality initiatives that are needed to be taken when it comes

to the cyber initiative so that the interest of all the stakeholders can be taken care off. The

starting point is to make sure that the reporting mechanism that is witnessed at the moment is

needed to be corrected (Demirkan et al, 2020). Effort is needed to be made by the providers to

make sure that the team that is comprised from different disciplines need to work together in a

more coherent manner (Eling, 2018). Furthermore, the chief decision makers need to make sure

that they learn from the team that is working across different disciplines and a more integrated

approach towards decision making has to be developed at their end (Joinson & van Steen, 2018).
IT 10

Then there is a need to make sure that a legal framework is created with respect to the cyber

security issues.

Legal Issues in the Cyber Security

One of the more important aspect is to make sure that a more flexible legal framework is

created that is flexible and takes into account the resource capability of all the stakeholders. One

redeeming quality of the Data Protection Act is that it emphasizes on ensuring that how data

security breaches are supposed to be controlled. It does not imply that all the cyber-attacks are

going to be stopped, because it is something of an impossible task (Demirkan et al, 2020). What

must be done is to make sure that there has to be some accountability with respect to the way

system information security protocols are going to be worked out (Priyadarshini, 2018). The

Data Protection Act that is needed to be implemented at the moment is such that it does not

reprimand the stakeholders in the case of the information security breach, and that process is

needed to be halted.

How to Mitigate Policy Challenges in Cyber Security

The starting point of the policy initiative is to make sure that the correct assessment of the

risk areas is being carried out. The policy must consider the factors that are discussed with

respect to how serious of damage is going to be occurred in the case when cyber security

breaches are going to be occurring. The policy making must keep this factor in mind that policy

management goes beyond the conventional measures of just implementing of implementing the

technical measures; instead there is a need to ensure that the scope of the cyber security is

needed to be defined (Al-Sartawi, 2020). For instance, people are the biggest risks within any

system are the end users who are utilizing that system (Demirkan et al, 2020). In that, the

awareness must be created that the people who are part of the system must be aware of the
IT 11

repercussions that they are going to be facing in event of any violation of cyber security

protocols (Tosh et al, 2017). The policy making at the moment is fixated with providing the

technical answer, but people management is one of the biggest issues and that is one area where

work is needed to be put together (Demirkan et al, 2020). One problem in this regard is that the

policies are made to be overly complicated, and this mistake can be avoided by making sure that

whatever the policies that are being made must be flexible and robust enough to ensure

allowance of all the stakeholders that are part of the system that exists within an organization.

Other Pitfalls to Avoid

The other issue that must be mitigated with respect to the policy making is that must be

made sure that the tick box compliance issues must be avoided as they are part of the overtly

simplistic approach with respect to the policy management (Kovács, 2018). Effort must be made

to make sure that the cyber security must be considered as an issue that is going to comprise of

all the stakeholders that are part of the organization, and it is not related with better management

of the security risks (Schatz et al, 2017). The whole system and organization needs to be made

accountable for any cyber security violations and that allowance must be created with respect to

the risk mitigation and management within an organization. (Carrapico & Barrinha, 2017) For

instance, there is increased emphasis on using the cloud computing solutions, and the common

perception is that it is going to provide a long term solution to the information management

issues that were faced by the organization at the given point of time (Demirkan et al, 2020). The

idea is to make sure that the legal obligations are needed to be shared and the processes are

needed to be defined (Demirkan et al, 2020). The other challenge is that as the internet and social

media revolution has brought increased onslaught of social media marketing and due to that
IT 12

massive usage, it is difficult to ensure that a middle ground can be reached with respect to

mitigation of the long running issues regarding cyber security.

Future Threats in Cyber Security

The severity of the cyber security threats has increased over the course of the past few

years. The data breaches in the areas such as healthcare, education and even crypto currency

means that there is a lot of vigilance and effort that is needed to be put together with respect to

making sure that future cyber security threats can be mitigated (Tosh et al, 2017). The fragile

connectivity system issues and the dependence on the cloud security systems means that

cybercriminals are going to be using ransom ware to damage the prospects of the security system

all around (Lee et al, 2019). Then the pace at which the technology is changing, it has created lot

of issues regarding how the conflicting demands are going to be met and how the compliance

with these long ranging issues is going to be made possible. Some of the future threats that are

going to be faced in the modern information security landscape are as followed.

Increased Vulnerability of the Cloud Systems

The Oracle and KPMG security evaluation has showed that the cloud storage systems in

their current form and state are far from ideal, and there is lot of effort to be made to make sure

that these security threats are mitigated. The problem is that as the enterprises are using the

cloud systems for their advantage, it means that they have to make sure that they adopt their

business practices in accordance to the advance security protocols that are setup by these systems

(Kim, 2017). As more and more businesses and entities might be tempted to use cloud storage

services for their computing solutions, they might be an easy target for the cyber criminals

(Hasan et al, 2021). The large scale organizations like Amazon and Google might be using cloud

security systems to ensure that they look after their cloud security solutions, but for the smaller
IT 13

organizations, it might be a challenge when it comes to how they are going to be making sure

that they are going to be in the position to enhance their current cyber security interface.

AI Enhancement and Fuzzing

Artificial intelligence is one of the more anticipated technological solutions that users are

going to be witnessing. The chances are that AI being integrated in the conventional operations

and systems, manufacturing and supply chain, not much thought and consideration has been put

with respect to how the security challenges that are posed by the AI (De Bruijn & Janssen,

2017). The hackers are going to be using adaptive malicious software’s to make sure that they

improve the prospects of the system, and at the same time (Hasan et al, 2021). AI fuzzing is also

going to be used. AI fuzzing is difficult to detect as it uses some of the more traditional fuzzing

techniques along with the other diagnostic tools to detect vulnerabilities in the system.

Machine Learning Infringement

The hackers are going to be more aware about the machine learning models, and they are

likely to inject machine learning models and instructions to disrupt the system, Most of the

times, the way machine learning model tends to work are that they are being crowd sourced, or

even social media is being used for the same purpose (Eaton et al, 2019). The other modus of this

software is that they use the information that is generated from the user to create malicious

content that can compromise the security of the system and the network that they are using.

Conclusion

In the hindsight, it can be said that the cyber security has become an important element of

the information security system. If one looks at the history, it started with making sure that how

the end credentials of the user can be protected, but with the passage of time, there have been

some changes and with the extensive usage of information technology and internet, the cyber-
IT 14

attacks have increased. One of the challenges that are being faced is that the legal framework that

tends to administer the cyber security is not holding people accountable for the system breaches

that are made by them. The need of the hour is to make sure that a more integrated system could

be developed that could be more all-purpose. With the cloud computing and AI being used at an

extensive level, the cyber-attacks are going to be getting more adaptive.

IT 15

Reference

Al-Sartawi, A. M. M. (2020). Information technology governance and cybersecurity at the board

level. International Journal of Critical Infrastructures, 16(2), 150-161.

Bada, M., & Nurse, J. R. (2019). Developing cybersecurity education and awareness

programmes for small-and medium-sized enterprises (SMEs). Information & Computer

Security.

Carrapico, H., & Barrinha, A. (2017). The EU as a coherent (cyber) security actor?. JCMS:

Journal of Common Market Studies, 55(6), 1254-1272.

De Bruijn, H., & Janssen, M. (2017). Building cybersecurity awareness: The need for evidence-

based framing strategies. Government Information Quarterly, 34(1), 1-7.

Deka, L., Khan, S. M., Chowdhury, M., & Ayres, N. (2018). Transportation cyber-physical

system and its importance for future mobility. In Transportation Cyber-Physical

Systems (pp. 1-20). Elsevier.

Demirkan, S., Demirkan, I., & McKee, A. (2020). Blockchain technology in the future of

business cyber security and accounting. Journal of Management Analytics, 7(2), 189-208.

Dupuis, M. J. (2017). Cyber security for everyone: An introductory course for non-technical

majors. Journal of Cybersecurity Education, Research and Practice, 2017(1), 3.

Eaton, T. V., Grenier, J. H., & Layman, D. (2019). Accounting and cybersecurity risk

management. Current Issues in Auditing, 13(2), C1-C9.

Eling, M. (2018). Cyber risk and cyber risk insurance: Status quo and future research.
IT 16

Hasan, S., Ali, M., Kurnia, S., & Thurasamy, R. (2021). Evaluating the cyber security readiness

of organizations and its influence on performance. Journal of Information Security and

Applications, 58, 102726.

Joinson, A., & van Steen, T. (2018). Human aspects of cyber security: Behaviour or culture

change?. Cyber Security: A Peer-Reviewed Journal, 1(4), 351-360.

Kim, J. (2017). Cyber-security in government: reducing the risk. Computer Fraud &

Security, 2017(7), 8-11.

Kovács, L. (2018). Cyber security policy and strategy in the European Union and NATO. Land

Forces Academy Review, 23(1), 16-24.

Lee, J., Kim, J., & Seo, J. (2019, January). Cyber attack scenarios on smart city and their ripple

effects. In 2019 International Conference on Platform Technology and Service

(PlatCon) (pp. 1-5). IEEE.

Priyadarshini, I. (2018). Cyber security risks in robotics. In Cyber security and threats: concepts,

methodologies, tools, and applications (pp. 1235-1250). IGI Global.

Schatz, D., Bashroush, R., & Wall, J. (2017). Towards a more representative definition of cyber

security. Journal of Digital Forensics, Security and Law, 12(2), 53-74.

Srinivas, J., Das, A. K., & Kumar, N. (2019). Government regulations in cyber security:

Framework, standards and recommendations. Future Generation Computer Systems, 92,

178-188.

Tarter, A. (2017). Importance of cyber security. In Community Policing-A European

Perspective (pp. 213-230). Springer, Cham.

IT 17

Tosh, D. K., Shetty, S., Sengupta, S., Kesan, J. P., & Kamhoua, C. A. (2017, May). Risk

management using cyber-threat information sharing and cyber-insurance. In International

conference on game theory for networks (pp. 154-164). Springer, Cham.

Valeriano, B., & Maness, R. C. (2018). International relations theory and cyber security. The

Oxford Handbook of International Political Theory, 259.