Scribd Logo
Upload

Welcome to Scribd!

  • The Catalog Approach

    Uploaded by

    LAKSHAY
    1K views10 pages
    A recent attempt to catalog all possible ways in which cyber security may be measured resulted in a list of over 900 items. The primary reason is to introduce and explain the foundations of concepts that frequently recur in cyber security policy debates.

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    A recent attempt to catalog all possible ways in which cyber security may be measured resulted in a list of over 900 items. The primary reason is to introduce and explain the foundations of concepts that frequently recur in cyber security policy debates.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    1K views10 pages

    The Catalog Approach

    Uploaded by

    LAKSHAY
    A recent attempt to catalog all possible ways in which cyber security may be measured resulted in a list of over 900 items. The primary reason is to introduce and explain the foundations of concepts that frequently recur in cyber security policy debates.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 10

    Chapter 5

    The Catalog Approach


    Topics to be covered
    ▪ Catalog Format
    ▪ Cyber Security Policy Taxonomy
    Introduction
    ▪ A recent attempt to catalog all possible ways in which cyber
    security may be measured resulted in a list of over 900 items.
    ▪ The primary reason is to introduce and explain the foundations
    of concepts that frequently recur in cyber security policy
    debates.
    ▪ The secondary reason is to impress the reader with the variety
    and breadth of the field of cyber security policy.
    ▪ The third reason is to include enough detail in the explanation
    of cyber security policy issues.
    ▪ This is for decision makers to recognize how the consequence
    of a given policy may affect their enterprise.
    Catalog Format
    ▪ Each section of the Catalog follows a uniform format.
    ▪ Each section begins with an overview of the issues of interest
    for that section.
    ▪ The overview is meant to shed light on cyber security policy
    concerns.
    ▪ Also introduce a taxonomy for the issues within the general
    section heading.
    ▪ Each item in the taxonomy will have its own subsection
    introductory description.
    Cont’d…
    ▪ These descriptions are followed by a categorization of cyber
    security policy issues.
    ▪ It illustrate the concerns of the subsection.
    ▪ Also may include examples of events that illustrate major
    cyberspace developments and corresponding security impact.
    ▪ The opening discussion in each subsection is followed by a
    table that lists specific examples of cyber security policy issues.
    ▪ Each policy statement in a tabular list is enhanced with both
    explanation and opinions.
    Cont’d…
    ▪ This indicate why cyber security policy constituents may be
    concerned about the issuance of executive mandates with
    respect to the issue.
    ▪ The catalog approach is intended to ensure that policy issues
    are captured systematically.
    ▪ This is done without prejudice toward one overarching global
    strategy to accomplish any given organization’s objective for
    the utilization of cyberspace.
    Cyber Security Policy Taxonomy
    ▪ The sections and subsections are:
    1. Cyber Governance Issues
    i. Net Neutrality
    ii. Internet Names and Numbers
    iii. Copyrights and Trademarks
    iv. Email and Messaging
    2. Cyber User Issues
    i. Malvertising
    ii. Impersonation
    iii. Appropriate Use
    Cont’d…
    iv. Cyber Crime
    v. Geo-location
    vi. Privacy
    3. Cyber Conflict Issues
    i. Intellectual Property Theft
    ii. Cyber Espionage
    iii. Cyber Sabotage
    iv. Cyber Warfare
    4. Cyber Management Issues
    i. Fiduciary Responsibility
    Cont’d…
    ii. Risk Management
    iii. Professional Certification
    iv. Supply Chain
    v. Security Principles
    vi. Research and Development
    5. Cyber Infrastructure Issues
    i. Banking and Finance
    ii. Health Care
    iii. Industrial Control Systems
    Cont’d…
    Table 5.1 Format for Policy Lists
    Policy statement Explanation Reasons for Controversy
    This cell contains a This is a brief This column contains two or more
    statement of policy explanation of cells. Each cell states a different
    in the form it would why the policy reason why a policymaker might
    be stated if it were a has significance be motivated to issue the policy
    management in the domain of statement in the form of a
    directive. cyber security management directive, or defer
    from association with the policy
    statement

    You might also like