WRC 1013/1023: Freshman Composition: Exploring Critical Issues

"Mehta is a senior research scientist on the front lines of cybersecurity, facing an unrelenting daily battle on a constantly shifting landscape against the world’s craftiest hackers. He specializes in issues related to vulnerability discovery, exploitation techniques, and reverse-engineering attacks. One morning he’s combating malware that’s popped up in a financial services firm over the weekend. The next day he may be trying to outflank a sophisticated nation-state attack on a defense contractor."

_{Image: By Byseyhanla - Own work, CC BY-SA 4.0, https://commons.wikimedia.org/w/index.php?curid=46946593}

"If you want to keep yourself up at night, spend some time reading about the latest developments in cybersecurity. Airplanes hacked, cars hacked, vulnerabilities in a breathtaking range of sensitive equipment from TSA locks to voting booths to medical device."

_{By Santeri Viinamäki, CC BY-SA 4.0, https://commons.wikimedia.org/w/index.php?curid=53153294}

"A 'significant cyber incident' is defined as a cyber incident that is (or group of related cyber incidents that together are) likely to result in demonstrable harm to the national security interests, foreign relations, or economy of the United States or to the public confidence, civil liberties, or public health and safety of the American people. Federal Lead Agencies In order to ensure that the Cyber UCG achieves maximum effectiveness in coordinating responses to significant cyber incidents, the following agencies must serve as Federal lead agencies for the specified line of effort: * In view of the fact that significant cyber incidents often will involve at least the possibility of a nation-state actor or have some other national security nexus, the DOJ, acting through the Federal Bureau of Investigation (FBI) and the National Cyber Investigative Joint Task Force, must be the Federal lead agency for threat response activities."

"Epidemiologists, at the outbreak of any major disease, are sent out to the field to find patient zero — the first victim, which helps explain how the contagion began. As David Sanger, Scott Shane and I set out in late November to reconstruct the events surrounding the hacking of the Democratic Party during the 2016 election campaign, we too wanted to understand, among all factors, how and where this story started."

_{By Qqqqqq at English Wikipedia, CC BY-SA 3.0, https://commons.wikimedia.org/w/index.php?curid=16090738}

"Companies are paying “white hat” hackers to probe their cybersecurity systems for weaknesses—but some say that so far, they aren’t paying enough."

_{By Unknown - www.inquisitr.com, Public Domain, https://commons.wikimedia.org/w/index.php?curid=42452321}

"Although there has been a relative abundance of scholarship exploring the contours of the law of cyber war, far less attention has been paid to defining a law of cyberpeace applicable below the armed attack threshold. Among the most important unanswered questions is what exactly nations' due diligence obligations are to one another and to their respective private sectors. The International Court of Justice (ICJ) has not yet explicitly considered this topic, though it has ruled in the Corfu Channel case that one country's territory should not be "used for acts that unlawfully harm other States. " But what steps exactly do nations and companies under their jurisdiction have to take under international law to secure their networks, and what of the rights and responsibilities of transit States? This Article reviews the arguments surrounding the creation of a cybersecurity due diligence norm and argues for a proactive regime that takes into account the common but differentiated responsibilities of public and private sector actors in cyberspace. The analogy is drawn to cybersecurity due diligence in the private sector and the experience of the 2014 National Institute of Standards and Technology (NIST) Framework to help guide and broaden the discussion."