Page 160 - Cyber Terrorism and Extremism as Threat to Critical Infrastructure Protection
P. 160
SECTION II: CYBER TERRORISM AND SECURITY IMPLICATION FOR CRITICAL INFRASTRUCTURE PROTECTION
privileged system access will remain key targets and subject to social engineering attacks
(Report on Cyber security and Critical Infrastructure in the USA, 2015). Strengthening cyber
security requires a combination of prevention, detection, incident mitigation, and investigation.
Addressing the vulnerabilities of critical infrastructures necessitates a cooperative approach
from the public and private sectors, and connection between the local and the international
dimensions. The challenge of protecting critical infrastructures requires the management of
competing demands between security and privacy(Report on Destructive Cyber-Attacks Blitz
Critical Infrastructure, 2015). Almost half of security professionals think that a successful
cyberattack will take down critical infrastructure and cause the loss of human life within the
next three years (Critical Infrastructure Readiness Report, Aspen institute, 2015).One of the
three most powerful states in the world, the United States, through its government, sponsored
website Cyber Seekers, constantly advertises cyber security job openings in the United States.
New roles and jobs in cyber security arise beyond the typical job roles. More interactive
information, knowledge and shared experience can be found on the US National Initiative
for Cyber Security Education (NICE) website (see below). With the rapid development of
information technology, it is more than necessary for both government and private sector
employees to be educated and trained in the field of cyber attack management, and in the
implementation of appropriate legal regulations and mechanisms for legal protection and
cyber-attack sanctions.
In 2013, NATO’s Computer Incident Response Centre (NCIRC) upgrade project from 58
million EUR for enhancement of NATO cyber defence. This major capability will help NATO
better protect its networks from the increasing number of cyber-attacks against the Alliance’s
information systems.
As an initial example to other world states, the US government established the National
Institute for Cyber Security Education (NICE). Together with the Department of Education
and other agencies, NICE launched a four-pronged strategy to build a cyber secure nation
through training, awareness, post-graduate educational programmes and development
for federal security professionals. To meet this goal, NICE targeted a broad range of the
population as prospective employees: including students and private sector partners (USA
National Cyber Strategy, 2018: pp 5-8).
Cyber security reform legislation should make these arrangements permanent. Government
agencies should be given the authority and resources to initiate new recruitment and education
campaigns, and to extend the scope of the existing ones. Firstly, more cyber security will be
needed to manage the increase in connectivity, so there will be an increase in demand for
cyber security jobs. Secondly, through enhancing its presence in recruitment and education,
the federal government could attract individuals to take part in these cyber security jobs who
might otherwise have joined the ranks of Anonymous or other hacker groups. Granted, people
who are anti-government or even apathetic towards government may not be persuaded by
the government’s recruitment efforts, but for those young people who exhibit exceptional
computer skills and seek a community which utilizes and appreciates these skills, the
recruitment and education campaigns will certainly aid governments in this mission.
The need for cyber security professionals is increasing day by day. The driving factors for this
are: the increasing number of useful internet and social networks, the use of smartphones, and
the electronic commerce of most financial and industrial corporations among other things. All
160
