The United States leads a group of nations that advocate international law applies to Cyberspace, as noted by Harold Koh, a Legal Advisor for the U.S. Department of State, in his detailed remarks at USCYBERCOM Inter-Agency Legal Conference (Koh, 2012). The U.S. also pushes the edge in developing state and international strategies, which include cyberspace. How effective are the strategies if we continue to see state and non-state actors conducting cybered conflict? Current policies and strategies, as can be seen from the U.S., show positive movement in global security initiatives. Even with the initiatives, many states lack regulatory guidance and oversight to maintain and improve cyber defense for state …show more content…
has The National Security Strategy 2015, The National Military Strategy of the United States of America 2015, The DoD Cyber Strategy 2015, and the Department of Defense Strategy for Operating in Cyberspace July 2011. All of these strategies discuss the concern on impact to socioeconomic security, deterrence, and investigation. What is mentioned, but not supported in these documents are how do we regulate and protect, or what will we do to ensure compliance. Why would our strategy ever allow for a “voluntary cybersecurity framework” (White House, 2015)? Guidance without mandated regulation or oversight is not productive to making successful changes in state or global cyber defenses (Clarke & Knake, …show more content…
Considerations for the following measures must be taken into account and applied throughout with appropriate oversight and regulatory guidance. The guidance must provide a goal and not dictate the path, it must hold both government and civilian organizations accountable for their security and emplace strict measures for those that fail to comply (Clarke & Knake, 2010). First, each state will need to clean up their internal networks, this is a broad area with many implied tasks for all parties involved. Second, the commercial and government agencies that build and oversee a state’s critical infrastructure and networks must decuple them from the internet. This will place them into closed networks allowing for stronger defense in depth. Third, states will need to participate more actively in international organizations (G8, FiRST, CERT, IEEE, ITU, etc.) that have relevance to cyber defense. The final measure for a state is to create a Bureau for Cyber Affairs under the State Department, or similar depending on the state. This will provide an organization responsible for oversight, compliance, and ensure that all cyberspace concerns, issues, policies, etc. are brought under one governing body (Clarke & Knake,