Society today is plagued with crime that is difficult to combat, constantly changing, and has no borders; this type of crime is called cybercrime. The United States of America is attacked on a daily basis by cyber criminals both foreign and domestic. The crimes committed involve fraud, identity theft, theft of proprietary trade secrets, and even theft of national secrets. The 2009 Internet Crime Report indicates there were 336,655 received cybercrime complaints in 2009 and a total monetary loss of $559.7 million (“2009 Internet Crime Report,” 2009).
Cybercrime affects everyone; therefore, individuals, corporations, and government entities are responsible for safeguarding information against these attacks. Clearly, a unified front must be established to combat this epidemic. A unification of individual citizens, corporations, and government entities must occur to prevent and deter cyber-attacks. A united front to fight cybercrime requires that a standard set of cyber security controls be established for the public good, but who should be responsible for mandating those controls?
Directing cyber security controls involves establishing laws, setting penalties for breaking laws, and creation of foreign policies regarding cybercrime with other nations. Since laws, penalties, and foreign policy are required, the responsibility for mandating security controls for the public good falls on the government. Before the government is allowed to require certain cyber security controls be put in place, the following questions must be answered:
• Is the government justified in mandating cyber security controls?
• Should individuals and corporations be responsible for protecting trade and national secrets through cyber security contr.
.lling through the cracks.
Situational awareness is a term that describes the ability to identify, process, and comprehend critical elements of information in at any given time (“Situational Awareness,” 1998). Individuals, corporations, and government entities must all think deeply about their situational awareness regarding cyber security and the controls necessary to keep information and infrastructures secure. There is no single group that is responsible for the protection of information, trade secrets, intellectual property, or national secrets. The security of the nation depends on everyone’s ability to foresee, deter, and react to cyber security incidents.
There is a clear need for mandated cyber security controls so that individuals, corporations, and government entities all operate with the same beginning base of cyber security controls.