JUS5650 - Cyber Security Regulatory Bodies Approach: In-depth Analysis
VerifiedAdded on 2023/06/13
|18
|6002
|314
Report
AI Summary
This report examines the approaches of various regulatory bodies in addressing cyber security, focusing on the European Union Commission Cybersecurity Regulations, Norway's regulatory regime, and ENISA. It discusses the rise in cybercrime and the measures implemented to combat it, including building EU resilience, strengthening EU agencies, creating cyber expertise, encouraging cyber hygiene, and strengthening international relationships. The report also covers Norway's strategies for preventing, detecting, and managing cyber attacks, ensuring competence, protecting critical infrastructure, and outlining crisis reaction plans. It highlights the role of ENISA in enhancing network information security and concludes by emphasizing the importance of compliance with established rules and standards to safeguard data on the network. Desklib provides access to similar solved assignments and past papers for students.
JUS5650
Title
Cyber Security Regulatory bodies approach
1
Title
Cyber Security Regulatory bodies approach
1
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Contents
Abstract..........................................................................................................................................3
Introduction....................................................................................................................................3
Methodology...................................................................................................................................4
Cyber security information...........................................................................................................5
Regulatory Bodies..........................................................................................................................5
The European Union Commission Cybersecurity Regulations.............................................6
1. Build a strong EU Resilience to any kind of cyber attack...........................................6
2. To strengthen EU agency for securing information and Network.............................6
3. Create a resilient EU cyber expertise base...................................................................7
4. Encouraging cyber hygiene and awareness..................................................................8
5. Strengthening international relationship on the war against cybercrime.................8
Norway's regulatory regime for cybersecurity.......................................................................9
I. Preventing cyber security...............................................................................................9
II. Detecting and managing cyber attacks....................................................................10
III. Ensure competence in cybersecurity.......................................................................10
IV. Protect critical ICT infrastructure..........................................................................11
v. Outline for fast crisis reaction......................................................................................11
ENISA (European Union Agency for Network Information Security)...............................12
Conclusion....................................................................................................................................13
2
Abstract..........................................................................................................................................3
Introduction....................................................................................................................................3
Methodology...................................................................................................................................4
Cyber security information...........................................................................................................5
Regulatory Bodies..........................................................................................................................5
The European Union Commission Cybersecurity Regulations.............................................6
1. Build a strong EU Resilience to any kind of cyber attack...........................................6
2. To strengthen EU agency for securing information and Network.............................6
3. Create a resilient EU cyber expertise base...................................................................7
4. Encouraging cyber hygiene and awareness..................................................................8
5. Strengthening international relationship on the war against cybercrime.................8
Norway's regulatory regime for cybersecurity.......................................................................9
I. Preventing cyber security...............................................................................................9
II. Detecting and managing cyber attacks....................................................................10
III. Ensure competence in cybersecurity.......................................................................10
IV. Protect critical ICT infrastructure..........................................................................11
v. Outline for fast crisis reaction......................................................................................11
ENISA (European Union Agency for Network Information Security)...............................12
Conclusion....................................................................................................................................13
2
Abstract
With the rise in cases involving cybercrime all over the globe, new measures are put in place day
by day so as to curb these vice. As a result of these cybercrime-related activities, many people
have been 1affected or affected in one way or the other due to losses incurred whenever an attack
has been reported. The affected individuals have either suffered financial or data loss whose
result is psychological traumatizing while wasting a lot of time and resources trying to solve the
case or repossess the lost data. As a result, new regulations and laws are formulated day after day
to ensure that there are minimum cases reported within a region. These regulations and laws are
formulated by a regulatory body set aside to deal with such cases.
In this paper, I shall focus on these regulatory bodies to see where they have been stationed and
the boundaries of jurisdiction as well as their role in curbing the curbing cybercrime on matters
pertaining cloud computing to create safe environment for data storage.
Introduction
Technology has grown gradually from simple to complex and as the days go by every aspect of
human life is undergoing a technological revolution. A new era of technology has been achieved
due to the availability of ubiquitous network capabilities such as the wireless mobile network,
cloud computing, and distributed network. The Internet has made possible as it connects
computer networks all over the world. As a result, bulky information of individuals, companies
and other institutions can be stored in a computer and uploaded into the clouds so that it can be
easy to retrieve them wherever a person will be and whenever need be. It is feasible to transact
over the internet conveniently and do another kind of tasks conveniently. Technology helped to
reduce work burden and ease the way of doing things. In spite of all the benefits that technology
brought, it doesn’t go without saying that that it came with its vices.
As a result of these technological upgrade, people with malicious mind have devised
mechanisms through which they can extort people and companies. 2They are able to dig deeper
into the software and hardware loopholes so that they can exploit those vulnerabilities with an
intention to hold on to something that they can use as their leverage. This brought an uproar
among the network users that their information is not safe and thus the need to create better
1 Hassan et al. Cybercrime in Nigeria p626-631
2 Von Solms and Van Niekerk Computers and Security, 38.
3
With the rise in cases involving cybercrime all over the globe, new measures are put in place day
by day so as to curb these vice. As a result of these cybercrime-related activities, many people
have been 1affected or affected in one way or the other due to losses incurred whenever an attack
has been reported. The affected individuals have either suffered financial or data loss whose
result is psychological traumatizing while wasting a lot of time and resources trying to solve the
case or repossess the lost data. As a result, new regulations and laws are formulated day after day
to ensure that there are minimum cases reported within a region. These regulations and laws are
formulated by a regulatory body set aside to deal with such cases.
In this paper, I shall focus on these regulatory bodies to see where they have been stationed and
the boundaries of jurisdiction as well as their role in curbing the curbing cybercrime on matters
pertaining cloud computing to create safe environment for data storage.
Introduction
Technology has grown gradually from simple to complex and as the days go by every aspect of
human life is undergoing a technological revolution. A new era of technology has been achieved
due to the availability of ubiquitous network capabilities such as the wireless mobile network,
cloud computing, and distributed network. The Internet has made possible as it connects
computer networks all over the world. As a result, bulky information of individuals, companies
and other institutions can be stored in a computer and uploaded into the clouds so that it can be
easy to retrieve them wherever a person will be and whenever need be. It is feasible to transact
over the internet conveniently and do another kind of tasks conveniently. Technology helped to
reduce work burden and ease the way of doing things. In spite of all the benefits that technology
brought, it doesn’t go without saying that that it came with its vices.
As a result of these technological upgrade, people with malicious mind have devised
mechanisms through which they can extort people and companies. 2They are able to dig deeper
into the software and hardware loopholes so that they can exploit those vulnerabilities with an
intention to hold on to something that they can use as their leverage. This brought an uproar
among the network users that their information is not safe and thus the need to create better
1 Hassan et al. Cybercrime in Nigeria p626-631
2 Von Solms and Van Niekerk Computers and Security, 38.
3
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
structures and measures to safeguard information on the network. Cybersecurity team mandated
to create a better world of technology was created all over the world to regulate usage of internet
and how one should conduct him/herself while accessing information on the network.
Thus, according to 3Choucri et al (2012) “Cybersecurity comprises technologies, processes, and
controls that are designed to protect systems, networks, and data from cyber attacks.” It
important to make sure that all levels of network architecture are safeguarded to minimize case
of cybercrime. 4 There is focuses on information security pillars that will help in ensuring that
data are secure. They are confidentiality, integrity, and privacy commonly referred to as CIA.
ISO2700 is the body entitled to ensure that any system meets the standards set to ensure that only
the person intended to access certain information can be able to do so.
Methodology
During the research period, I employed 5different kind of methods so as to gather and analyze
information that was relevant to my line of study. I was able to collect information from that was
previously done by other authors as well as the journals pertaining regulatory bodies that were
available in the library. Class work that we have been using was acted as the basis of what I was
to work on as it gave me the guideline on how to attain the maxima of the research. I also
consulted my lecture, colleagues as well as IT practitioners within the institution so as they can
tell more about regulatory bodies they know of and how they have been involved in fighting
against cybercrime involving data storage and the cloud computing technology.
Cyber security information
It is the duty of every right-minded individual to work hard and comply with the set rules and
standard set by some of the bodies mandated to ensure that information kept on the network is
safe. 6Von Solms and Nieker (2013) highlights some of the attacks which include;
3 Choucri. “What is Cybersecurity?,” 2-4.
4 Albrechtsen, and Hovden. Computers & Security, 432-445
5 Kumar research methodology 45-50
6 Von Solms and Van Niekerk Computers and Security, 38.
4
to create a better world of technology was created all over the world to regulate usage of internet
and how one should conduct him/herself while accessing information on the network.
Thus, according to 3Choucri et al (2012) “Cybersecurity comprises technologies, processes, and
controls that are designed to protect systems, networks, and data from cyber attacks.” It
important to make sure that all levels of network architecture are safeguarded to minimize case
of cybercrime. 4 There is focuses on information security pillars that will help in ensuring that
data are secure. They are confidentiality, integrity, and privacy commonly referred to as CIA.
ISO2700 is the body entitled to ensure that any system meets the standards set to ensure that only
the person intended to access certain information can be able to do so.
Methodology
During the research period, I employed 5different kind of methods so as to gather and analyze
information that was relevant to my line of study. I was able to collect information from that was
previously done by other authors as well as the journals pertaining regulatory bodies that were
available in the library. Class work that we have been using was acted as the basis of what I was
to work on as it gave me the guideline on how to attain the maxima of the research. I also
consulted my lecture, colleagues as well as IT practitioners within the institution so as they can
tell more about regulatory bodies they know of and how they have been involved in fighting
against cybercrime involving data storage and the cloud computing technology.
Cyber security information
It is the duty of every right-minded individual to work hard and comply with the set rules and
standard set by some of the bodies mandated to ensure that information kept on the network is
safe. 6Von Solms and Nieker (2013) highlights some of the attacks which include;
3 Choucri. “What is Cybersecurity?,” 2-4.
4 Albrechtsen, and Hovden. Computers & Security, 432-445
5 Kumar research methodology 45-50
6 Von Solms and Van Niekerk Computers and Security, 38.
4
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
The APTs which in full is Advance Persistent Threats, they are attacks that 7infiltrates a
system and establishes a foothold within the system infrastructure of the target cloud
intended to steal data. It takes a longer period to be able to penetrate since there is need to
adopt and understand the kind of system security in place to be able to bypass it. Once in
position, it will be able to trespass through the data centre network while normally
blending well with the traffic so as to achieve the objective.
Identity theft after on holds unto some account credentials i.e. username and password so
that they can be able to re-use without the owner conceit. In case an attacker get hold of
once account credentials, it will make it easy for them to eavesdrop to all kind of
activities as well as transactions, they can as well manipulate data and send back falsified
information and at times they may redirect client to illegitimate sites.
Data loss; It is not only as a result of malicious attack but can also be as a result of system
failure, unintended deletion by the administrator, or catastrophe such as fire or hurricane.
This leads to a permanent loss to a data. As such, cloud provider should take measures
and back up the data so as to offer continuity of the business as well as recovery on the
event of disaster.
Denial of service, abbreviates as DoS is one of the simple attack that can be executed
mostly when an attacker has hold of the botnet. Any successful DoS attack will give an
attacker sufficient time to execute other types of attacks without being caught.
SQL injection attack; done by injecting malware onto vulnerable sites so as to access the
database.
These kind of attacks have led to various government and organizations to come up with rule and
regulations that will help curb these vices and make people aware of the existing limit of internet
usage 8(Orji, U. 2010).
Regulatory Bodies
There are bodies whose mandate is to ensure the safety of the data of the internet users. There
work is to oversee the success of a crime-free cloud network. There has been an outcry among
7 Brewer. Network Security 5-9
8 Orji. Cybersecurity Law and Regulation .
5
system and establishes a foothold within the system infrastructure of the target cloud
intended to steal data. It takes a longer period to be able to penetrate since there is need to
adopt and understand the kind of system security in place to be able to bypass it. Once in
position, it will be able to trespass through the data centre network while normally
blending well with the traffic so as to achieve the objective.
Identity theft after on holds unto some account credentials i.e. username and password so
that they can be able to re-use without the owner conceit. In case an attacker get hold of
once account credentials, it will make it easy for them to eavesdrop to all kind of
activities as well as transactions, they can as well manipulate data and send back falsified
information and at times they may redirect client to illegitimate sites.
Data loss; It is not only as a result of malicious attack but can also be as a result of system
failure, unintended deletion by the administrator, or catastrophe such as fire or hurricane.
This leads to a permanent loss to a data. As such, cloud provider should take measures
and back up the data so as to offer continuity of the business as well as recovery on the
event of disaster.
Denial of service, abbreviates as DoS is one of the simple attack that can be executed
mostly when an attacker has hold of the botnet. Any successful DoS attack will give an
attacker sufficient time to execute other types of attacks without being caught.
SQL injection attack; done by injecting malware onto vulnerable sites so as to access the
database.
These kind of attacks have led to various government and organizations to come up with rule and
regulations that will help curb these vices and make people aware of the existing limit of internet
usage 8(Orji, U. 2010).
Regulatory Bodies
There are bodies whose mandate is to ensure the safety of the data of the internet users. There
work is to oversee the success of a crime-free cloud network. There has been an outcry among
7 Brewer. Network Security 5-9
8 Orji. Cybersecurity Law and Regulation .
5
the victims of cyber attack who have suffered financial or data loss. The impact of such loss is
psychological traumatizing as well as wasting a lot of time and resources trying to solve the case
pertaining the same or trying to repossess the lost data. In case of data loss, there are some
incidence through which they can be recovered but in most cases it requires skilled practitioners
who are very expensive to come by. As a result, new regulations and laws were formulated to
help individuals deal with such cases at a low cost. They have set rules and guidelines that
should always be adhered to by any IT expert as Orji (2010) describes in his book
“Cybersecurity Law and Regulation” (p 398). Some of these bodies include the European Union
Commission Cybersecurity Regulations, Norway's regulatory regime for cybersecurity, African
Union Convention on Cyber Security and Personal Data Protection, and ENISA (European
Union Agency for Network Information Security) among others. These bodies were created as a
result of rampant cybercrimes.
The European Union Commission Cybersecurity Regulations
Cyber-attacks targeted most of the vital infrastructures such as the banking systems, government
infrastructures, online marketplaces among other critical environments that highly depends on
the clouds to store some vital information in a distributed network.9Kim (2014) states the worry
impounded on banking system data network in case of unauthorized person holds on to data with
bad intention.
The aim for the formation of this body was to;
1. Build a strong EU Resilience to any kind of cyber attack
To have a strong and resilience cyber it requires collective and a wide-range of the approach of
things. A more robust and operational system that will help to reinforce cyber security and ability
to respond to cases pertaining cyber attacks from the member states, government institutions as
well as other agencies. EU cyber security team of better experts should be put in place to help
create a much stronger cloud network infrastructure that is able to withhold any kind of cyber
attack directed to the members of the EU so as to create a common market where a member can
feel safer. The team should also work hard counteract any kind of attack on the cloud before it
happens and the culprit held into justice.
9 Kim. “Annals of Nuclear Energy”, 141-143.
6
psychological traumatizing as well as wasting a lot of time and resources trying to solve the case
pertaining the same or trying to repossess the lost data. In case of data loss, there are some
incidence through which they can be recovered but in most cases it requires skilled practitioners
who are very expensive to come by. As a result, new regulations and laws were formulated to
help individuals deal with such cases at a low cost. They have set rules and guidelines that
should always be adhered to by any IT expert as Orji (2010) describes in his book
“Cybersecurity Law and Regulation” (p 398). Some of these bodies include the European Union
Commission Cybersecurity Regulations, Norway's regulatory regime for cybersecurity, African
Union Convention on Cyber Security and Personal Data Protection, and ENISA (European
Union Agency for Network Information Security) among others. These bodies were created as a
result of rampant cybercrimes.
The European Union Commission Cybersecurity Regulations
Cyber-attacks targeted most of the vital infrastructures such as the banking systems, government
infrastructures, online marketplaces among other critical environments that highly depends on
the clouds to store some vital information in a distributed network.9Kim (2014) states the worry
impounded on banking system data network in case of unauthorized person holds on to data with
bad intention.
The aim for the formation of this body was to;
1. Build a strong EU Resilience to any kind of cyber attack
To have a strong and resilience cyber it requires collective and a wide-range of the approach of
things. A more robust and operational system that will help to reinforce cyber security and ability
to respond to cases pertaining cyber attacks from the member states, government institutions as
well as other agencies. EU cyber security team of better experts should be put in place to help
create a much stronger cloud network infrastructure that is able to withhold any kind of cyber
attack directed to the members of the EU so as to create a common market where a member can
feel safer. The team should also work hard counteract any kind of attack on the cloud before it
happens and the culprit held into justice.
9 Kim. “Annals of Nuclear Energy”, 141-143.
6
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
2. To strengthen EU agency for securing data and cloud network.
ENISA is one of the agencies created by the EU to help fight against cyber crime. 10Its work is to
help build a strong cyber resilience and also to respond to cases of cyber attacks. It is the work of
the agency to implement directives concerning cloud security and the information system as well
as the framework proposals for cyber-security certification.
They will act on the capacity of advisory on formulating policies to be implemented as well as
promoting soundness among sectorial enterprises and the directives from Cloud Providers in
helping to net-share information and centres for analysis in acute sectors. 11ENISA have a
responsibility to make sure that EU states are prepared by holding annual pan-European
cybersecurity training in unison. This shall be involving all the response units which cuts across
all different levels of practitioners involved in IT mostly with the cloud computing. This unison
training will act a source of knowledge on the way to curb cloud network cybercrime.
3. Create a resilient EU cyber expertise base
So as to build a strong cybesecurity base, it will require highly skilled personnel’s to manage it.
Training of the experts will help to raise more professional who will be able to come and fill the
gap that is there since most of the better experts have been absorbed by the private sectors who
offers better employment terms. Also 12creating awareness about hoe to manage ones account
credetials will help individuals to be vigilant while using the clouds so as to have a knowhow of
the tricks used by the attackers in order to gain access to once credentials. Creating awareness
does not only help one avoid being a victim of attack but it will also help in lowering the cost of
curbing the vice.
The bases have been created all over the Europe to ensure that the scope has been reached. They
are working hard to ensure that they train a lot of member to carry on with the task of enforcing a
free cyber space Europe. One of the training base is in Geneva Switzerland while other is in the
UK, Germany and other countries. They bring together the experts from across the states who
works in harmony to curd the vices.
10 Levi-Faur. Journal of European Public Policy, 810-829.
11 Rittberger, Wonka. Journal of European Public Policy, 780-789.
12 Dodge, Ferguson. computers & security, 73-80.
7
ENISA is one of the agencies created by the EU to help fight against cyber crime. 10Its work is to
help build a strong cyber resilience and also to respond to cases of cyber attacks. It is the work of
the agency to implement directives concerning cloud security and the information system as well
as the framework proposals for cyber-security certification.
They will act on the capacity of advisory on formulating policies to be implemented as well as
promoting soundness among sectorial enterprises and the directives from Cloud Providers in
helping to net-share information and centres for analysis in acute sectors. 11ENISA have a
responsibility to make sure that EU states are prepared by holding annual pan-European
cybersecurity training in unison. This shall be involving all the response units which cuts across
all different levels of practitioners involved in IT mostly with the cloud computing. This unison
training will act a source of knowledge on the way to curb cloud network cybercrime.
3. Create a resilient EU cyber expertise base
So as to build a strong cybesecurity base, it will require highly skilled personnel’s to manage it.
Training of the experts will help to raise more professional who will be able to come and fill the
gap that is there since most of the better experts have been absorbed by the private sectors who
offers better employment terms. Also 12creating awareness about hoe to manage ones account
credetials will help individuals to be vigilant while using the clouds so as to have a knowhow of
the tricks used by the attackers in order to gain access to once credentials. Creating awareness
does not only help one avoid being a victim of attack but it will also help in lowering the cost of
curbing the vice.
The bases have been created all over the Europe to ensure that the scope has been reached. They
are working hard to ensure that they train a lot of member to carry on with the task of enforcing a
free cyber space Europe. One of the training base is in Geneva Switzerland while other is in the
UK, Germany and other countries. They bring together the experts from across the states who
works in harmony to curd the vices.
10 Levi-Faur. Journal of European Public Policy, 810-829.
11 Rittberger, Wonka. Journal of European Public Policy, 780-789.
12 Dodge, Ferguson. computers & security, 73-80.
7
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
13Training should be done at the various level of administration such as the higher learning
institutions, training employees who are IT illiterate as well as those who are not well aware of
the dangers hovering over the usage of cloud systems as a mode of information storage.
Candidates should be taught how to detect any kind of mischievous behavior that could lead to
an attack and how they should respond to it. This training should not be limited to just IT experts
but also channeled to other interested personnels such as the accountants, secretaries, and any
other person who is a stakeholder in cloud computing.
4. Encouraging cyber hygiene and awareness
It is required of any institution to be on the lead in trying to educate about cloud computing and
the danger it imposes on institution and individual data. At times, some people do the wrong
things out of their knowledge and as such, it is good to create awareness of the existence of rules
and regulations pertaining cybercrime. 14 O’Connell (2012) states the necessity to create that
conducive atmosphere free from fear of attack and it is only possible if some parameters are met.
Some of them include use of up-to-date software, encouraging updating of operating systems so
as to seal already known vulnerabilities and avoiding public networks while dealing with
sensitive information.
Member States ought to quicken the utilization of more digital secure devices in the
advancement of e-government and furthermore draw full advantage from the skill arrange. The
selection of secure methods for recognizable proof ought to be advanced, expanding on the 15EU
structure of electronic ID and put stock in administrations for electronic exchanges in the interior
market, which has been in drive since 2016 and gives an anticipated administrative condition to
empower secure and consistent electronic collaborations between organizations, people and open
experts
5. Strengthening international relationship on the war against cybercrime
16EU fundamental rights and core values in ensuring there is right to privacy and that personal
data are protected has helped to create an opening of free and secure cyberspace among the EU
13 Aloul. Journal of Advances in Information Technology, 176-183.
14 O’Connell. Journal of Conflict and Security Law, 187-209.
15 Kirkpatrick. Communications of the ACM, 21-23.
16 Li. Networking legal systems in the networked crime scene.
8
institutions, training employees who are IT illiterate as well as those who are not well aware of
the dangers hovering over the usage of cloud systems as a mode of information storage.
Candidates should be taught how to detect any kind of mischievous behavior that could lead to
an attack and how they should respond to it. This training should not be limited to just IT experts
but also channeled to other interested personnels such as the accountants, secretaries, and any
other person who is a stakeholder in cloud computing.
4. Encouraging cyber hygiene and awareness
It is required of any institution to be on the lead in trying to educate about cloud computing and
the danger it imposes on institution and individual data. At times, some people do the wrong
things out of their knowledge and as such, it is good to create awareness of the existence of rules
and regulations pertaining cybercrime. 14 O’Connell (2012) states the necessity to create that
conducive atmosphere free from fear of attack and it is only possible if some parameters are met.
Some of them include use of up-to-date software, encouraging updating of operating systems so
as to seal already known vulnerabilities and avoiding public networks while dealing with
sensitive information.
Member States ought to quicken the utilization of more digital secure devices in the
advancement of e-government and furthermore draw full advantage from the skill arrange. The
selection of secure methods for recognizable proof ought to be advanced, expanding on the 15EU
structure of electronic ID and put stock in administrations for electronic exchanges in the interior
market, which has been in drive since 2016 and gives an anticipated administrative condition to
empower secure and consistent electronic collaborations between organizations, people and open
experts
5. Strengthening international relationship on the war against cybercrime
16EU fundamental rights and core values in ensuring there is right to privacy and that personal
data are protected has helped to create an opening of free and secure cyberspace among the EU
13 Aloul. Journal of Advances in Information Technology, 176-183.
14 O’Connell. Journal of Conflict and Security Law, 187-209.
15 Kirkpatrick. Communications of the ACM, 21-23.
16 Li. Networking legal systems in the networked crime scene.
8
states, the EU's worldwide cybersecurity arrangement is intended to address the ceaselessly
advancing test of ever-growing worldwide digital soundness, and additionally adding to Europe's
key self-rule in the cloud computing.
Since cybersecurity is an international disaster, there is a need among the European nations to
work together by formulating policies that shall be adopted by all the states under the umbrella of
the union. This will ensure that all the nations have worked closely in eradicating the vice
without letting one nation to fall on its knee due to severe attacks from attackers. Developed
nations will help the developing countries by providing gadgets and equipment required in
fighting against cloud related crimes. They will also provide training and skilled manpower to
teach them and help in moving the next step.
The work of the Commission has been fully recognized by the states and in has bared fruits,
they offer guidelines on how to solve different puzzles pertaining the so cyber security. They
formulate policies that have been implemented throughout their states. They have made it clear
that there is need to work in harmony since they all faces a common enemy. Norway, Germany,
Switzerland among other nations have implemented most of the commissions policies including
erecting some of the well-equipped training base and creation of a common market platform. The
fulfilment of these policies has seen most of the success in fight again Wannacry Ransom ware
in which most of the states worked closely with ENISA agency in fighting the malware and
creating public awareness. This made it possible to fight the attack in the shortest time possible
and saving a lot of companies from being exploited.
Norway's regulatory regime for cybersecurity
According to 17 Muller (2016), the Norwegian government has not been left behind in trying to
deal with the cybersecurity mammoth targeting various sectors that relies on cloud computing
and thus has gone ahead to formulate some set guide and regulation to help cloud user from
being exploited by the attackers and at the same time giving them a sense a security due to the
kind of penalties that one should incur if found guilty of such vices.
17 Muller. Conflict in Cyber Space 132-145.
9
advancing test of ever-growing worldwide digital soundness, and additionally adding to Europe's
key self-rule in the cloud computing.
Since cybersecurity is an international disaster, there is a need among the European nations to
work together by formulating policies that shall be adopted by all the states under the umbrella of
the union. This will ensure that all the nations have worked closely in eradicating the vice
without letting one nation to fall on its knee due to severe attacks from attackers. Developed
nations will help the developing countries by providing gadgets and equipment required in
fighting against cloud related crimes. They will also provide training and skilled manpower to
teach them and help in moving the next step.
The work of the Commission has been fully recognized by the states and in has bared fruits,
they offer guidelines on how to solve different puzzles pertaining the so cyber security. They
formulate policies that have been implemented throughout their states. They have made it clear
that there is need to work in harmony since they all faces a common enemy. Norway, Germany,
Switzerland among other nations have implemented most of the commissions policies including
erecting some of the well-equipped training base and creation of a common market platform. The
fulfilment of these policies has seen most of the success in fight again Wannacry Ransom ware
in which most of the states worked closely with ENISA agency in fighting the malware and
creating public awareness. This made it possible to fight the attack in the shortest time possible
and saving a lot of companies from being exploited.
Norway's regulatory regime for cybersecurity
According to 17 Muller (2016), the Norwegian government has not been left behind in trying to
deal with the cybersecurity mammoth targeting various sectors that relies on cloud computing
and thus has gone ahead to formulate some set guide and regulation to help cloud user from
being exploited by the attackers and at the same time giving them a sense a security due to the
kind of penalties that one should incur if found guilty of such vices.
17 Muller. Conflict in Cyber Space 132-145.
9
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
There is coordination between the ministry of justice, the defense and other lawmakers to
formulate policies relating to cybersecurity. Some the responsibilities of these joint teams
include;
To prevent cyber security,
Detect and manage cyber attacks,
Ensure competence in cybersecurity and
Protect critical ICT infrastructure.
I. Preventing cyber security
It is important for any agency to prevent any impending danger before it happens. Norwegian has
equipped well the Agency responsible for dealing with the cyberattacks. 18The agency can be
able to track the network flow and see where there is bleach or where packets are being sniffed
from. They work closely with the cloud providers who are on a lookout in case of any attack
attempt. Their task is to monitor network traffic and in case of any red alarm they move in
swiftly and neutralize the situation before any attack has occurred.
It is always important to work things out before things have fallen apart as this will ease the task
to be done in trying to amend the damage that has been caused. 19Mitigation should always be the
co-thing for any government agency and so is the cybercrime unit.
II. Detecting and managing cyber attacks
At times thing may go out of hands and mitigation process fail, it should not be let go but a more
robust step should be taken to curb it. Bass (2000)20reveal that whenever an attack has been
detected, a swift approach should be taken in order to make good use of the available equipment.
Managing the situation quickly before many falls victim of the same will help minimise the
18 Kuner. Corporate Compliance and Regulation Oxford University Pres.
19 Pfleeger, Caputo. Computers & security 597-611.
20 Bass. Communications of the ACM 99-105.
10
formulate policies relating to cybersecurity. Some the responsibilities of these joint teams
include;
To prevent cyber security,
Detect and manage cyber attacks,
Ensure competence in cybersecurity and
Protect critical ICT infrastructure.
I. Preventing cyber security
It is important for any agency to prevent any impending danger before it happens. Norwegian has
equipped well the Agency responsible for dealing with the cyberattacks. 18The agency can be
able to track the network flow and see where there is bleach or where packets are being sniffed
from. They work closely with the cloud providers who are on a lookout in case of any attack
attempt. Their task is to monitor network traffic and in case of any red alarm they move in
swiftly and neutralize the situation before any attack has occurred.
It is always important to work things out before things have fallen apart as this will ease the task
to be done in trying to amend the damage that has been caused. 19Mitigation should always be the
co-thing for any government agency and so is the cybercrime unit.
II. Detecting and managing cyber attacks
At times thing may go out of hands and mitigation process fail, it should not be let go but a more
robust step should be taken to curb it. Bass (2000)20reveal that whenever an attack has been
detected, a swift approach should be taken in order to make good use of the available equipment.
Managing the situation quickly before many falls victim of the same will help minimise the
18 Kuner. Corporate Compliance and Regulation Oxford University Pres.
19 Pfleeger, Caputo. Computers & security 597-611.
20 Bass. Communications of the ACM 99-105.
10
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
damage. For instance, once the 21ransom WannaCry attack was detected since it used Microsoft
security vulnerability which was found on Windows 7, 2000 and XP, they urged the users to
update their operating system so as to seal the loophole. These agencies should act on the
capacities of software vendors to advise natives on the need to update such kind of software.
They will in return embark on finding the culprits behind the attack so as they can face the law.
In order to fulfil this mandate, agencies from the states came together to brainstorm on what they
should do and how to quickly respond to the WannaCry Ransom ware attack in Bergen in 2017.
This was one of the case that the Norwegian agency was highly involved in carrying the task of
eradicating cybercrimes.
III. Ensure competence in cybersecurity
Agencies and the task forces have to ensure that there is competence in the way network and
Information system is handled. This will minimize the cases of cybersecurity and that users of
the node are able to take caution while on the network. Their mandate is to alert users on the
impending dangers, revert attacks and offer training to the experts and other willing individual.
All the stakeholders gets involved on the way to keep their information safe by being taught
simple tricks like clearing the cache before using public network. This will ensure that every
individual is competent on what he/she is doing.
22Penetration testing of any software, network or website should be done prior to deployment
according to Valli et al. (2014). This shows that the IT experts are sure and competent in what
they are doing and knows well of all dangers that surrounds internet usage. This creates a better
and safe environment for the users and the entire organization to network and store any kind of
information with little worry. They should also ensure that any institutions has better
infrastructures that can be able to withhold any kind of attack with better experts who will be on
lookout for any impending attack.
21 Martin Hankin. Effective cybersecurity is fundamental to patient safety 10.
22 Valli et al. Proceedings of the Conference on Digital Forensics, Security and Law 35.
11
security vulnerability which was found on Windows 7, 2000 and XP, they urged the users to
update their operating system so as to seal the loophole. These agencies should act on the
capacities of software vendors to advise natives on the need to update such kind of software.
They will in return embark on finding the culprits behind the attack so as they can face the law.
In order to fulfil this mandate, agencies from the states came together to brainstorm on what they
should do and how to quickly respond to the WannaCry Ransom ware attack in Bergen in 2017.
This was one of the case that the Norwegian agency was highly involved in carrying the task of
eradicating cybercrimes.
III. Ensure competence in cybersecurity
Agencies and the task forces have to ensure that there is competence in the way network and
Information system is handled. This will minimize the cases of cybersecurity and that users of
the node are able to take caution while on the network. Their mandate is to alert users on the
impending dangers, revert attacks and offer training to the experts and other willing individual.
All the stakeholders gets involved on the way to keep their information safe by being taught
simple tricks like clearing the cache before using public network. This will ensure that every
individual is competent on what he/she is doing.
22Penetration testing of any software, network or website should be done prior to deployment
according to Valli et al. (2014). This shows that the IT experts are sure and competent in what
they are doing and knows well of all dangers that surrounds internet usage. This creates a better
and safe environment for the users and the entire organization to network and store any kind of
information with little worry. They should also ensure that any institutions has better
infrastructures that can be able to withhold any kind of attack with better experts who will be on
lookout for any impending attack.
21 Martin Hankin. Effective cybersecurity is fundamental to patient safety 10.
22 Valli et al. Proceedings of the Conference on Digital Forensics, Security and Law 35.
11
IV. Protect critical ICT infrastructure
There are some of the infrastructures that are so sensitive in any government. They include
23banking, government websites, and airport control system as well as missile launch codes. It is
the work of the government to ensure that they keep these infrastructures against intrusion from
any unauthorized person and that the information is kept confidential. Only should it be accessed
by the right personnel and at the right place while ensuring that the data are always up to date.
24 Ghernouti-Hélie (2010) illustrates the important of having competent and uncompromising
experts in those areas who will safeguard the cloud infrastructures. Strong softwares that are
uncrackable should be put in place and reinforce it with a firewall protection.
v. Outline for fast crisis reaction
The Commission introduces an outline so the EU has set up an all-around practiced arrangement
if there should be an occurrence of a huge scale cross-border digital episode or emergency. It sets
out the targets and methods of collaboration between the Member States and EU Institutions in
reacting to such episodes and emergencies, and clarifies how existing Crisis Management
instruments can make full utilization of existing cybersecurity substances at EU level
In realization of the mandate of a free cybercrime nation, as a member of EU states, the
Norwegian agency is working crossly with the ENISA, an agency within EU that is tasked to
deal with cases involving cybersecurity in order to gain training and the much-required help on
the way to curb the vice. This is in the realization of the need to work with international agencies
and recognizing that the war against cyber security is not a one nation issue but an international
one that requires the attention of each and every individual and work in harmony to create a
cyber security free nations.
ENISA (European Union Agency for Network Information Security)
23 Harrop, Matteson. Current and Emerging Trends in Cyber Operations 149-166.
24 Ghernouti-Hélie. Availability, Reliability, and Security, 2010. AREST0 International Conference 370-373.
12
There are some of the infrastructures that are so sensitive in any government. They include
23banking, government websites, and airport control system as well as missile launch codes. It is
the work of the government to ensure that they keep these infrastructures against intrusion from
any unauthorized person and that the information is kept confidential. Only should it be accessed
by the right personnel and at the right place while ensuring that the data are always up to date.
24 Ghernouti-Hélie (2010) illustrates the important of having competent and uncompromising
experts in those areas who will safeguard the cloud infrastructures. Strong softwares that are
uncrackable should be put in place and reinforce it with a firewall protection.
v. Outline for fast crisis reaction
The Commission introduces an outline so the EU has set up an all-around practiced arrangement
if there should be an occurrence of a huge scale cross-border digital episode or emergency. It sets
out the targets and methods of collaboration between the Member States and EU Institutions in
reacting to such episodes and emergencies, and clarifies how existing Crisis Management
instruments can make full utilization of existing cybersecurity substances at EU level
In realization of the mandate of a free cybercrime nation, as a member of EU states, the
Norwegian agency is working crossly with the ENISA, an agency within EU that is tasked to
deal with cases involving cybersecurity in order to gain training and the much-required help on
the way to curb the vice. This is in the realization of the need to work with international agencies
and recognizing that the war against cyber security is not a one nation issue but an international
one that requires the attention of each and every individual and work in harmony to create a
cyber security free nations.
ENISA (European Union Agency for Network Information Security)
23 Harrop, Matteson. Current and Emerging Trends in Cyber Operations 149-166.
24 Ghernouti-Hélie. Availability, Reliability, and Security, 2010. AREST0 International Conference 370-373.
12
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 18
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.