The United States currently faces numerous national security threats. Extremism and international terrorism have flourished in many dimensions across the globe, which has threatened warfighters, allies, and homeland security. Regional disputes have severe impacts on the country's interests. Hostile states and terrorists seek to acquire tools for mass destruction, such as many illegal drugs smuggled into the nation annually. The latest threats the country is facing and perhaps rapidly growing are cyber threats. Cyberterrorism to the United States and its economic security is tremendously increasing every year regarding frequency, dimension, and severity of the impact. Cyberterrorists, hackers, and international adversaries are sophisticated and possess the maximum capability to utilize the internet for harmful reasons. The country depends heavily on the internet through communication, banking, online shopping, and storage of sensitive personal information. Companies, educational institutions, and governments have access to the internet to carry out their daily activities. Cyberterrorism and its prevalence are detrimental to the economy, and the Department of Homeland Security should develop distinct strategies that will curb crime rates.
National security relies heavily on resilient and stable cyberspace. This is because the country depends on the increased range of present networks for communication, running economic frameworks, and other governmental activities. Despite the numerous initiatives from the Department of Homeland Security to offer security, there are increasing types of cybercrimes (Karaman et al., 2016). They include cyberattacks, intrusion, exposure to confidential data belonging to companies, individuals, government, and interferences with vital activities. Department of Homeland Security and Emergency believes that cyberspace must be secure and resilient by adopting holistic management approaches. However, the rate of organizational vulnerabilities is constantly increasing, and there should be efforts to make the cyber system more fundamentally stable and resilient.
Delegate your assignment to our experts and they will do the rest.
Research Question
Are homeland security strategies effective in offering cybersecurity and privacy protection?
Hypothesis
Null hypothesis: The Department of Homeland Security is effective in cybersecurity and privacy protection by adequately preparing the country for any form of cyber threat through advanced technological transformation.
The Department of Homeland Security plays a fundamental role in providing security to federal and state governments and individual cyber ecosystems. The department offers protection through a partnership with private companies from critical sectors such as financial companies, chemical plants, and other essential utilities in government and private organizations. The DHS is also responsible for releasing cyber alerts and thorough research on cyber criminals to ensure maximum national security (Kessler & Ramsay, 2013). Also, it offers educational programs to both public and private organizations by constantly training them on the multiple ways to be safe online. This training is vital because it initiates efforts of searching solutions to cyber threats. The educational programs act as shared accountability among the nonprofit agencies, private organizations, and unrestricted areas because they all come together to ensure that cyberspace is secure.
Additionally, the DHS also has unique security programs to protect cyber ecosystem. One of the programs is referred to as "Stop. Think. Connect Program" that was implemented in 2020. The campaign creates public awareness to curb cyberterrorism. Additionally, it ensures that people recognize issues associated with cybersecurity. When the public is empowered, they will address such challenges efficiently by utilizing of present resources and action. The department has also developed the Campaign Cyber Awareness Coalition. The program enables the public to have a chance of responding to threats of cybercrimes (Ani et al., 2019). Through its highly effective programs, the department can prevent potential losses through cyberterrorism investigation and associated charges.
Research Variables
Study Variable #1: Security compliance behaviors (independent variable)
Study Variable #2: Security programs (dependent variable)
Study variable #3: reporting procedures (independent variable)
Security Compliance Behaviors
The Department of Homeland Security has implemented many security compliance behaviors. Data breaches are rapidly growing in the 21st security. Potentially dangerous information breaches have occurred severally over the past years. Security compliance behaviors are the degree to which organizations and employees adhere to recommended guidelines to avoid cyber threats. Employees in the organizations have been found to the weakest part when it comes to cybersecurity (Kessler & Ramsay, 2013). These weakest links in the security chain harm the organizational reputation, lower the trust between the organization and its clients, and has no concrete step to safeguard the privacy of its clients. This aspect also undermines the work of the DHS because employees do not follow the rules and regulations of cybersecurity. Security compliance behaviors are essential because the workforce can keep track of sensitive information and develop the ability to access and modify data in a streamlined method. Hence, it is important or assess workforce behaviors and determine their compliance with security responses to hackers and cybercriminals.
Security Programs
Security programs demonstrate that the cybersecurity culture in a company and how they manifest themselves in individuals with information technologies. Cyberspace and its related infrastructure are vulnerable to a broad range of threats from both physical and online dimensions. Currently, sophisticated cybercriminals are determined to steal valuable information to disrupt, harm, and threaten the delivery of essential services by the DHS. The variables focus more on how agencies such as the DHS have integrated information security tools and cyberspace awareness into daily operations and workforce behaviors. The DHS has continuously partnered with vital infrastructure owners and organizations to ensure that the delivery of vital services duties is met (Dawson et al., 2021). This framework involves creating awareness among organizations and their employees because cybersecurity is usually in the workforce's hands. Additionally, the DHS has continuously collaborated with organizations and private individuals to create efficient cyberspace policies and best procedures voluntarily. When these policies are correctly implemented in the organization, the employees will decrease vulnerabilities and enhance resilient critical infrastructure.
Reporting Procedures
The reporting procedures as a variable demonstrate how individuals and organizations react after a cybersecurity attack. Reduced market values and reputation damages have been found as the essential concern in the event of a cyber-security incident. The circumstance shows that concrete reporting procedures for cyber terrorism incidence should revolve around maximum collaboration with the law enforcement officers. It will ensure cyber breach information is collected through the report to recognize and protect valuable information (Maugham et al., 2015). The DHS has provided multiple channels through which incidents can be reported, evaluated, tracked, and record to ensure that assets and critical infrastructure are safeguarded. The organization is urged to notify the DHS and follow the guidelines of the response team. In terms of reporting structures, organizations and individuals are urged to report any suspected hacking or intrusion attempts, cyber harassment, suspicion of password compromise, and other violations of technological policies.
Literature Review
Cybersecurity and privacy protection can be understood as procedures, programs, and initiatives adopted to safeguard the networks, information and infrastructure, and data of individuals and organizations from attacks and damages from unauthorized people. It can be defined as information technology security. According to Pernice (2018), resilient cybersecurity is essential for the growth and development of organizations and individuals today. However, privacy protection is still limited and is impacting corporate data negatively due to frequent cyber threats. It is the main reason cybersecurity is essential, but due to existing challenges, some strategies on how to meet to increase the effectiveness of the frameworks. The authors argued that some challenges that have been found include lack of sufficient funding to relevant agencies, inadequate awareness about the cyber threats and cybersecurity, vulnerable digital information, ignorance of the impact of cybercrime by the organizations, and interconnections of supply chain management.
The cybersecurity of vital frameworks is a crucial area within national and international security. According to Dawson et al. (2021), 16 critical infrastructure areas affect several dimensions of American societies. Any slight failure to offer adequate cybersecurity management within these crucial sectors renders the nation open to cyber-attacks that could cause devastating impacts on security, the country's public health and safety. The authors argued that DHS is confused about cyberattacks on vital infrastructure. For instance, there are concerns in areas like supervisors' control and data acquisition systems. These systems are responsible for monitoring the systems and other procedures within the main critical infrastructure areas. Despite many efforts to mitigate cybersecurity issues, the study found current events from the worldwide pandemics that have created numerous challenges to the country. There have been many threats because of the high rise of hackers, cybercrime organizations, and hostile states. These groups aim to destroy the infrastructure systems by altering or adding code in such frameworks. This, in turn, adversely manipulates activities with the aim of information leakage, over infrastructure failure, or the real disruption of these systems. The main example is where the cybercriminal injects malware into a power grid system. With this unauthorized access, the hackers will manipulate electrical power processes and shut the entire grid down.
The United States' critical infrastructures such as transportation, food, water, financial activities, healthcare, energy distribution, and emergency services entirely relied on the flow of reliable information. Therefore, it makes information systems the subject of attention for most agencies. According to Kessler and Ramsay (2013), DHS is continuously working to ensure that all the vital areas are protected. The department believes that there should be the latest ways of doing things, understand, and develop strategies to ensure a concrete country's response to cyberattacks. The authors argued that there should be a change in educational approaches to cyberattacks. In a similar study, Benzel (2015) argued that DHS had constantly been holding national dialogues on a trusted cyber future. The main goals of the conferences are to gain the cyberspace community's responses and reactions that could improve the DHS's Science and Technology Divisions and the federal cybersecurity research and development. The authors commented that the relevant agencies are finding areas of research that do not require prioritization and the objectives that were not present in the past strategic plans. Additionally, the authorities are searching for innovative technologies that could improve digital infrastructure's security, resiliency, and reliability.
People are currently living in interconnected environments with smart technologies and appliances in cyberspace. Arguably, cybersecurity has taken a different role as one of the emerging planning factors. In another study, Karaman et al. (2016) found that institutional cybersecurity begins at the governmental or strategic level down to the personal level. The strategies also require different techniques, tools, and objectives. In these dimensions, cybersecurity implies that it takes place between the government and personal level. At the governmental level, cybersecurity procedures include providing national cybersecurity strategies, documenting them, and establishing a center or the response team to assist in the broad coordination of the cyber incidence. The authors argue that institutional cybersecurity procedures are vital to ensure essential standards form clear roadmaps that transparent address all the possible cyber-attacks and the procedures during the incidences. However, Karama et al. (2016) concluded that there are still unique growing issues regarding cybersecurity. It includes lack of cyber human resources and employees, inadequate strategy and tools, increasing utilization of social sectors and open-source intelligence, and metadata initiatives.
Cybersecurity requirements force public authors worldwide to deal with two strong values that often conflict: transparency and privacy. According to Macmanus and Caruson (2012), there should be clear guidelines for cyberspace. They carried out an e-survey of Florida Country government authorities to evaluate the type of information about people and public workers that are most hard to safeguard. They also assessed interest groups such as nonprofit organizations and private agencies that act as watchdogs. The authors wanted to understand critical actions administrators view as vital to promote a balance between transparency and privacy. The outcomes demonstrate intense cross-pressure and maximum difficulties in safeguarding citizens' personal information, healthcare records, and financial information than in safeguarding workforce information. Informational technology officials and their teams are active because they are responsible for tracking privacy protection. The authors concluded that adequate funding workforce, resources and training, and essential needs must balance privacy protection and transparency in cyberspace policymaking. In a similar study, Maugham et al. (2015) argued that there should be the latest and innovative cybersecurity initiations to ensure that information system and other critical infrastructure are stable and resilient. The implemented technologies must also meet the requirements of information technology officials and be present through methods acceptable to such professionals. The authors found that the DHS has developed research and development centers and continuously fund top researchers, academicians, governmental organizations, and other industries to develop new cybersecurity technologies.
On the other hand, in a highly competitive environment, cybersecurity has threatened many organizations. According to Ani et al. (2018), numerous recorded cyber-attacks have effectively exceeded the technical security aspect by exploiting human-factor vulnerabilities. Cybercriminals are more skilled and knowledgeable when it comes to the manipulation of human factors. They can also have access to vital industrial assets. Ani et al. (2019) proposed that government should consider a quantifiable approach to determine cybersecurity ability aptitudes of industrial human elements. Agencies must also address the minimal security-capable workforce in the operational domains with the maximum susceptibility to cyber-attacks. With this in place, it will ensure that there is an improvement of security assurance. The approach is referred to as the Human-factored Cyber Security Capability Evaluation technique, which enables the organizations to gain excelled staffing that will be security-conscious, alert, and with maximum response aptitude.
Analysis of the Research Question and Hypothesis
The literature review clarifies that the Department of Homeland Security has been taking several initiatives to counter-terrorism. However, from Ani et al. (2018), there have been many issues facing the unit in effectively ensuring that cyberspace is secure and resilient. Therefore, the Department of Homeland Security has not effectively implemented strategies to provide cybersecurity and privacy protection. In terms of leading and coordinating the homeland security unit, it has made essential efforts to offer leadership and manage cybersecurity initiatives among its stakeholders. However, the department should take extra actions to develop effective partnerships with other agencies such as nonprofit organizations and private firms. With this in place, it will strengthen sharing and use of information, which has affected its capability to comply with cybersecurity effectively (Ani et al., 2019). For instance, the expectation of private firm stakeholders has not been met by the DHS and its federal agencies in place regarding the distribution of information regarding cyber threats to critical infrastructure.
The security programs within the DHS must implement and integrate management procedures are still limited. Although the department has improved in its management duties and still has the initiative to improve actions for excellent results, the unit has not always been effective in executing and integrating the security procedures. The department has shown utmost leadership dedication and started to launch strategies to tackle its management issues. However, these problems have contributed to slow cyber threats response, and reduce many losses to cybercrime and performance issues in several security programs to deliver essential mission abilities such as a program to detect any slight fluctuation in the electrical power grid. From the literature analysis, it is transparent that the department is still facing workforce problems. The DHS does not have sufficient skilled employees in many departments. For instance, in acquisition management, the unit has not yet developed a comprehensive financial management framework, affecting its capability to have ready access to reliable data for informed decision-making.
Additionally, from the literature review, the department has not strategically managed risks and effectively accessed homeland security initiatives. Cyber-attacks are evolving, which has posed a significant problem to the department. Cyber threats have to be mitigated immediately at they occur. However, due to inadequate security and strategic programs and planning, the department will find it had to strategically meet the needs of organizations and individuals. On the same note, the department is also facing issues ensuring that information systems and infrastructure effectively support the unit workforce. Personnel is forced to utilize ad hoc techniques because of systems limitations due to limited funding and guidance. The literature review has demonstrated that the DHS has not implemented the latest technologies to improve the ongoing IT modernization initiatives.
Pernice (2018) demonstrated that the department still faces issues to enhancing the quality of cyber threat information it distributes across federal agencies and private sector organizations. The aspect was attributed to several issues such as a limited number of people distributing the cyber indicators, delays in getting cyber threat intelligence guidelines, and the aforementioned insufficient office personnel. Additionally, a large organization such as the DHS faces management issues because managing information systems and finding solutions for separate systems to work together can be daunting. Achieving this while still performing other government mandates implies that the stakes can be higher, and the adverse effects of cyber threats can be more widespread.
Lastly, the review has demonstrated a wide gap between transparency and privacy between the agency and citizens. There are concerns that the department has its likelihood of invading the privacy of individuals. Currently, the agency has accepted private data such as e-mail, credit cards, banking records, and travel documents. They also combine individual information such as data from phone organizations, internet service providers, and private companies (Benzel, 2015). Privacy protection and assurance are still limited because private personal information still lands in the hands of cybercriminals.
Conclusion
It is clear that the United States still faces constant and rapidly growing sophisticated malicious cyberterrorism that threatens the public organization, private industry, and citizens' privacy and security. The Department of Homeland Security has continuously enhanced its initiatives to detect, safeguard against, and react to these activities perpetrators. The unit has also keenly evaluated what took place during any real cyber incidents and apply lessons learned. But cybersecurity needs more than government actions. There should be a successful partnership with private industries. On the other hand, the private sectors must adapt to the constantly altering threat environment, ensuring its tools are created and operate securely and partner with the DHS to enhance more resilient cyberspace. In the end, the trust that people place in the digital infrastructure should be directly correlational to how trustworthy and transparent that the digital space is and the impacts that people incur if cyber threats happen. To avoid more issues such as insufficient personnel, lack of funding, and management problems, it should constantly involve the relevant stakeholders to prioritize vital cybersecurity responsibilities to tackle essential areas first. The unit should also perform country cyber threat evaluation, establishing the strategic plans for cybersecurity such as response plans and other vital internet roles. Additionally, the department should recognize performance tools and milestones to achieve its prioritized function and address essential issues by tracking organizational progress. The Department of Homeland Security is a large organization and should form the National Cyber Security Division to create priorities for addressing underlying issues.
References
Ani, U. D., He, H., & Tiwari, A. (2019). Human factor security: Evaluating the cybersecurity capacity of the industrial workforce. Journal of Systems and Information Technology , 21 (1), 2-35. https://doi.org/10.1108/jsit-02-2018-0028
Benzel, T. (2015). A strategic plan for cybersecurity research and development. IEEE Security & Privacy, Security & Privacy, IEEE, IEEE Security. Privacy , 13(4), 3–5. https://doi-org.proxy-library.ashford.edu/10.1109/MSP.2015.84
Dawson, M., Bacius, R., Gouveia, L. B., & Vassilakos, A. (2021). Understanding the challenge of cybersecurity in critical infrastructure sectors. Land Forces Academy Review , 26 (1), 69-75. https://doi.org/10.2478/raft-2021-0011
Karaman, M., Çatalkaya, H., & Aybar, C. (2016). Institutional cybersecurity from military perspective. International Journal of Information Security Science , 5(1), 1–7. https://search-ebscohostcom.proxylibrary.ashford.edu/login.aspx?direct=true&db=a9h&AN=118158771&site=eds-liv &scope=site
Kessler, G. C., & Ramsay, J. (2013). Paradigms for cybersecurity education in a homeland security program. Journal of Homeland Security Education , 2(1), 35. https://core.ac.uk/download/pdf/217158212.pdf
Macmanus, S. A., Caruson, K., & Mcphee, B. D. (2013). Cybersecurity at the local government level: Balancing demands for transparency and privacy rights. Journal of Urban Affairs , 35 (4), 451-470. https://doi.org/10.1111/j.1467-9906.2012.00640.x
Maughan, D., Balenson, D., Lindqvist, U., & Tudor, Z. (2015). Government-funded R&D to drive cybersecurity technologies. IT Professional , 17 (4), 62-65. https://doi.org/10.1109/mitp.2015.70
Pernice, I. (2018). Global cybersecurity governance: A constitutionalist analysis. Global Constitutionalism , 7 (1), 112-141. https://doi.org/10.1017/s2045381718000023