Legal Aspects of Cybersecurity Artur Appazov

Download 1,04 Mb.

Pdf ko'rish

bet	26/34
Sana	13.06.2022
Hajmi	1,04 Mb.
	#665529

1 ... 22 23 24 25 26 27 28 29 ... 34

Bog'liq
Legal Aspects of Cybersecurity

7

Technical Solutions
There are two basic technical strategies for critical systems protection – (i) defending the
system from the internet risks while the system stays online, and (ii) air gapping the
system and the general networks, that is a disconnection of such critical systems from the
internet entirely by the authorities.
160
Such proposals have recently been popular with
some politicians in light of the developments with the US National Security Agency leaks.
7.1

Defense and Monitoring Systems
The US government partially guards its computers and networks with an intrusion
detection system nicknamed ‘Einstein.’ The Einstein software is designed to conduct real-
time surveillance on, make threat-based decisions on, and provide an intrusion prevention
system for any activity taking place in certain government computer networks. In
performing these functions, Einstein shares information and cooperates with the
Department of Homeland Security and the National Security Agency. Thus, currently within
its own network, the US government closely coordinates among departments, wipes
personally identifiable information from shared cybersecurity data, and operates on a real-
time response basis.
161
As for defense systems for the private sector, or maintaining cyber-hygiene, many
cybersecurity experts believe that basic cyberhygiene is a simple and logical first step in
corporate cybersecurity. Estimates suggest that good cyberhygiene could prevent up to
eighty-five percent of cyber-intrusions. Rather than waiting for legislative mandates to
spur corporate cybersecurity spending, corporations would be wise to consider whether
some proactive investments in basic cyber-hygiene are warranted as part of their basic
159
Id. at, 1707-1708.
160
Thompson, T
EXAS
L
AW
R
EVIEW
, 494 (2011).
161
Kelly, B
OSTON
U
NIVERSITY
L
AW
R
EVIEW
, 1684-1685 (2012).

47
corporate responsibility. However, even basic cyberhygiene, let alone sophisticated
software such as Einstein, is expensive, if not costprohibitive, for some companies.
162
If not subsidizing private sector in equipping private sector with cost-prohibitive defense
systems, an important source component for developing technical solutions for the private
sector can be seen in identification of vulnerabilities, security breaches and potential
hazards. This can be achieved by communication crucial findings on vulnerabilities to the
network owners and the private sector.
163

Download 1,04 Mb.

Do'stlaringiz bilan baham:

1 ... 22 23 24 25 26 27 28 29 ... 34