Some argue that government should stay out of the cybersecurity industry because part attempt to regulate it have failed. New cybersecurity standards for government and the private sector have recently been rolled out: “The aim of the NIST directive guides organizations to establish their own best practices instead of forcing their hand with regulation, a government tactic that proved disastrous in the past” (Serrao). New government guidelines have encouraged better cybersecurity policy in the private and public sector. This new strategy is to provide a baseline for basic cybersecurity needs. Investment in cybersecurity is increasing,but not at a fast enough rate:“Its expected that global cyber security expenditure is to increase by 7.9% and …show more content…
Based on the data, the amount being spent on cybersecurity is worth about the same as a twentieth of the damage being done. In any case the need for more investment is imperative and at this current level is more symbolic than an actual solution. The establishment of basic norms will create a much more stable system: “Ultimately, regulations forbidding all types of attacks aren't realistic, or even possible. But there are plenty of attacks that we know how to prevent, and aren't even all that complicated to prevent. Application security regulations should at least provide guidelines about how to avoid the most common and preventable types of attacks” (Wysopal). The fact that there are attacks that we have the ability to stop and do not is a testament to how broken the system is. Basic guidelines for organizations to follow would go a long way to stopping some of these …show more content…
The end goal of Cybersecurity is to be a 100 percent successful: ‘The manifold successes of cybersecurity remain a secret, while the bad guys need to score only one time to hit the headlines. The deceptive and self-serving nature of this rhetoric is plain when one considers that, like safety in an elevator, only 100% success is actually acceptable; anything less denominates the entire system as a disaster” (Cameron). Part of the reason that cybersecurity programs are unsuccessful is that in order to be success they must stop 100 percent of threats. This is difficult because today’s threats are ever changing and wide ranging. There have been some improvements in cybersecurity policy in the last decade:“Such as streamlining response channels and intelligence sharing, increasing the security of government networks, and outlining more explicit thresholds for retaliation” (Hennessey). Through the establishment of strong protocols and guidelines, the United States has began to move in the right direction. Unfortunately, much more commitment and invest is need to insure even basic protection from cyber attacks. The lack of strong cybersecurity and responses to attacks have made the United States look weak in the eyes of other nations:“Attacks on government networks themselves have also failed to elicit a strong response, a further blow to