As a policy analyst, I have chosen to work for a government agency so that I can effectively analyze, evaluate, develop, and implement public policies for the government. The role would also enable me to successfully read, evaluate, and comprehend statistics on existing public policies for government or businesses. The focus as a policy analyst will be on the Cybersecurity Information Sharing Act (CISA) Strategic Plan for the period of 5 years from the year 2024 to 2028 as hired by the employer.
Overview of the CISA Policy
The Cybersecurity Information Sharing Act (CISA) policy outlines a forward-looking vision for safeguarding the future of cyberspace. This policy, when aligned with the national cybersecurity strategic plan, serves as a blueprint for emphasizing innovation, cooperation, and increased accountability in order to create a secure cyber future for the United States at the government and organizational levels (Tran, 2016).
Reason for the Development of the CISA Strategic Plan
The US nation stands at a pivotal moment where innovation, cooperation, and accountability are key to securing the digital future for the United States. The vision outlined for the development of the policy emphasizes certain principles to move forward with a set aim for the future, which include:
The cybersecurity burden should be shared effectively.
Cooperation and collaboration become the default.
Innovation should be shared in resilience, and defence outpaces threats (Sedenberg & Dempsey, 2018).
The reason why this policy was developed in 2015 as a national cybersecurity strategy is to address the evolving threat landscape against cyber intrusions in the process of information sharing. Moreover, this policy aims to enhance resilience and promote secure technology adoption against intrusions in cyberspace.
Implementation of the CISA Policy
Aligned with the national cybersecurity strategic plan, the policy would be implemented to reduce cybersecurity risk through effective actions. The policy or agency recognizes that cybersecurity is a shared journey of collaboration and innovation among government, citizens, industry, and technology providers. Therefore, it should serve as a foundational player in the global cyber community by prioritizing cybersecurity as a fundamental safety issue of the government across the United States. The CISA policy will be implemented as follows:
National Cybersecurity Strategy
To ensure consistency with broader yet comprehensive national cybersecurity objectives.
To make it increasingly difficult and impossible for adversaries to achieve their aims by targeting and attacking the United States and its allied networks.
To complement federal and other international efforts within cyberspace.
It is important to make organizations secure and resilient in order to inherently secure the technology products.
Global Collaboration
To recognize that true and safe security in the cyber area requires international collaborative efforts.
To encourage collaboration across borders to establish a core cybersecurity information-sharing.
Scholarly Journal Articles
The first article that describes the policy is “Cybersecurity Information Sharing Governance Structures: An Ecosystem of Diversity, Trust, and Tradeoffs”, written by Sedenberg and Dempsey. The scholarly article is about greater information sharing within the private and federal government systems. The article addresses the pros of the CISA policy while establishing collaboration with the existing information-sharing networks, as well as the cons of the policy failing to address challenges such as trust building in the cybersecurity realm associated with sharing information. The article also reflects how the diverse ecosystem of information-sharing models through cyberspace works together and independently to create a taxonomy of governance and public policies (Sedenberg & Dempsey, 2018).
The second article, “Navigating the Cybersecurity Act of 2015”, written by Jasper Tran, describes the CISA Act of 2015, a federal law that aims to facilitate information-sharing on threats in the cyber arena while enhancing cybersecurity measures. The article provides a comprehensive overview of the main provisions and implications of the act, and part 1 of the article encourages private and federal entities to share defensive measures for cyber threat indicators. Part 2 of the article mandates numerous cybersecurity assessments for federal agencies while providing liability protections. Parts 3 and 4 highlight the weaknesses and strengths as well as develop a voluntary framework for future improvements in cyberspace (Tran, 2016). In a nutshell, the article acknowledges CISA as a perfect solution to address complex and evolving cyber challenges and a significant step forward for US cybersecurity.
The third article related to the CISA policy is “The Impact of Information Sharing Legislation on Cybersecurity Industry” written by Yang et al. which briefly addresses how government organizations and agencies “disseminate cybersecurity threat information to the private entities” (Yang et al., 2020). The article leverages the 2015 act of CISA and its overall impact on information sharing to observe attitudinal changes in organizations toward investing in cyberspace.
Conclusion
The shared journey as a policy analyst in the government sector towards a secure digital landscape needs recognition of the high stakes as the US nation relies on technology for essential services. Therefore, by aligning with CISA’s strategic plan while assuming the role of a policy analyst, I aim to create a future where cyber organizations are resilient, cyber intrusions are rare, and technology products are inherently safe.
References
Sedenberg, E. M., & Dempsey, J. X. (2018). Cybersecurity information sharing governance structures: An ecosystem of diversity, trust, and tradeoffs. arXiv Preprint arXiv:1805.12266.
Tran, J. L. (2016). Navigating the Cybersecurity Act of 2015. Chap. L. Rev., 19, 483.
Yang, A., Kwon, Y. J., & Lee, S.-Y. T. (2020). The impact of information sharing legislation on the cybersecurity industry. Industrial Management & Data Systems, 120(9), 1777–1794.
Cite This Work
To export a reference to this article please select a referencing stye below:
