Do you agree or disagree with the following responses. If so, why or why not. Please provide at least 1 reference each in APA format.

1. The Internet has brought about changes in how we communicate, do business, and even on how we study. Before the Internet we would not have been able to attend this class from remote parts of the world as we are able to do now. The ease of communication brought to every corner of the world is continuing to change how old norms are carried out. Some might consider this an evolution of communication, some might consider it a revolution (CSEC 670).

   The Internet has not only brought about a revolution in communication. In some cases the Internet has facilitated actual revolution. After the uprisings and revolutions in Tunisia, Yemen, Libya, and Egypt, Elmorshidy (2011) is referring to the Internet as very powerful tool which can be used toward social change. Is social change always good? It depends on who’s in charge. Can unfettered texting, FaceBook and Twitter creating havoc in the streets be considered a security risk? Only if it’s your regime in danger of toppling.

1. If the cybersecurity landscape is defined by its problems, as the question is worded, then I believe cybersecurity is essentially risk management and everything that encompasses the expectation of safety in cyberspace.  To put it more clearly, cybersecurity can be thought of as an organizational optimization process in respect to the identified risks to which it is exposed (Bosworth, Jacobson, 2009).  This definition embraces all threats and issues related to cyberspace.

In regard to the second part of the question, there are many aspects under the cybersecurity discipline umbrella which make it possible to answer yes to any number of viewpoints in so as long as it pertains to security in cyberspace.  In one of our readings it states that a recent study found that there are at least 28 different definitions for cybersecurity (Kramer, Starr, Wentz, 2009). While this might be daunting to some, the main thing to remember is that all of these definitions should be viewed as aids to policy making and not limited by them (Kramer et. al., 2009).

1. The definition of Asymmetric, just as the as the definition for cybersecurity is not a clear-cut straightforward definition and it varies by who and when it is used. (Gray, 2002) asymmetric threat can be defined and associated with the acts of attacking cyberspace with unconventional low-cost means and inflicting the most damage.

An approach that I find dynamic and effective in defending against asymmetric threats is the Asymmetric Threat Assessment Tool (ATAT), the illustration of how this tool operates by (King, Schmill, & Hannon, 2005) the ATAT is a tool that was designed and developed for government and military agencies as a mitigation process for secondary effects of asymmetric threats and attacks. Just like many cyberspace threats and attacks one cannot completely protect against these threats and attacks. (King, et al, 2005) what every stakeholder should have in place is an effective mitigation process in place that would minimize or eradicate the threat or attack by providing a functionality platform that would allow the enterprise to get back to normal business slowly, but surely.

1. In order to entertain the application of the Westphalian model to cybersecurity, you must first believe that the digital domain is a critical asset worthy of state protection. For the United States, the answer seems to be a resounding yes. President Obama declared cyberspace a “strategic national asset” and the Department of Defense issued guidance in a 2011 report to Congress outlining a national military strategy for cyberspace (Defense.gov, 2011). Additionally, we now have a Cyber Command tasked with not only defending but attacking other countries in cyberspace. From the international front, Iran boasts of having a cyber-army and Russia, Israel, and North Korea have all issued declarations regarding the defense of their cyberspace (Maher, 2013).

Accordingly, nation states continue to identify their digital domains as sovereign and defined by territorial boundaries, bringing them squarely into the Westphalia model. Within this model, autonomous states, their borders and resources are protected under various international laws, treaties, and accords. If your cup is half full, you can see the obvious benefits offered by shared international laws. Credit card fraud or identity theft against US citizens, carried out by organized crime in Romania, can be prosecuted using similar extradition treaties already in place (Demchak, Dombrowski, 2011).

However, many consider international law irrelevant with regards to cybersecurity; specifically when considering the use of force (Demchak, Dombrowski, 2011). There has been more than one example where one nation state has attacked the cyber infrastructure of another and international outrage was muted at best. From Georgia and Estonia to the targeted launch of Stuxnet, nations have proven more than willing to substitute cyberspace ‘warfare’ for actual boots on the ground (Rand, 2013). Like the fledgling borders constructed by the 1648 Peace of Westphalia, the creation of conditions that allow cybersecurity to be globally effective can eventually bring stability to this new domain…but it will take time and only time will tell.