Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations
Author(s): Michael N. Schmitt
Publisher: Cambridge University Press, Year: 2017
Tallinn Manual on the International Law Applicable to Cyber Warfare
Author(s): Michael N. Schmitt
Publisher: Cambridge University Press, Year: 2013
National Cybersecurity Strategy Implementation Plan
President Biden has made clear that all Americans deserve the full benefits and potential of our digital future. The Biden-Harris Administration’s recently released National Cybersecurity Strategy calls for two fundamental shifts in how the United States allocates roles, responsibilities, and resources in cyberspace:
Biden-Harris Administration Announces National Cybersecurity Strategy
MARCH 02, 2023
Space systems, ranging from satellites to mission control centers, are frequently the target of cyberattacks. Despite
the space industry's technical sophistication, their cybersecurity efforts have lagged behind that of other
high-technology sectors. Evidenced by the prevalence of vulnerabilities and attack vectors that go unchecked, space
Satellite ground systems represent an often neglected aspect of cyber security when dis-cussing Air Force and Department of Defense cyber vulnerabilities. An increasing amount of cyber security research and attacks focus on space ground systems in the form of satellite con-trol, satellite communications terminal hacking, and GPS spoofing. Public evidence exists demonstrating nation-state adversary willingness and intent for attacking these systems. Ground systems find themselves in a gray area of compliance between the two cyber security risk man-agement regulations DoDI 8510 and Committee on National Security Systems Instruction 1253. Both require compliance to security controls, but neither build in the evaluation or mandatory controls necessary for the mitigation of risk. A further examination of private industry standards and theory shows better methods of mitigating cyber security risk via simplifying the security controls necessary, using time-based methods for analyzing controls, and conducting preventa-tive cyber security engineering on new systems for the provision of information assurance.
While physical threats to the U.S. power grid and pipelines have long worried policymakers, cyber threats to the computer systems that operate this critical infrastructure are an increasing concern. Cybersecurity risks against the power and pipeline sectors are similar, as both use similar control systems, and there appears to be a broad consensus that cyber threats to this infrastructure are on the rise. Furthermore, with ever-greater physical interdependency between electricity generators and the natural gas pipelines that supply their fuel, many in Congress recognize that grid and pipeline cybersecurity are intertwined. In 2015, the Fixing America’s Surface Transportation Act (the FAST Act) provided the Secretary of Energy with new authority to protect or restore the power grid during a grid security emergency, including a cyber incident. Congress is considering additional legislation to fund and expand the Department of Energy’s cybersecurity programs.