Understanding and addressing risk within the cyber security area of practice is a continuous and dynamic process. As new protective measures, technologies, laws and policies are created, threats and new attack profiles are developed and executed. The relationship between cyber protection activities and the adaptation of new cyber threats takes on the appearance of a spiral development where one seems to feed off the other. Caught up in this constant struggle are the need to protect people, critical infrastructures, and those in the role of protecting others (public safety, law enforcement, emergency management services, health care, public works, etc.).
The National Cybersecurity Act of 2015, and the resulting policies and frameworks, go into detail about how the federal government will respond to cyber threats and incidents. Within the same set of laws, policies, and frameworks, it seems that individual freedoms and protections seem marginalized in favor of protecting, responding to, and recovering from the negative effects of cyber related incidents for government and private sector organizations. Is this a valid observation? Consider areas related to the use of data, applications, personal information, and geo-tagging individuals, and provide at least 3 examples from the readings in this Unit (and your own research) that validate or dispute this observation.
1 PARAGRAPH & 3 REFERENCE