Page 25 - Cyber Warnings
P. 25
US GOVERNMENT EMPLOYEES MUST USE GOVERNMENT EMAILS FOR ALL PURPOSES,
IN FULL COMPLIANCE WITH EXISTING LAWS
While employed by the US Government, all US Government personnel MUST NOT have any other
email accounts outside of .mil or .gov until they have been discharged of their US Government
duties and position, see 18 USC 1924 and 18 USC 793 as well as 44 USC Chapter 31, the Federal
Records Act, and the Freedom of Information Act (FOIA), 5 U.S.C. § 552.
BLOCKING US GOVERNMENT TRAFFIC INCLUDING OUTBOUND FILE TRANSFERS TO
CHINA, RUSSIA, IRAN, NORTH KOREA and other high risk or ENEMY NATION STATES
While US Government employees and our military may visit, study, learn and review web sites
outside of the USA, the transfer of all files and records to these nation states should be blocked at
US Government firewalls and routers, unless there is a classified project which has been properly
vetted by the FBI, CIA or NSA or DoD and for a project specific basis only. Data leakage from
within the US Government to these countries will be blocked.
EXPANDED FUNDING FOR CYBER DEFENSE TRAINING AND STAFF
We should dramatically increase funding for Cyber Defense Training throughout the US
Government. We should hire staff of a skill set comparable or beyond that of our enemies who wish
us harm, through acts of cyber war, cyber espionage, cyber-crime and cyber terrorism. They will
become the new leaders in expanding our cyber defense strategies and capabilities, both in military
and civilian roles.
With North Korea’s current cyber army measuring 6,000 members, about double the size of
Russia’s cyber army, Iran of equal size, China slightly larger, we need to out manpower them and
out think them in our cybersecurity capabilities.
Therefore, our goal should be to build a cyber-army of 10,000 strong by 2020, larger than any other
cyber army, with a focus on protection, defense and peace keeping over cyberspace.
NATIONAL CYBERSECURITY STANDARD FOR PUBLIC COMPANIES AND CRITICAL
INFRASTRUCTURE
Just like retailers must comply with the Visa Payment Card Industry Standard (PCI), a similar
standard should be created for all Public Companies and those deemed to be part of our Critical
Infrastructure (transportation, food, water, energy). Rolled up in their quarterly public filings should
be network audit and breach results for all citizens and investors to see.
This new National Cybersecurity Standard should be based upon similar requirements to the PCI
standard as well as the internationally accepted ISO27001. Measurements of network risk should
25 Cyber Warnings E-Magazine – January 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
