Risk Modeling Pervasive on Security Management Professions Questions Respond / react to the attached postEach response is in 250 or more words. What more c

Risk Modeling Pervasive on Security Management Professions Questions Respond / react to the attached postEach response is in 250 or more words. What more can you add / agree or disagree Why has risk modeling become pervasive in the security management professions? Why do
you believe that MSRAM has become a favored Risk Management tool? Support your
answer with the readings.
On to week 7! From the reading, I believe a significant driver for risk modeling in security
management professions is the threat of terrorism. In his opinion piece, Daniel Benjamin claims
‘terrorism is a problem of small numbers and large consequences.’ He argues that despite
statistical analysis showing a sharp decline in terrorism deaths since 2001, we’re a long ways
away from eliminating the threat overall. This is because going off number of deaths alone
doesn’t account for the numerous other factors that contribute to the overall threat of
terrorism. This includes recruiting, and non-qualitative factors such geopolitics and long term
strategies (Benjamin, 2008). Now…go ahead throw in a now more than ever persistent cyber
threat. Terrorist groups such as ISIS not only exploit information and messaging through cyberattacks, but they even have Twitter accounts for recruitment!
In the FEMA risk assessment guide, terrorist activity is a consistent threat considered across the
board for infrastructure and people, as well as the vulnerability ratings of weaknesses that could
be exploited by terrorism. Factors such as known existence, capability, history, intentions, and
targets are all considered, which I believe makes sense. Different terrorist groups have different
targets e.g. ISIS compared to Boko Haram. Mix in the cyber threat, which according to FEMA’s
risk assessment guide should be something to strongly consider, like in a site functional preassessment screening matrix. In last week’s assignment, the Multi-Criterion excel sheet brought
merit to evaluating and comparing the risk for multiple threat attack vectors to critical
assets. Risk modeling is helpful, not just for government agencies responsible for the security
and safety of critical infrastructure and people, but for businesses and corporation with assets of
value that may be at risk. Over the past few weeks, we’ve reiterated that common theme across
risk modeling, which is more or less a continuous loop and review of identifying assets of value,
analyzing the threats and vulnerabilities to those assets, prioritizing actions, and measuring
effectiveness. Just as the government/military utilizes risk modeling to protect classified
information in the name of national security, rest assured big corporations do the same to protect
sensitive proprietary and trade information.
The Maritime Security Risk Analysis Model (MSRAM) has been utilized by the Coast Guard
throughout its operational and strategic levels, initially designed to better understand and
mitigate risk of terrorist attacks to ports and waterways. As we saw in last week’s assignment,
MSRAM through multi-criterion assessment defines risk as threat x consequence x
vulnerability. I’m glad to see that the Coast Guard actively sought input from leadership from all
levels of command to help determine their overall value system. I believe the MSRAM has been
viewed as a favorable tool for a number of reason. First is the backing by the DHS and DHS
oversight. Conveniently, the Coast Guard is a component of the DHS and leads the country in
our maritime border security. Second is that the Government Accountability Office found that
the MSRAM generally aligns with DHS risk assessment criteria, as well as the National
Infrastructure Protection Plan. With DHS taking lead on overseeing the protection of the sixteen
critical infrastructure sectors, it’s no surprise that MSRAM is a favorite risk management
tool. MSRAM is incredibly detailed, and a good mix of quantitative and qualitative
analysis. The Government Accountability Office’s report in 2011 essentially praises the
program, but recommends more documentation, and a stronger review of assumptions and other
sources of uncertainty. It makes sense – a powerful risk management tool such as MSRAM can
only benefit security professionals more with more historical and relative information to draw
from.
Thanks for reading!
Vince
References
Benjamin, Daniel. (2008). What statistics don’t tell us about terrorism. Brookings. Retrieved
from https://www.brookings.edu/opinions/what-statistics-dont-tell-us-about-terrorism/
Government Accountability Office. (2011). Coast Guard: Security risk model meets DHS
criteria, but more training could enhance its use for managing programs and operations. GAO12-14. Retrieved from https://www.gao.gov/products/GAO-12-14
I want to clarify what the word “military” means in the question, “Should the military be the only
one in the US government carrying out this role?” CYBERCOM is a military
command. Everyone who works for cyber command is considered a military entity, because the
Department of Defense (DoD) pays their salary. Any actions they take is considered a military
action. There has been talk of privatizing the work done at CYBERCOM.
The United States government has privatized the physical war so why should they not privatize
cyber war? The DoD already works with the private sector in the cyber security realm (U. S.
Government 2015, 2) The United States uses government contractors, i.e. companies like triple
canopy and blackwater, in the ongoing war against terror. While some results from privatizing
traditional war have been mixed, it does not mean that it is not something that should be
considered.
The National Cyber Strategy of the United States of America elaborates about the importance of
the relationship between the government and the private sector, “The responsibility to secure the
Nation’s critical infrastructure and manage its cybersecurity risk is shared by the private sector
and the Federal Government. In partnership with the private sector, we will collectively use a
risk-management approach to mitigating vulnerabilities to raise the base level of cybersecurity
across critical infrastructure.” (U.S. Government 2018, 8) The talent pool for technology often
resides in the private sector. The mind set and aptitudes of many of the best people in the tech
field is not always adaptable to government, and especially military lifestyle. Often times the
personalities and skill sets that we need to defend the country in cyber realm are difficult to
recruit and retain because of some of the necessities of military life.
The cyber is a unique domain compared to traditional war because it is the first domain the is
entirely created by man. The other domains- air, sea, land, even radio frequency occurs naturally
in nature. Humans created this whole space that is a unique logical domain that requires a
unique skill set. The Department of Defense recognized this and has a strategic approach, which
includes innovating, “to keep pace with rapidly evolving threats and technologies in cyberspace.”
(U.S Government 2018, 3)
Cyber offense is particularly challenging for the military. Cyber offense has many issues due to
authorities. The level at which the authority to conduct these operations is extremely high, thus
it is harder to both receive approval to for these operations and to conduct the operations in a
timely manner. In many other countries, like Russia, they have lessened authorities and are less
concerned about burning tools and more concerned about getting results. Some other adversary
nations are also less concerned about attribution.
Another challenge to carrying out offensive cyber-attacks are the difficulties surrounding the
creation and maintenance of tools, and controlling and maintaining accesses. Utilizing a tool can
lead to it being burned and can cause the operator to lose access. If the enemy realizes they are
being exploited they will take steps to patch or fix the vulnerabilities. Maintaining the proper
balance of aggression and thoughtfulness is critical for these operations.
References:
U.S. Government. Department of Defense (DoD). The DoD Cyber Strategy. Washington, DC:
Government Printing Press, 2015.
U.S. Government. Department of Defense (DoD). Summary of the DoD Cyber Strategy.
Washington, DC: Government Printing Office, 2018.
U.S. Government. Office of the President. National Cyber Strategy of the United States of
America. Washington, DC: Government Printing Office, 2018
ELEMENTS OF THE ISSUE PAPER POLICY- INFORMATIONAL
COMPONENT
POLICY-ANALYTIC METHOD
Should one country be in charge of the Internet’s cyber policy? Why or why not? Based on the bellow
post.
Cybersecurity is an increasingly challenging issue particularly due to the multinational approach
necessary to achieve the best security framework in response to the risks experienced in cyber
space. However, one of the primary issues I determined from this week’s readings relates to the
problem associated with differences in opinions and geopolitics across different countries. For
instance, the United States continuous challenge with the Chinese government occurs at the peril
of integration of their efforts to address cybersecurity issues.
As long as the policies in the two countries are continuously antagonistic, then the chances of
developing an ideal framework, supported by two of the most influential economies in the world,
remain minimal.Secondly, success in the American war on terror, particularly based on the role
of the Department of Homeland Security has been hinged on the identification and consequent
protection of critical infrastructure. Similarly, identification and consequent protection of critical
information technology infrastructure could eventually help in dealing with cyber security issues
in the modern economy. For instance, the defense frameworks and databases storing information
related to the public form some of the critical information and communication technology within
any economy. Consequently, any government would have a primary responsibility to protect
such infrastructure, in effect reducing the potential threat to the infrastructure presented by
constant attacks on the cyberspace.
In particular, the challenges experienced by cyber security in relation to global cooperation are
no different from those experienced by different countries in the past. They relate to differences
in opinions and political views in various countries, which have existed for a significantly long
period. For instance, the approaches to governance in China have always been extensively
different from the governance approaches in the United States, which highlights a difference in
political opinions. Consequently, the same challenge exists in determining the chances of
cooperation in addressing cybersecurity issues. Therefore, the experienced problems with global
cooperation are not a result of the existing issues, but have been existent in the past. And persist
to the contemporary society.
Viewing future cooperation from an optimistic perspective, the world governments could
develop a framework that could work within the United Nations, offering cyber security service
and working in the best interest of the world population. It would be as impartial as the
international body tasked with management and maintenance of marine borders, which has
always worked to approve requests from different countries that seek to claim lands at sea.
Similarly, global cooperation between different countries could see to the creation of such an
international authority on cyber security.
On the other hand, a pessimistic view, in which case different countries may ultimately not get to
cooperate in addressing cyber security issues, may include every country working in its best
interests. In particular, every country will invest in as much research as possible, which could
eventually result in deterrence of cybersecurity threats owing to the extensive measures taken by
individual countries in ensuring protection against cyber threats from different sources.

Purchase answer to see full
attachment

Don't use plagiarized sources. Get Your Custom Essay on
Risk Modeling Pervasive on Security Management Professions Questions Respond / react to the attached postEach response is in 250 or more words. What more c
Just from $13/Page
Order Essay
Homework On Time
Calculate the Price of your PAPER Now
Pages (550 words)
Approximate price: -

Why Choose Us

Top quality papers

We always make sure that writers follow all your instructions precisely. You can choose your academic level: high school, college/university or professional, and we will assign a writer who has a respective degree.

Professional academic writers

We have hired a team of professional writers experienced in academic and business writing. Most of them are native speakers and PhD holders able to take care of any assignment you need help with.

Free revisions

If you feel that we missed something, send the order for a free revision. You will have 10 days to send the order for revision after you receive the final paper. You can either do it on your own after signing in to your personal account or by contacting our support.

On-time delivery

All papers are always delivered on time. In case we need more time to master your paper, we may contact you regarding the deadline extension. In case you cannot provide us with more time, a 100% refund is guaranteed.

Original & confidential

We use several checkers to make sure that all papers you receive are plagiarism-free. Our editors carefully go through all in-text citations. We also promise full confidentiality in all our services.

24/7 Customer Support

Our support agents are available 24 hours a day 7 days a week and committed to providing you with the best customer experience. Get in touch whenever you need any assistance.

Try it now!

Calculate the price of your order

Total price:
$0.00

How it works?

Follow these simple steps to get your paper done

Place your order

Fill in the order form and provide all details of your assignment.

Proceed with the payment

Choose the payment system that suits you most.

Receive the final file

Once your paper is ready, we will email it to you.

Our Services

No need to work on your paper at night. Sleep tight, we will cover your back. We offer all kinds of writing services.

Essays

Essay Writing Service

You are welcome to choose your academic level and the type of your paper. Our academic experts will gladly help you with essays, case studies, research papers and other assignments.

Admissions

Admission help & business writing

You can be positive that we will be here 24/7 to help you get accepted to the Master’s program at the TOP-universities or help you get a well-paid position.

Reviews

Editing your paper

Our academic writers and editors will help you submit a well-structured and organized paper just on time. We will ensure that your final paper is of the highest quality and absolutely free of mistakes.

Reviews

Revising your paper

Our academic writers and editors will help you with unlimited number of revisions in case you need any customization of your academic papers