Cybersecurity Strategy, Law, and Policy

 

The chief technology officer (CTO) has indicated that your  organization has been requested by the National Security Council (NSC)  to comment on the upcoming National Cybersecurity Strategy. The NSC has  asked for specific recommendations as it relates to the next  cybersecurity strategy, private/public partnerships, and comments on how  specific technologies should be incorporated into the assessment.

The CTO has asked you to collaborate with your team to provide the organizational input.

You will be collaborating with your previously assigned team on this  assignment. It is up to the team members to decide how they will plan,  meet, discuss, and complete the six sections of the paper. Remember, if a  member fails to complete his or her part of the work, the team is still  responsible for all sections. You will also complete a peer review for  yourself and for each member of the team. The peer feedback will be  incorporated into each team member’s assignment grade.

As a group, use the Cybersecurity Strategy, Law, and Policy Team Assignment Template to write your paper, which should cover the following topics:

Part 1: National Security Strategy and Cybersecurity

  • After reading the National Security Strategy (2017), comment on the following.
     

    • Should the United States create a separate cybersecurity strategy to  be published alongside the National Security Strategy (NSS), or do you  feel the NSS is sufficient? Why or why not?
       
    • Consider your answer in the context of the original National Strategy to Secure Cyberspace (2003). What is not adequately addressed in the National Security Strategy (2017) as it relates to cybersecurity?
       

Part 2: Public/Private Partnerships

  • After reading the Cybersecurity Act of 2015, address  the private/public partnership with the DHS National Cybersecurity and  Communications Integration Center (NCCIC), arguably the most important  aspect of the act. The Cybersecurity Act of 2015 allows for private and  public sharing of cybersecurity threat information.
     

    • What should the DHS NCCIC (public) share with private sector  organizations? What type of threat information would enable private  organizations to better secure their networks?
       
    • On the flip side, what should private organizations share with the  NCCIC? As it is written, private organization sharing is completely  voluntary. Should this be mandatory? If so, what are the implications to  the customers’ private data?
       
    • The government is not allowed to collect data on citizens. How  should the act be updated to make it better and more value-added for the  public-private partnership in regards to cybersecurity?
       

Part 3: Private Sector Organizations

  • Review the General Data Protection Regulation (GDPR) of  the European Commission (EU). It includes many provisions and arguably  strengthens data protection for individuals within the EU. It even  includes the right to be forgotten. The United States does not have a  similar regulation. There have only been a few regulations implemented  related to US citizens’ private data, which include medical and  financial industries. Some argue implementing regulation such as GDPR in  the United States would hinder innovation. They contend that the End  User License Agreements (EULA) provide sufficient protections and allow  the citizens to make the choice of what is and is not shared.
     

    • As a private sector organization, do you believe that an equivalent to GDPR should be implemented in the United States?
       

Part 4: Protecting Critical Infrastructure and the Homeland

  • The Department of Defense (DoD) Cyber Strategy 2018 discusses the protection of critical infrastructure and the homeland.
     

    • What does that mean to private organizations such as yours?
       
    • If most critical infrastructure in the United States is owned by the  private sector, what responsibility does the DoD have in this regard?
       
    • Some would argue US laws are outdated and thus the DoD has little  authority to assist. Others would argue US laws were purposely  established such that the private sector would defend itself and not  need assistance from the military. Obviously, for the DoD to assist, it  would need the private organizations’ data. Said another way, the DoD  would need your data as a private citizen/customer of that organization.  Those that believe our laws need to be updated argue giving up privacy  for protection is legitimate.
       
    • Others will argue that we should not give private information of  citizens to the government for any reason. As a citizen, would you feel  comfortable with this? As a private organization, would you feel  comfortable giving information that may contain your customers’ private  data to the DoD?
       
    • Is there a third solution (middle ground) you would propose that enables privacy but also enables cybersecurity?
       

Part 5: Cybersecurity Technologies

  • The authors of the National Security Strategy (NSS) are  looking to address particular technologies that have the opportunity to  revolutionize cybersecurity. They believe that blockchain technology is  a revolutionary technology that has the ability to significantly  improve cybersecurity.
     

    • What would be your recommendation for how the NSS should incorporate this technology to the public?
       
    • Propose exactly what you believe should be written in the NSS.  Specifically, explain the blockchain technology in layman’s terms to  nontechnical people that may be reading the NSS, give examples of how it  could be used to provide revolutionary cybersecurity, include examples  of how it is being used to provide cybersecurity solutions, and discuss  what, if any policies or laws should be established to mandate its use  in specific industries.
       

Part 6: Ethics in Cybersecurity.

  • Ethical issues are at the core of what we do as cybersecurity  professionals. Think of the example of a cyber defender working in a  hospital. They are charged with securing the network, medical devices,  and protecting sensitive personal health information from unauthorized  disclosure. They are not only protecting patient privacy but their  health and perhaps even their lives. Confidentiality, Integrity,  Availability – the C-I-A triad – and many other cybersecurity practices  are increasingly at play in protecting citizens in all walks of life and  in all sectors. Thus, acting in an ethical manner, is one of the  hallmarks of a cybersecurity professional. 
    • What are the ethically significant harms that may result from mass surveillance (including by government and corporations)? 
    • What are the ethically significant harms that may result from  emerging technologies such as blockchain technology, artificial  intelligence, and machine learning. 

Notes

  • While quality is valued over quantity, it is expected that a quality paper will result in a minimum length of 10–15 pages.
     
  • Use additional sources as needed and be sure to critically analyze the questions, addressing the pros and cons in your proposal.
     
  • Use visuals where appropriate.
     
  • Each team will submit one assignment.
     
  • You will receive an individual grade for this assignment based on your contribution to the overall project.  

median3

Write a method called “median3” that computes the MEDIAN value of THREE integers. Hint: for the case of three numbers, the median is the value that is NOT the maximum NOR the minimum, so add the three values and subtract out the min and max, using the methods you wrote for problems #1 and #2.

Analysis on Paper

 Read the attach paper and write a comprehensive summary/review of the paper as follows: 

  • Make sure to identify strength and weakness this research paper
  • Minimum of 500 words 
  • Plagiarism free & Quoting Free
  • Upload your response as pdf/word file 
  • This assignment should be in APA format and have to include at least two references ( from the paper reference as needed to support your review/summary) 

Lab lesson 8 part 2 C++ .cpp file

 

Part of lab lesson 8

There are two parts to lab lesson 8. The entire lab will be worth 100 points.

Lab lesson 8 part 2 is worth 50 points

For part 2 you will have 40 points if you enter the program and successfully run the program tests. An additional 10 points will be based on the style and formatting of your C++ code.

Style points

The 10 points for coding style will be based on the following guidelines:

  • Comments at the start of your programming with a brief description of the purpose of the program.
  • Comments throughout your program
  • Proper formatting of your code (follow the guidelines in the Gaddis text book, or those used by your CS 1336 professor)
  • If you have any variables they must have meaningful names.

Development in your IDE

For lab lesson 8 (both parts) you will be developing your solutions using an Integrated Development Environment (IDE) such as Visual Studio, Code::Blocks or Eclipse. You should use whatever IDE you are using for your CS 1336 class. Once you have created and tested your solutions you will be uploading the files to zyBooks/zyLabs. Your uploaded file must match the name specified in the directions for the lab lesson. You will be using an IDE and uploading the appropriate files for this and all future lab lessons.

For this and all future labs the name of the source files must be:

lessonXpartY.cpp

Where X is the lab lesson number (8 for lab lesson 8) and Y is the part number (1 for part 1, 2 for part 2).

You will need to develop and test the program in your IDE. Once you are satisfied that it is correct you will need to upload the source file to zyBooks/zyLabs, and submit it for the Submit mode tests. If your program does not pass all of the tests you need to go back to the IDE, and update your program to fix the problems you have with the tests. You must then upload the program from the IDE to zyBooks/zylabs again. You can then run the tests again in Submit mode.

When running your program in Submit mode it is very important that you look at the output from all of the tests. You should then try and fix all of the problems in your IDE and then upload the updated code to zyBooks/zyLabs.

C++ requirements

You are not allowed to use any global variables. Use of global variables will result in a grade of zero for part 1.

Your program must have function main, function presentValue, three read functions, and a display function. Including main this is six functions.

The presentValue function must have the following signature:

double presentValue(double futureValue, double interestRate, int numberYears)

The presentValue needs to calculate the present value and return that back to the calling function. The formula for this is above. Note that the annual interest would be .08 for 8%.

Failure to follow the C++ requirements could reduce the points received from passing the tests.

General overview

In part 2 you will be creating multiple functions to calculate the present value.

You may be asking what a “present value” is. Suppose you want to deposit a certain amount of money into a savings account and then leave it alone to draw interest for some amount of time, say 12 years. At the end of the 12 years you want to have $15,000 in the account. The present value is the amount of money you would have to deposit today to have $15,000 in 12 years.

The formula used needs the future value (F) and annual interest rate (r) and the number of years (n) the money will sit in the account, unchanged. You will be calculating the present value (P).

P = F / ( (1 + r) ^ n)

In the above expression the value (1 + r) needs to be raised to the nth power. Assume that ^ is the power function and x^2 is x to the 2nd power (x squared)

You are not allowed to use any global variables. Use of global variables will result in a grade of zero for part 2.

Three read functions

You must have functions to read in the future value, the annual interest rate, and the number of years. That would be three different functions. Give these functions meaningful names. Note that the order of the values will be future value, annual interest rate, and number of years.

In all cases you need to return any valid value back to the calling function.

For all three functions you will write out to cout as prompt for an input value. You will read in that value from cin. If the value is invalid (zero or negative) you need to display an error message and reread the value (with another prompt). You need to do this in a loop and continue looping until a valid value has been entered. Only the number of years can be an int value. The rest should be of type double.

Here are the prompts for the three values you need to read in:

Enter future value

Enter annual interest rate

Enter number of years

Note that the interest rate will be a number such as 10 or 12.5. These are to be read in as percentages (10% and 12.5%). You will need to divide these values by 100 to convert them into the values needed in the function (.1 and .125 for the above values). This conversion needs to be done before you call the presentValue function (see below). If you do the conversion in the presentValue function your program will fail the unit tests, so do the conversion before you call the calculate function.

Here are the error messages you need to display if the values are negative:

The future value must be greater than zero

The annual interest rate must be greater than zero

The number of years must be greater than zero

You will also need a function called presentValue with the following signature:

double presentValue(double futureValue, double interestRate, int numberYears)

The presentValue needs to calculate the present value and return that back to the calling function. The formula for this is above. Note that the annual interest would be .08 for 8%.

Note that the interest rate will be a number such as 10 or 12.5. These are to be read in as percentages (10% and 12.5%). You will need to divide these values by 100 to convert them into the values needed in the function (.1 and .125 for the above values). This conversion needs to be done before you call the presentValue function (see below). If you do the conversion in the presentValue function your program will fail the unit tests, so do the conversion before you call the calculate function.

The display function

You also need a function that displays the present value, future value, interest rate, and number of years. The function needs to display the interest rate as %, so .05 would display as 5.000%. Give your display function a meaningful name. You will be passing a number of values to this function.

Here is the sample output for a present value of $69,046.56, a future value of $100,000, an interest rate of 2.5% and a number of years of 15,

Present value: $69046.56

Future value: $100000.00

Annual interest rate: 2.500%

Years: 15

Note that the present value and future value have three digits of precision to the right of the decimal point but the interest rate only has one digit to the right of the decimal point.

The main function will be the driver for your program.

Your program will only be processing one set of valid values for future value, annual interest rate and number of years.

Get the values for these by calling the read functions you created above.

Once you have the values you need to call your presentValue. Using the result from the presentValue and the input values you read in with your read functions you need to call your display function (written above) to display the values.

The main function

The main function will be the driver for your program. All of the non-main functions are called from main.

For the following sample run assume the input is as follows:

1000000.0

5.0

25

Your program should output the following:

Enter future value

Enter annual interest rate

Enter number of years

Present value: $295302.77

Future value: $1000000.00

Annual interest rate: 5.000%

Years: 25

Here is an example with some invalid data

Input values:

-100

0

1000000.0

5.0

25

Output:

Enter future value

The future value must be greater than zero

Enter future value

The future value must be greater than zero

Enter future value

Enter annual interest rate

Enter number of years

Present value: $295302.77

Future value: $1000000.00

Annual interest rate: 5.000%

Years: 25

Failure to follow the requirements for lab lessons can result in deductions to your points, even if you pass the validation tests. Logic errors, where you are not actually implementing the correct behavior, can result in reductions even if the test cases happen to return valid answers. This will be true for this and all future lab lessons.

Expected output

There are eight tests. The first test will run your program with input and check your output to make sure it matches what is expected. The next three tests are unit tests. The unit tests will directly call the presentValue function. The compilation of the unit test could fail if your presentValue function does not have the required signature. The final four tests will run your program with various input values and make sure you are calculating the correct answers.

You will get yellow highlighted text when you run the tests if your output is not what is expected. This can be because you are not getting the correct result. It could also be because your formatting does not match what is required. The checking that zyBooks does is very exacting and you must match it exactly. More information about what the yellow highlighting means can be found in course “How to use zyBooks” – especially section “1.4 zyLab basics”.

Finally, do not include a system("pause"); statement in your program. This will cause your verification steps to fail.

Note: that the system("pause"); command runs the pause command on the computer where the program is running. The pause command is a Windows command. Your program will be run on a server in the cloud. The cloud server may be running a different operating system (such as Linux).

Error message “Could not find main function”

Now that we are using functions some of the tests are unit tests. In the unit tests the zyBooks environment will call one or more of your functions directly.

To do this it has to find your main function.

Right now zyBooks has a problem with this when your int main() statement has a comment on it.

For example:

If your main looks as follows:

int main() // main function

You will get an error message:

Could not find main function

You need to change your code to:

// main function

int main()

If you do not make this change you will continue to fail the unit tests.