G2TT
来源类型Research Reports
规范类型报告
DOIhttps://doi.org/10.7249/RR2008
来源IDRR-2008-WFHF
Exploring Cyber Security Policy Options in Australia
Igor Mikolic-Torreira; Don Snyder; Michelle Price; David A. Shlapak; Sina Beaghley; Megan Bishop; Sarah Harting; Jenny Oberholtzer; Stacie L. Pettyjohn; Cortney Weinbaum; et al.
发表日期2017
出版年2017
页码14
语种英语
结论

Government Solutions to Improve Cyber Security and Protect Consumers Must Consider Interconnected Factors

  • Participants saw a need for improved reporting processes that protect businesses from financial consequences while also protecting consumers whose data have been compromised.
  • Participants questioned how the Australian government could hold device manufacturers accountable for cyber security breaches without stifling innovation. Many of the technologies sold in Australia are manufactured abroad, highlighting a need for international partnerships to strengthen cyber security.
  • Participants questioned whether the standard required to assign attribution for cyber attacks in an Australian court of law should be the same as that used to assign attribution for state-sponsored attacks.

Security Is Not Designed into Products, Indicating a Role for Government to Develop Cyber Security Standards

  • Consumers are insufficiently informed about security, and manufacturers, importers, and retailers are not incentivised to build and sell secure devices. A security logo visible on product packaging could inform users' purchasing decisions, leading to financial incentives for sellers.
  • Participants felt that users should be able to opt out of digital connectedness and data sharing, though many devices today do not offer these options. Further, this connectedness sometimes provides no obvious value to the user.
摘要
  • Even if perfect attribution of a cyber attack is not possible, future exercises should determine what level of confidence is sufficient to pursue a case, and laws, regulations, investigations, and behavioural norms should be designed around that framework.
  • Australia should enter into international agreements that create avenues for criminal investigations and prosecutions, but these agreements should not limit the Australian government's options to provide for its own defence, security, and law enforcement.
  • Some values are worth protecting and defending, even if doing so comes at a significant cost. However, future exercises should explore how to draw such a line, and the Australian government should determine what options it is prepared to take if that line were crossed.
  • Citizens are increasingly unable to opt out of digital connectivity. Future exercises should determine whether certain types of devices should be operable offline, as well as how standards should be written and whether users should be able to opt out of data sharing.
  • Local governments should collaborate with industry partners to develop a quality assurance system for connected devices that can be used on packaging and that is understandable to consumers. This initiative should include a plan for responding to attacks on these products and should assign responsibility for such a response.
  • Cyber security instruction should be integrated into school curricula, with these lessons enforced by education and awareness campaigns targeting adults.
主题Australia ; Cyber and Data Sciences ; Cybercrime ; Databases and Data Collection ; Analysis ; and Processing ; Information Privacy ; The Internet
URLhttps://www.rand.org/pubs/research_reports/RR2008.html
来源智库RAND Corporation (United States)
引用统计
资源类型智库出版物
条目标识符http://119.78.100.153/handle/2XGU8XDN/108538
推荐引用方式
GB/T 7714
Igor Mikolic-Torreira,Don Snyder,Michelle Price,et al. Exploring Cyber Security Policy Options in Australia. 2017.
条目包含的文件
文件名称/大小 资源类型 版本类型 开放类型 使用许可
x1502134248780.jpg(9KB)智库出版物 限制开放CC BY-NC-SA浏览
RAND_RR2008.pdf(667KB)智库出版物 限制开放CC BY-NC-SA浏览
个性服务
推荐该条目
保存到收藏夹
导出为Endnote文件
谷歌学术
谷歌学术中相似的文章
[Igor Mikolic-Torreira]的文章
[Don Snyder]的文章
[Michelle Price]的文章
百度学术
百度学术中相似的文章
[Igor Mikolic-Torreira]的文章
[Don Snyder]的文章
[Michelle Price]的文章
必应学术
必应学术中相似的文章
[Igor Mikolic-Torreira]的文章
[Don Snyder]的文章
[Michelle Price]的文章
相关权益政策
暂无数据
收藏/分享
文件名: x1502134248780.jpg
格式: JPEG
文件名: RAND_RR2008.pdf
格式: Adobe PDF

除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。