Llegislative Report

docx

School

University of South Florida *

*We aren’t endorsed by this school

Course

4414

Subject

Political Science

Date

Nov 24, 2024

Type

docx

Pages

10

Uploaded by AgentSalamander2514

Report
Legislative analysis Legislative policy analyses Romar Wallen University of South Florida U17738336 Prof. J. Gathegi 12/4/2023 Abstract What Is Legislative Risk? Legislative risk is the potential that regulations or legislation by the government could significantly alter the business prospects of one or more companies. These changes can adversely affect investment holdings in that company. Legislative risk may occur as a direct result of government action or by altering the demand patterns of the company's customers. Investors rarely complain about bailouts and preferential treatment to specific industries, perhaps because they all harbor a secret hope of profiting from them. However, when it comes to regulations and tax, they complain. What subsidies and tariffs can give to an industry in the form of competitive advantages, regulation and tax can take away from many more. With a single law, subsidy or switch of the printing press, they can send shock-waves around the world and destroy companies and whole industries. For this reason, many investors consider legislative risk as a huge factor when evaluating stocks. A significant investment can turn out to be not that great after consideration of the government it operates under. ( For related reading, see: The Government And Risk: A Love-Hate Relationship .) Legislative Risk Explained
Legislative analysis Legislative risk refers to the tentative relationship between governments and business. Specifically, it's the risk that government actions will constrain a corporation or industry, thereby adversely affecting an investor's holdings in that company or industry. The actual risk can appear in several ways including an antitrust suit, new regulations or standards, specific taxes, subsidies and so on. The legislative risk varies in degree according to industry, but every industry has some exposure. In theory, the government acts as a buffer zone to keep the interests of businesses and the public from grinding on one another. It is the role of the government to step in when industry is endangering the public and seems unwilling to regulate itself.
Legislative analysis The cyber security enhancement act appears to be a culmination of cyber security plans infused to create a policy or legislative act, determining the usage of networks, electronic sources and privacy of information. The legislative branch of government is responsible for making laws within a country. Legislatures are made up of people called legislators who, in democracies, are elected by the country’s population. Under political systems employing the separation of powers model, the legislative branch of government has the authority to pass legislation and regulate government taxation and spending, as well as other powers such as approving executive or judicial appointments. In the United States, the legislative branch of government is called Congress, consisting of the House of Representatives and the Senate, both of which are elected and possess almost equal legislative powers. Laws passed through both houses are known as Acts of Congress, which are subsequently enforced and implemented by the executive branch of government, and interpreted and applied by the judiciary. The cyber security legislation has 5 titles: Public-Private Collaboration on Cybersecurity: Cybersecurity Research and Development: Education and workforce development: Cyber security awareness and preparedness: Advancement of cyber security preparedness and awareness: Cybersecurity Enhancement Act of 2014 - Title I: Public-Private Collaboration on Cybersecurity - (Sec. 101) Amends the National Institute of Standards and Technology Act to permit the Secretary of Commerce, acting through the Director of the National Institute of Standards and Technology (NIST), to facilitate and support the development of a voluntary, consensus- based, industry-led set of standards and procedures to cost-effectively reduce cyber risks to critical infrastructure.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Legislative analysis Requires the Director, in carrying out such activities, to: (1) coordinate regularly with, and incorporate the industry expertise of, relevant private sector personnel and entities, critical infrastructure owners and operators, sector coordinating councils, Information Sharing and Analysis Centers, and other relevant industry organizations; (2) consult with the heads of agencies with national security responsibilities, sector-specific agencies, state and local governments, governments of other nations, and international organizations; (3) identify a prioritized, flexible, repeatable, performance- based, and cost-effective approach, including information security measures and controls, that may be voluntarily adopted by owners and operators of critical infrastructure to help identify, assess, and manage cyber risks; and (4) include methodologies to mitigate imp acts on business confidentiality, protect individual privacy and civil liberties, incorporate voluntary consensus standards and industry best pr actices, align with international standards, and prevent duplication of regulatory processes. (1) FEDERAL CYBERSECURITY RESEARCH AND DEVELOPMENT STRATEGIC PLAN.—The heads of the applicable agencies and departments, working through the National Science and Technology Council and the Networking and Information Technology Research and Development Program, shall develop and update every 4 years a Federal cybersecurity research and development strategic plan (referred to in this subsection as the ‘‘strategic plan’’) based on an assessment of cybersecurity risk to guide the overall direction of Federal cybersecurity and information assurance research and development for information technology and networking systems. The heads of the applicable agencies and departments shall build upon existing programs and plans to develop the strategic plan to meet objectives in cybersecurity, such as— (A) how to design and build complex software-intensive systems that are secure and reliable when first deployed;
Legislative analysis (B) how to test and verify that software and hardware, whether developed locally or obtained from a third party, is free of significant known security flaws; (C) how to test and verify that software and hardware obtained from a third party correctly implements stated functionality, and only that functionality; (D) how to guarantee the privacy of an individual, including that individual’s identity, information, and lawful transactions when stored in distributed systems or transmitted over networks; (E) how to build new protocols to enable the Internet to have robust security as one of the key capabilities of the Internet; (F) how to determine the origin of a message transmitted over the Internet; (G) how to support privacy in conjunction with improved security; (H) how to address the problem of insider threats; (I) how improved consumer education and digital literacy initiatives can address human factors that contribute to cybersecurity; (J) how to protect information processed, transmitted, or stored using cloud computing or transmitted through wireless services; (K) any additional objectives the heads of the applicable agencies and departments, in coordination with the head of any relevant Federal agency and with input from stakeholders, including appropriate national laboratories, industry, and academia, determine appropriate. I think the above title II is a clear thought out way of action for
Legislative analysis implementing training, maintaining, and protecting cyber security procedures. There isn’t a time frame involved however I thing title V expounds on futuristic ideas for advancing the legislation: (1) Accelerate the development, in collaboration with the private sector, of standards that address the interoperability and portability of cloud computing services; (2) Advance the development of conformance testing performed by the private sector in support of cloud computing standardization; (3) Support, in consultation with the private sector, the development of appropriate security frameworks and reference materials, and the identification of best pr act ices, for federal agencies to use in addressing security and privacy requirements The CFAA was initially designed to defend computer systems operated by the U.S. government and some financial institutions, against threats. However, changes to the law since then have continuously expanded its scope. In 1994, Congress amended the law to broaden how it could be applied and to incorporate civil penalties along with criminal penalties. Under the new rules, a plaintiff can bring a claim against an individual if that individual committed or attempted to commit a computer-related offense that led to one of the following results: Aggregated financial loss of at least $5,000. Impairment to medical treatment or care. Physical injury to any individual. Threat to public health or safety.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Legislative analysis The 1994 amendment paved the way for private corporations to sue current and former employees suspected of revealing trade secrets and other proprietary information to competitors. In 1996, Congress further expanded the CFAA's scope by amending the definition of protected computers to include any computer used in interstate or foreign commerce or communication. As a result of this change, the law can be applied to just about any computer, including electronic devices like smartphones , given their inherent dependance on network communication. After the 2001 terrorist attacks, the U.S. Patriot Act amended the CFAA again, changing the following: Extended the Federal Bureau of Investigation's reach. Permitted search and seizure of internet service provider (ISP) records. Expanded the list of protected computers to include those in foreign countries that affected interstate or foreign commerce or communication in the U.S. The CFAA is also related to other acts and in conjunction it is playing a role in the protection of private information owned by the government and private security. The Patriot Act also amended the list of civil damage provisions to include computers used by the U.S. government to administer justice, national defense or national security.
Legislative analysis More changes came to the CFAA in 2008 with the passage of the Identity Theft Enforcement and Restitution Act. The act stiffened penalties and broadened the definition of protected computers to include any computer that is used in or affecting interstate or foreign commerce or communication. The addition of the phrase "or affecting" extended the law's reach to include local computing activity that could be connected in any way to interstate commerce or communication. Perennial review of the advancement section, title 5, is warranted and is necessary. New threat vectors emerge every year. Being an “Early Bird” in the protection of technologies, doesn't always mean acting after the loss of important data. Increased preventative measures should be discovered and tested and documented. The testing should also be managed by competent leaders in this field for necessary advancement. Most science and engineering disciplines are spearheaded by dedicated researchers and developers in their field. In Title IV, the use of technical or vocation, secondary and post secondary training is added as a development for cyber security and awareness. Training through competitions like hack-a-thons, coding challenges and assignments can play a quintessential role. In the end this is a very well thought out and methodical legislation. this Paradigm suggests that cybersecurity can be implemented in our society in five 5 phases.It's difficult to improve the current state of the legislation bill
Legislative analysis because of the soundness of the implementations and concreteness of its research as it relates to even advancements where they mentioned the improvements of cloud computing And Authentication. challenges to this bill would include but are not limited to the economic impact that cyber security has. cyber security can generate Revenue however if this is can be a double-edged sword because it can also be very costly to train individuals from a young age of a dollar sense to even adults in learning the right Network and privacy rules involved not to mention learning about different laws and legislatures around cybersecurity and it policy system management and business Network infrastructure implementation. Another Improvement I see that could be made would be relationships the increase of relationships volunteer efforts jobs employment can also increase the likelihood of people wanting to learn these cybersecurity rules and follow the legislators because when people are motivated to work for an income yearly they tend to become motivated to want to learn and improve their situation and follow the law more appropriately because they have the money to do so without this money people tend to want to break the law or manufacturer illegal ways of improving their status quo. The U.S. Department of Justice (DOJ) has announced a revision of its policy on how federal prosecutors should charge violations of the Computer Fraud and Abuse Act (CFAA), carving out "good-faith" security research from being prosecuted. With this policy update, the DOJ is separating cases of good-faith security research from ill-intended hacking. Which was distinguished by a blurred line that often placed ethical security research in a problematic, gray legal area, in the past.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Legislative analysis "The attorney for the government should decline prosecution if available evidence shows the defendant's conduct consisted of, and the defendant intended, good-faith security research." - U.S. DOJ . With increased research essential for the government to have the right idea of hackers, some are malevolent and others follow ethical guidelines related to being an engineer at their company. References The legislative process . (1996). house.gov. https://www.house.gov/content/learn/legislative_process https://www.congress.gov/113/plaws/publ274/PLAW-113publ274.pdf https://www.congress.gov/bill/113th-congress/senate-bill/1353?q=%7B %22search%22%3A %22Cybersecurity+Enhancement+Act+of+2014%22%7D&s=8&r=33

Related Documents

AN20231018-379.docx
test (2).docx
Review Quiz Attempt review 25.pdf
Review Quiz Attempt review 133.pdf
IMG_4267 (1).jpg
Constituti12.docx
American Yawp Chapter 6 questions and answers (Hisotry 17A).pdf
Screen Shot 2023-12-15 at 7.15.13 PM.png
Governme19.docx
Legislative Policy Tracking Assignment.docx
Review Quiz Attempt review 216.pdf
Unraveling Extreme Right-Wing Populism in the Era of Social Media.edited (1).docx