Shull 1

Damian Shull
Prof. Wolcott
ENC1102
2 November 2015
The importance of Cybersecurity and Cyber Governance in Cyberspace
There is a conversation happening among cybersecurity intelligence companies and experts in the
field of cybersecurity. What they are trying to do is open the eyes and educate our politicians that
we have a problem emerging among us. The range of documentation these experts have provided
is in fact articles and journals based on what cybersecurity and cyberspace is. Also there are
problems that are arising from the advancement of our infrastructure, which is basically the
networks that us humans utilize for communication and other applications over networks. The
citations also consist of examples, more or less, flaws within our infrastructure and what is needed
to protect our networks. Believe it or not, we take the internet for granted and it has become a daily
part of our lives. One of our infrastructures, for example, the internet is only going to become more
advanced and larger than a scale we can protect. If we don't begin to start educating and
implementing policies for cyberspace governance, we can all be in danger. As of right now a
solution to the problem stated would be implementing classes for cybersecurity within the
education system in order for students to learn about the fundamental principles of the internet and
why cyber security/ governance is crucial for maintaining our infrastructure. Without it, our
economy can be severely disrupted in the future when cyber threats begin to occur more
frequently.

Shull 2

Bishop, Matt. "What Is Computer Security?" IEEE Xplore. IEEE Xplore, Jan.-Feb. 2003. Web. 21 Oct.
2015. <http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=1176998&isnumber=26429&tag=>
Before I start off this annotated bibliography on on cybersecurity and cyber space, it would be
nice to know little information about and what is exactly. Basically cyber security is protecting
the systems that hold data about citizens, corporations, and government agencies . (What is
computer
security?) The problem today is trying to protect all this information from cyber attacks.
Another word you should know is cyberspace. It is the magnitude of the networks,
infrastructure, routers, domain servers and the internet that help us communicate and transfer
data. We are right now at the beginning golden era of information and implementing policies,
protection and information will be the meat of my annotated bibliography.
Popa, Iulian F. "CYBERSPACE GOVERNANCE. NEW GOVERNANCEAPPROACH IN SUPPORT
TO INTERNATIONAL SECURITY".ProQuest. Web. 21 Oct. 2015.
<https://login.ezproxy.net.ucf.edu/login?url=http://search.proquest.com/docview/1497214966?
accountid=10003>
In this scholarly journal article, Jason D. Thaanum reviews threats to cyber security, the dangers
of malicious code and the hackers behind it. As of 2015 the hacker group known as Anonymous
is one of the major hacking groups that have exploited a numerous amount of companies,
organizations and agencies such as the Federal Bureau Investigation. This goes to show that the
cyber world is not that secure. From John Thaanums paper, he describes a scenario where
hackers were listening in on an FBI agent's calls and posted the recording to Twitter in a
celebratory connotation. Later reassuring the audience John Thaanum says that military

Shull 3

personnel at the Naval Academy in Annapolis are trained for internet warfare. Companies such
as Sony have been hacked and stripped of their data containing sensitive information such as
your credit card information if you happened to be a customer of Sony and have paid with credit
card. Internet warfare is basically the constant battle between you, your antivirus software and
the malicious hacker trying to steal information from anywhere the hacker finds a weak spot.
Thaanum, Jason D. "Threats to Cyber Security: The Dangers of Malicious Mobile Code, Users, and the
IPhone." SFX by Ex Libris Inc. Journal of Applied Security Research, 23 Sept. 2013. Web. 11
Oct. 2015. <http://resolver.flvc.org/ucf?ID=DOI
%3A10.1080%2F19361610.2013.825755&genre=article&atitle=Threats+to+Cyber+Security
%3A+The+Dangers+of+Malicious+Mobile+Code%2C+Users
%2C+and+the+iPhone.&title=Journal+of+Applied+Security+Research&issn=19361610&isbn=
&volume=8&issue=4&date=20131001&aulast=Thaanum
%2C+Jason+D.&spage=490&pages=490-509&rft.sid=EBSCO%3ACriminal+Justice+Abstracts
%3A90465206>.
As of right now governance of cyberspace is very narrow and a lot of the information that our
politicians know today is not sufficient to help protect our internet and our society. The problem
today is that our technology is surpassing what we as humans can mentally know about
technology. To clarify, our technology has become more complex than we can understand what is
going on behind the scenes. As of right now there is no perfect definition of what cyberspace
governance is but what we do know is that cyberspace governance is a method or system of
government or management for the domain characterized by the use of electronics and the
electromagnetic spectrum to store, modify, and exchange data via networked systems and
associated physical infrastructures (CYBERSPACE GOVERNANCE. NEW GOVERNANCE

Shull 4

APPROACH) Another important aspect this journal presents is that as an international

community we need to develop efficient methods and cyber governance tools so our policy
decision makers get a better understanding of what exactly cyberspace is and how we should
govern it.
Yannakogeorgos, P. A. (2009). Technogeopolitics of militarization and security in cyberspace (Order No.
3359490). Available from ProQuest Dissertations & Theses A&I; ProQuest Dissertations &
Theses Global; ProQuest Social Sciences Premium Collection. (305064510). Retrieved from
https://login.ezproxy.net.ucf.edu/login?url=http://search.proquest.com/docview/305064510?
accountid=10003
In our sophisticated age of the digital era a lot of people in first world countries rely heavily on
the internet. The occurrence of cybercrimes is at an all time high and there are not a lot of
parameters in order to help stop these crimes either. The more sophisticated these cyber crimes
become we will ultimately see users stop wanting to use the internet. You can say that
cyberspace is an electromagnetic wilderness without any international laws regulating its use.
Radu, R. (2013). Negotiating meanings for security in the cyberspace. Info : The Journal of Policy,
Regulation and Strategy for Telecommunications, Information and Media, 15(6), 32-41.
<http://dx.doi.org/10.1108/info-04-2013-0018>
Due to the high rise in internet usage, means for security have come into play. Recently at the
United Nations General Assembly, negotiations between countries have been established to
implement universal and international regulations for cyberspace security. One of the aims of
the UNGA was to a create a culture for cyber security and a number of principles in regards.
The principles noted were: awareness, responsibility, response, ethics, democracy, risk
assessment, security design and implementation, security management and reassessment.

Shull 5

Kessler, G. C. (2007). Conquest in Cyberspace: National security and information warfare. The Journal
of Digital Forensics, Security and Law : JDFSL, 2(2), 67-70. Retrieved from
https://login.ezproxy.net.ucf.edu/login?url=http://search.proquest.com/docview/211206799?
accountid=10003
This journal focuses on the different types of attacks in cyberspace specifically on information
warfare. One basic premise about large computer systems is that they generate a lot of
information for humans to base their decisions on. Eventually these automated systems will not
need human input and serious bugs or viruses could disrupt these large networks which could be
economically devastating. More basic attacks such DDoS attacks which are denial of service
attacks which is basically a large number of botted computers trying to access a server all at the
same time while behind the scenes data is being stolen or accessed.

Browne, H. A. (2005). Government must step up and lead cyberspace homeland security. Signal, 59(6),
14.<https://login.ezproxy.net.ucf.edu/login?
url=http://search.proquest.com/docview/216190571?accountid=10003 >
In this journal, It denotes the fact that Homeland security was created in order to combat
domestic terrorism after the event on 9/11. Now back than cyber crime was not really an issue
that pertained really to the agenda of Homeland Security. As of now it has become a very big
risk for the government. Browne states in his journal that the government agency needs to step
up security in the cyberspace sector and that the agency is the perfect executor for implementing
security among our domestic networks.

Shull 6

Cybersecurity : The Evolving Nature Of Cyber Threats Facing The Private Sector : Hearing Before The
Subcommittee On Information Technology Of The Committee On Oversight And Government
Reform, House Of Representatives, One Hundred Fourteenth Congress, First Session, March
18, 2015. n.p.: Washington : U.S. Government Publishing Office, 2015., 2015. UCF Libraries
Catalog. Web. 16 Oct.2015. <http://www.gpo.gov/fdsys/pkg/CHRG-114hhrg94349/pdf/CHRG114hhrg94349.pdf>
In this government document, a great amount of information is detailed about the nature of
cyber threats that are facing the private sector as of 2015. If you have been following the news
there have been a few cyber attacks on some of the fortune 500 companies. The document
details the origins of the attacks and the purpose of these attacks. The primary offenders in this
case are Russia and China, which are where most of the attacks are coming from. China and
Russia are not the only offenders, Iran, Syria and North Koreas are also known for cyber
attacks. The document states that the reason for these cyber attacks is for commercial and
geopolitical gain. The FBI states that when companies have been compromised only 30%
realized they have been ad the other 70% are told by the FBI. The most common attacks are
known as spear phishing, hackers imposing as IT Staff sending emails to employees of the
victimized company.

Cybersecurity : Threats To Communications Networks And Private Sector Responses : Hearing Before
The Subcommittee On Communications And Technology Of The Committee On Energy And
Commerce, House Of Representatives, One Hundred Twelfth Congress, Second Session,
February 8, 2012. n.p.: Washington : U.S. Government Printing Office, 2014., 2014. UCF

Shull 7

Libraries Catalog. Web. 16 Oct. 2015. <http://www.gpo.gov/fdsys/pkg/CHRG112hhrg82628/pdf/CHRG-112hhrg82628.pdf>

The purpose of this document was to acknowledge the fact that the private sector contains most
of the critical infrastructure within the U.S. The private sectors infrastructure consists of wires,
servers, cell towers and base stations which are the most compromisable assets that the private
sector contain. The private sectors infrastructure is basically our known networks and our most
viable form of communication for our society. The most common threat to networks is malware.
Malware basically sits dormant in a user's computer till the victim activates the malware by
accessing websites the malware is targeting such as banking sites. Although these threats are out
there the FCC has opened up the Communications Security, Reliability and Interoperability
Council (CSRIC) which has helped companies use better cyber hygiene to prevent attacks.
Cybersecurity : National Strategy, Roles, And Responsibilities Need To Be Better Defined And More
Effectively Implemented : Report To Congressional Addresses. n.p.: [Washington, D.C.] : United
States Government Accountability Office, 2013., 2013. UCF Libraries Catalog. Web. 16 Oct.
2015.<http://www.gao.gov/assets/660/652170.pdf>

Written by the United States Government Accountability Office, this document was to address
Congress for them to become aware of the increasing cyber attacks and threats. From 2009 to
2012, GAO recorded and estimated that over 20,000 incidents were reported by Federal
Agencies. GAO has been in business since 1997 and since 2003 started looking into cyber
critical infrastructure. GAO has issued a lot of recommendations to address weaknesses in
federal security programs to improve the infrastructure protection over the years and plans to do

Shull 8

so again with this article as well. GAO has implemented that certain depository infrastructures
such as banks and the energy sector are subjected to meet mandatory cybersecurity standards to
prevent attacks.

Cybersecurity in the Automotive Industry Trends - 85% of Vehicles to be Connected to the Internet by
2020." M2 Communications 2014: General OneFile. Web. 16 Oct. 2015.
As the age of technology advances, internet in our vehicles have now become a reality. The
problem is that our cars are essentially mechanical computers and now that internet is being
installed, consumers are now more at risk of being put in danger. A cybersecurity consulting
firm has speculated that over 85% of vehicles will be connected to the internet by 2020. Recent
trends have shown that a larger scale of attacks have become imminent and the fact that cars
today have no reliable software to protect them is scary. Hackers today have shown that they
can hack cars and even take full control whilst being operated.

Williams, Patricia Ah, and Andrew J Woodward. "Cybersecurity Vulnerabilities In Medical Devices: A
Complex Environment And Multifaceted Problem." Medical Devices (Auckland, N.Z.) 8.(2015):
305-316. MEDLINE. Web. 16 Oct. 2015.<http://resolver.flvc.org/ucf?
ID=pmid:26229513&genre=article&atitle=Cybersecurity%20vulnerabilities%20in%20medical
%20devices:%20a%20complex%20environment%20and%20multifaceted
%20problem.&title=Medical%20Devices%20(Auckland,
%20N.Z.)&issn=11791470&isbn=&volume=8&issue=&date=20150720&aulast=Williams
%20PA&spage=305&pages=305-16&rft.sid=EBSCO:MEDLINE:26229513>

Shull 9

If you didn't know already the healthcare sector is a prime target for cyber attacks due to the fact
of how much information health care companies have on patients. Over 94% of healthcare
organizations have been victims of attacks which includes attacks on medical devices and health
care networks. Consequently there has been a debate on which type of software is implemented
and how to define exactly what constitutes a medical device. Medical devices today have shown
an increasing amount of direction towards becoming wireless which means logging data and
requiring data transfers to healthcare networks. Devices such as defibrillators, pacemakers and
drug insulin pumps are devices that can be easily reprogrammed. A study by Halperin
demonstrated the vulnerabilities of such devices, which is detrimental to their safe operation, and
the availability, confidentiality, and integrity of the associated data. (Cybersecurity
Vulnerabilities In Medical Devices). Today there is an increasing amount of pressure on medical
device manufacturers to implement unidirectional software so theses medical devices do not
become hacked.

Reddy, G. Nikhita, and G. J. Ugander Reddy. "A Study Of Cyber Security Challenges And Its Emerging
Trends On Latest Technologies." (2014): arXiv. Web. 16 Oct.
2015.<http://arxiv.org/pdf/1402.1842v1.pdf >
In this detailed article, a review of cyber trends is fairly listed. First the article goes into depth
about cyber crimes and how prevalent it has become. Cyber Crime is basically data vandalism
or theft of data over the internet using a computer. Later on the article goes to inform you of
web servers and cloud servers and their vulnerabilities to attacks. Attacks happen because
hackers have already compromised a site that you have accessed which then sends you links for
your computer to access whilst either installing malware or botting your computer. Botting

Shull 10

essentially is taking over your computer from afar without your knowledge that is has become
compromised. The fact that a lot of people use the internet for social media has effectively made
cyber security threats attainable. Eventually the article helps to give cyber ethics on how to use
the internet.
Dilanian, Ken. "Chinese Cyberattacks on US Companies Continue." Yahoo! News. Yahoo!, 19 Oct.
2015. Web. 20 Oct. 2015. <http://news.yahoo.com/chinese-cyberattacks-us-companiescontinue-report-says-084407493-finance.html;_ylt=A0LEVxksLyVW.isAtUml87UF;_ylu=X3oDMTByMjB0aG5zBGNvbG8DY
mYxBHBvcwMxBHZ0aWQDBHNlYwNzYw
Recently in the news the president from China and president Obama have met with each other
for a number of reasons. One issue of concern was China's lack of punishment and concern on
their domestic hackers. Although the two have come to a cyber agreement, it seems there is still
a trend of continuation of hacks on America's corporate intellectual property. CrowdStrike, a
cyber intelligence company has reported numerous attacks especially from Deep Panda and
China's People's Liberation Army both are known hacking organizations that have links to the
Chinese military.
Wall, David S. "Policing Cybercrimes: Situating the Public Police in Networks of Security within
Cyberspace." Taylor & Francis Online. CrossRef, 18 May 2007. Web. 20 Oct. 2015.
<http://www.tandfonline.com/doi/citedby/10.1080/15614260701377729>.
In this article it explains that we cannot just train the public police to investigate cybercrimes
but rather create relationships with computers in a network of informational security. For the
most part the general public only hears about cybercrimes through the press and the media.
The confusion over what constitutes a cyber crime creates a reassurance gap between crimes

Shull 11

experienced and those felt, and leads to public concern about cybercrime which subsequently
shapes the demands made of the police (for reassurance). (Policing Cybercrimes)
Olive, Nikki L. Cybersecurity: The Nation's Greatest Threat to Critical Infrastructure. ARMY WAR
COLLEGE CARLISLE BARRACKS PA, 2013. PDF
In this PDF document, the government documents details the extent of our cyber security based
on its infrastructure as a critical network. As of right now there is an increase in the amount of
cyber crimes that happen perpetually versus how big the critical infrastructure is increasingly
becoming. Since cybercrimes are the product of networked computers, they must be defined in
terms of the informational, networked, and globalised transformation of deviant or criminal
behaviour by networked technologies. (Cybersecurity: The Nation's Greatest Threat to Critical
Infrastructure). Therefore policing the cyberspace should be a matter of regional networks in
order to identify cyber threats more easily.
Moise, Adrian Cristian. "Aspects regarding the Impact of the Internet on the Society." Journal of
Advanced Research in Law and Economics 5.2 (2014): 157-70. ProQuest. Web. 20 Oct. 2015.
In this article, it shows the effects of internet on society. Since a lot of people use the internet
there should be fundamental principles of internet law just like you have your human rights.
Although the internet was on the greatest inventions it also opened negative things such as virus
and spam for example. The internet has created new challenges for governments and people
around the world. Although the internet provides opportunities, the lack of education on
cybersecurity can put people in danger of their identity and information.

Shull 12

Forsyth,James Wood,,Jr, and Billy E. Pope U.S.A.F. "Structural Causes and Cyber Effects: Why
International Order is Inevitable in Cyberspace." Strategic Studies Quarterly 8.4 (2014): 11228. ProQuest. Web. 20 Oct. 2015.
As nations grow the distribution of power is changing. The governance of the internet will
change from unipolarity to multipolarity. The problem is that governing such a large, mostly
unknown to the general public is a hard task especially as globalization of the internet gains
more users. To soften the harsh effects of multipolarity and oligopolistic competition, the great
powers will have no good choice but to cooperate and create rules, norms, and standards of
behavior that shore up what will essentially be a new political order. (Structural Causes and
Cyber Effects: Why International Order is Inevitable in Cyberspace.) Due to the fact of power
and competition, cyberspace is going to form into which greater body of power make it into.