Critical infrastructure avails vital services that sustain society. This heavily relies on computerized systems and electronic data. However, serious cybersecurity threats are on the rise and present a grave national challenge making both the public and private sectors increasingly vulnerable. Consequently, efforts have been made to counter and control these types of crimes. Legislations such as the cyber security Act of 2012 and the executive order 13636 have been put in place both aimed at enhancing the pliability of the critical infrastructure and maintain an efficient cyber environment by developing a cyber-security framework. This, however, has been deterred by various conditions.
Cybersecurity framework entails complex processes. For proper implementation, guidance has to be formulated, according to Jack .l (10) a review of the cybersecurity framework is needed to address the sector-specific risks and the diverse operating environments. The complexity limits implementation and makes the process tedious since various sectors have first to identify a cyber-security framework that is most beneficial to their entity.
Cost Limitation. Inability to avail the required budgetary allocation towards adopting a cyber-security framework pause as a hindrance in the more significant implementation. This was taking a toll on the medium size as well as small business entities. According to the SANS survey (40), most entities don’t place critical importance in allocating funds for implementing security measures. Thus, as a result of the shrinking budget, an investment in security frameworks is less appealing. Proper understanding of the relevance of the framework will enable these entities in making a deliberate budgetary allocation for the same.
Lack of necessary knowledge and skillset to effectively implement the framework. Lack of sufficient knowledge and skills to integrate the framework to the running of the entities deters its efficiency. According to Nick (16), framework users need to be well versed on both cybersecurity perils as well as the helpfulness of implementing the framework. The inadequacy of cybersecurity skilled personnel and professionals is responsible for direct and quantifiable damage.
Strengthening the enactment and implementation of the legislation by troubleshooting the hurdles that arise will play a vital role in streamlining the cyber environment. Other than the economic growth of the nation, the private entities will enjoy business confidentiality, security innovation and efficiency.
References
Luis corrons, A look back on cyber security, 2012
Sunit Belapure, Cyber security; understanding cyber crimes