US Cybercrime and Cybersecurity Policy Laws Failures

Cybercrime prevention by the United States (US) government is mainly done through the enactment of cyber crime law and policy to outline measures for ensuring cyber security. Cybercrime has significantly increased due to advancements in technology and internet use. Sensitive information is continually uploaded online, further increasing cases of cyber crime.

As cyber criminals become more organized, their activities continue to pose a significant cybersecurity challenge to both the government and the private sector. The United States government has therefore formulated numerous cybercrime polices to combat the rising risk of cybercrime.

In addition to proving a thorough understating of cybercrime, this study conducts an in-depth policy analysis of selected ambiguous United States government policies on preventing cyber crime. This thesis also discusses why these policies are ineffective in combating the increasing risk posed by cybercrime and provides recommendations on improving these policies.

What is Cybercrime and Cyber security?

Cyber security has drawn significant attention from the media, experts and the government in the last decade. This is due to the essential role that information and communication technology plays in businesses and both private as well as public organizations.

The internet forms a platform, which major infrastructures are, based with the modern advanced technology that include transportation, energy, communication, national securities among several others.

However, Cybercrime has emerged to be a persistent challenge to all the sectors relying on the internet, an issue that authorities must strive to address. Studies have revealed that organizations, both public and private, have had to contend with huge losses arising from instances of cybercrime attacks.

Prasanthi and Ishwarya (2015) define cybercrime as any activity that is computer mediated and considered illegal targeting the security of computer systems and the data they process. Due to the need of protecting such important information, the government has implemented various policies to combat the rising threat of cyber crime.

Types of Cybercrime

Cybercrimes are of different types hence requiring a different approach to address them effectively. They include financial crimes where criminals target to get credit card numbers of their clients using fake websites and products, marketing strategies selling illegal drugs and narcotics online.

Types of cybercrime

Email frauds are also an example of cybercrime where hackers target to send unwanted emails with wrong information to ruin his/her repetition and fund transfer fraud (Broadhurst et al, 2014).

In addition, other cyber crimes include funds transfer fraud where hackers divert funds from original intended accounts of unsuspecting individuals to different accounts (Prasanthi & Ishwarya 2015) despite the threat posed by cybercrime to the government, private and public sectors, ambiguous policies remain one of the biggest challenges in combating cyber crime.

Ambiguous policies make it difficult to enforce laws and regulations enacted to combat cybercrime. This study aimed at identifying ambiguous government policies and their impact in preventing cyber crime.

Ambiguous Cybercrime Policy Laws

Cybercrime has become huge problem for the organizations especially in maintaining data and information security. Due to the rising threat of cyber crime, several government policies have been formulated and directed to combating the threat of cyber crime. However, some ambiguous policies hinder effective prevention of cyber crime (Dashora, 2011). The research therefore indentified ambiguous government policies and their effect on cyber crime prevention.


Research questions
The research responded to some important questions regarding the trends exhibited in the quest to contain the threats of cybercrime. As such, the research was based on the following research questions:

  • What are the ambiguous policies enacted by the United States government on cybercrime prevention?
  • How do these policies hinder effective cyber crime prevention?
  • What are the emerging trends of cybercrime in the modern world?
  • What is accessible from the outlook of current cybercrime policies that can used for future planning?

Significance of the research
By outlining existing ambiguous government policies related to combating cybercrime, this thesis provides an understanding of how such polices can hinder effective prevention of cyber crime. In addition, it delineates how such policies aimed at stopping cyber intrusion have failed to achieve their purpose because of over focusing on cyber crime criminals rather than addressing the direct threat of cyber intrusion.

Policies focusing on cybercrime criminals have proven ineffective as emerging technologies are making it hard to identify the actual persons behind cybercrime attacks.

Literature Review on Cyber Crime

The government of the United States recognizes the threat that cybersecurity poses to the national security as well as development. The government has come up with various policies that aim at preventing the threats of cyber crime (white house.gov). Sherman et al, (1998) notes that whereas all the policies are formulated to combat the threat of cyber crimes, some work while others do not.

Majority of the policies that do not work have not been evaluated through scientific research processes and therefore have little evidence to back their workability. Other policies that have failed their purpose are ones that require excessive resources to implement (Sherman et al, 1998).

According to Sherman et al (1998), formulating effective policies therefore requires policy makers to have a thorough understanding of how the internet and the cyber world work.

In addition, they must have sufficient knowledge on the factors that cause and facilitate cyber crime. Kumar & Shah, (2014), notes that Cyber crime criminals are also coming up with new methods and ways to overcome the various restrictions that are put in place by polices targeting to reduce the threat of cybercrime.

Therefore, Kumar & Shah (2014) argues that policies aimed at preventing cyber crime should be regularly updated to ensure that they cover the emerging new threats. According to Broadhurst et al, (2014) cyber crime as a global crime faces a great challenge in tracing the criminals involved as well as their location.

This makes most of the policies targeting the global cybercrime ineffective. It also becomes difficult for policy makers to factor in the motivations of criminals who commit cyber crime on a global scale (Broadhurst et al, 2014).

Another major challenge facing the department of homeland security resulting from cyber crime is illegal interception of information as unauthorized people gain access to sensitive data and information.

This has in turn created more problems for homeland security as they have to protect sensitive information from hackers who have the capability of destroying or altering sensitive data on criminal activities (Poonia et al, 2011).

The United States department of homeland security is responsible for operating the national cyber alert system. The department is also responsible for building the national response systems on cyber crimes as well as protecting the nation’s critical structure.

In addition, it regulates and implements government policies that are aimed at combating the threat of cyber crime (Levin & Ilkina, 2013). Therefore, any changes to the ambiguous government policies should start with the department of homeland Security. The United States has passed on several laws and regulations that accompany the policies formed to prevent cyber crime.

Example of such cybercrime laws is the Electronic and Communications Act which was passed in the 1986 to regulate disclosure of sensitive information. According to Levin & Ilkina (2013), despite some policies poorly implemented and failing to accomplish their purpose effectively, they are an indication of the government’s willingness to reduce the cases of cyber crime.

According to Bucci et al (2013), the government has also put considerable efforts in the last 10 years to preventing the threat posed by cyber intrusion through maintaining a reliable, secure, interoperable and open internet.

In addition, the government has formulated several policies on cyber crime that focus on protecting critical infrastructure, which include critical information systems from the threat posed by cybercrime. Other efforts by the government focus on improving the ability of victims to report incidences of cyber crime to increase the response time to criminal incidences.

The government has also reached out on international partners the world with the aim of promoting freedom, reliability and security of the internet. It has also aimed at maintaining secures federal networks through setting security targets and pressuring the responsible agencies to meet the set targets. The government has also focused on collaborating with the private sector and creating a workforce that is well aware of the dangers and the risks posed by the cyber crime.

Despite the positive efforts put by the government in preventing cybercrime, there are still notable failures on the policies that the government has adopted Bucci et al, (2013) indentifies the contributing factors that cause such failures of government policies in combating cyber crime. The factors indentified include the expanding and growing scope of threats posed everyday from criminals who target the commit cyber crime.

In addition, the restrictions by the United States constitution in protecting the interests and the privacy of the citizens limits the government efforts to search and track suspicious behaviors of potential criminals without violating their rights to privacy.

According to Bucci et al (2013), the United States also faces new forms of challenges from Russia, China and Iran in their attempts to steal valuable information, data and innovations. Such threats backed by states are more sophisticated when compared to the individual criminals who have less motivation and capacity to cause a substantial threat to the governments’ critical infrastructure. They therefore require clear, timely and adequate policies to deal with such threats, which the government does not formulate in time.

In an effort to find effective solutions to preventing cyber crime, numerous researches have been conducted on cyber crime. Broadhurst et al. (2014) assesses the nature of the groups that are involved in cybercrime. The authors are of the point of view that only by understanding the groups that commit cybercrime can help in developing effective strategies to combat the crime.

Casey (2011) outlines the evidence of digital trends and takes an investigative approach to crimes that amount to the definition of cybercrime. In Choo (2011), the author explores the trends of cybercrime and gives a perspective on the future research direction. He explains the success attained so far and advises on how future research needs to be undertaken.

McQueen (2006) analyzes the way various groups, authorities and businesses understand cybercrime and the management practices employed in combating the effects of cybercrime.

Identity theft, an emerging form of cyber crime, has largely contributed to online fraud as criminals use false indentifies to perform online transactions. Indentify theft has also worsened the problem of cyber terrorism and blackmail making hindering the efforts to prevent cyber crime (Rotich et al, 2014).

Online businesses are the biggest contributors of spam, which is also an emerging form of cybercrime through forced advertising. Although they are not necessary harmful, spam messages are consuming much of the user’s bandwidth increasing unnecessary costs and time wastage for internet users (Rotich et al, 2014).

Research further indicates that the high rate of cyber crime results from carelessness as private industries and individuals underestimate the risk of cyber crime and therefore fail to take adequate measures to protect their information and sensitive data. In addition, over dependence by the government on centralized systems and lack of proper guidelines on protecting personal information contained in these systems has left millions of individual sensitive information vulnerable.

In response to the increased cases of cyber crime, governments are investing millions of dollars in building cyber skills and capability to as a cybercrime prevention measure (Dashora, 2011). Other scholars have focused on the way cybercrime influences other issues in the modern society.

For instance, Fatima (2015) explores the way cybercrime influences the practices in the apparent modern niche of E-Banking. Fatima explores the trends, the threats and the strategies of combating cybercrime in the E-Banking niche while also investigating the potential of biometrics in addressing cybercrime in the E-Banking niche.

An investigation on the way cybercrime influences the victimization of women has also been conducted (Halder & Jaishankar, 2012). The authors explore the various circumstances in which women have been victimized through cybercrime attacks.

Nelson, Phillips & Stuart (2014) have developed a guide to computer forensics and investigations. The authors point out to the past trends, the current initiatives and the future projections on the way computer crime and investigations should be undertaken. Poole and Sky-Mcllvain (2014) explore the current trends and recommend the way education should be undertaken in the modern age. Weisburd & McEwen (2015) recommend the way cybercrime should be mapped with the aim of developing and implementing strategies that will deter cybercrime.

Equally, Stephenson & Gilbert (2013) provides guidelines on the way cybercrime investigations should be undertaken. From the analysis of all the literature cited in the paper, it is apparent that there are strategies that work, and others that are ineffective in deterring and combating cybercrime challenges now and into the future (Putnam & Elliott, 2001).

Majority of the research on cyber crime prevention are based on review of relevant literature and lack of adequate information on the field is one of the biggest challenges to substantive research on the vice. Secondly, much of the information used for research is obtained from self-reports which as indicated earlier has the challenge on existent laws under which cyber crime is reported.

Limited data on cyber crime and the emerging forms of such crimes as cyber terrorisms is the greatest weakness of various researches on cyber crime prevention. In addition, the survey questions that are mostly used in the conducting these studies are self selecting which implies that the information collected is limited in relation to the actual cyber crime.

Similarly, most of the crimes are under reported by the victims and organizations due to the fear of negative publicity. Therefore, the actual information relating to cyber crime is with held by the victims, which greatly hinders finding an effective solution to the problem (Rotich et al, 2014).

Several models are suggested to help reduce increasing rate of cyber crime. One is the KVIRUS model, which is a virus prevention model that aim at identifying virus according to their programs rather than software signature. Other models aim at identifying the cyber criminal through using the details of the internet service Provider ISP and use the necessary laws to apprehend the criminal.

However, with the current technology advancement, this is proving a little bit difficult as criminal have come with programs to avoid being detected (Rotich et al, 2015).In addition, states in the U.S are adopting policies to criminalize various computer acts that are destructive like creating virus, worms and accessing someone’s information without his/her authorization (Putnam& Elliott, 2001) . These are examples of measures that are aimed at reducing cybercrime.

According to Poonia et al (2013), cyber crime differs in form from convectional crime. Therefore, strategies used in preventing cyber crime are different from convectional crime because they are more difficult to detect and criminals are far away from the country of crime scene. On the contrarily, cyber crime has aided some of convectional crimes like money laundering because the technology makes it difficult to trace the origins of the funds as well as their destination.

Viruses form the highest negative influence on users in relation to cybercrime. Majority of the internet users report viruses as their main threat as compared to the number of people who report losing money in a survey conducted in 2012 and 2013 (McGuire,2013).

Similarly, businesses report virus related problems as their main threat on security incident. The samples were collected through random sampling. Statistics from police recordings on cyber crime on police department show that fraud as the most reported form of cyber crime.

However, the data presented from the police cases is not separated into online and offline therefore making the information hard to analyze. These presented the main challenge of conducting research-using data provided by the police. For instance, the police were more likely to record computers fraud as cybercrime without indicating if the crime was committed online or offline (McGuire, 2013).


Methodology
The study purposively selected several ambiguous policies formulated by the United States targeting to combat the threat of cybercrime. The sampling criteria was Influenced by the Scope covered by the policy, the resources required to implement the policy effectively and reported statistics related to the problem that the policy aims to address.

Various resources that included presidential orders, GEO reports, state and federal laws and regulations formed primary data sources for analysis. The analysis evaluated existing policies to determine their ability in covering their intended goals. The study focused on the weakness and strengths of the undefined policies evaluating their flaws in curbing the rising threat of cyber crime.

Although most of the policies were worked during the time they were implemented, the emerging trends in cyber crime have made them ineffective or useless. The study therefore adopted the policy analysis methodology to identify the flaws in the selected polices and recommending possible changes that can be adopted to ensure that the policies are effective in combating the rising threat of cybercrime through multi-goal policy analysis approach.

US Cybercrime Policy Laws

The United States has implemented several policies in the last two decades aimed at combating the threat of cyber crime. The average user is at the high risk of experiencing cybercrime if he/she is not careful in the way they handle their sensitive information online.

With the increasing threat from cyber crime, there is need for government policies that address these challenges through means that are both effective and adequate. This is because Cybercrime is not only threatening national security and infrastructures but also the individual security. Such policies should enlighten organizations and the public who are most vulnerable to cyber crimes in addition to the government.

Challenges of Combating Cybercrime

Numerous studies have been conducted with the aim of analyzing various government policies to combat the threat from cybercrime. In order to analyze the effectively the role that such policies play in combating the threat posed by cybercrime, it is important to first understand the nature of cybecrime.

Broadhurst et al. (2014) assesses the nature of the groups that are involved in cybercrime. Cyber criminals are organized in groups and indentifying these groups can help policy makers to come with effective policies to reduce the threat formed by the operations of such groups.

Similarly, understanding their organization can also help organizations and groups to come up with effective strategies and measure to combat the rising cyber crime threats as well. According to Casey (2011) the emerging trends in digital technology not only provides criminals with a easy work to indentify, target and executive their plans but also policy makers can use it to their advantage.

Through specialized training, policy makers can understand the possibilities in digital technologies to unmask the operations of criminals. This is essential in helping them avoid coming up with ambiguous policies that only address part of the problem and leave a huge part unsolved. Cybercrime is a global issue and essentially requiring global cooperation to address the challenge of cyber crime even more effectively.

Therefore, policies formed by the government should first create a platform through which different states can corporate and address the challenge and a group rather than an individual countries. Cyber crimes covering a global context will first require laws and regulations in place that makes it easy to track any criminal activity despite of their geographical location.

However, such laws are different to promote because of different ideologies promoted by different countries and the competition to out each other in terms of technology and innovation.

For instance, the United States is facing a new threat from the Russia, china and Iran where most of the cyber crimes directed towards the country’s critical infrastructure originate. Lack of a common jurisdiction law on these countries makes it difficult to formulate effective policies that can aid in indentifying these criminals.

The government offers the evidence of digital trends and takes an investigative approach to crimes that amount to the definition of cybercrime. In Choo (2011), the author explores the trends of cybercrime and gives a perspective on the future research direction. He explains the success attained so far and advises on how future research needs to be undertaken.

Choo (2011) and McQueen (2006) analyzes the way various groups, authorities and businesses understand cybercrime and the management practices employed in combating the effects of cybercrime. Firstly, the major challenge facing the department of homeland security on cybercrime prevention is the illegal interception of information as unauthorized people gain access to sensitive data and information.

This has in turn created more problems for homeland security as they have to protect sensitive information from hackers who have the capability of destroying or altering sensitive data on criminal activities (Poonia et al, 2011).

In addition, there is a new emerging form of cyber crime known as identity theft. Identity theft has largely contributed to online fraud as criminals use false indentifies to perform online transactions. Indentify thefts has also worsened the problem of cyber terrorism and blackmail making hindering the efforts to prevent cyber crime (Rotich et al, 2014).

Online businesses are the biggest contributors of spam, which is also an emerging form of cyber crime through forced advertising. Although they are not necessary harmful, spam messages are consuming much of the user’s bandwidth increasing unnecessary costs and time wastage for internet users (Rotich et al, 2014).

Research indicates that the high rate of cyber crime results from carelessness as private industries and individuals underestimate the risk of cyber crime and therefore fail to take adequate measures to protect their information and sensitive data.

In addition, over dependence by the government on centralized systems and lack of proper guidelines on protecting personal information contained in these systems has left millions of individual sensitive information vulnerable. In response to the increased cases of cyber crime, governments are investing millions of dollars in building cyber skills and capability to as a cybercrime prevention measure (Dashora, 2011).

Other scholars have focused on the way cybercrime influences other issues in the modern society. For instance, Fatima (2015) explores the way cybercrime influences the practices in the apparent modern niche of E-Banking. Fatima explores the trends, the threats and the strategies of combating cybercrime in the E-Banking niche while also investigating the potential of biometrics in addressing cybercrime in the E-Banking niche.

An investigation on the way cybercrime influences the victimization of women has also been conducted (Halder & Jaishankar, 2012). The authors explore the various circumstances in which women have been victimized through cybercrime attacks.

Nelson, Phillips and Stuart (2014) have developed a guide to computer forensics and investigations. The authors point out to the past trends, the current initiatives and the future projections on the way computer crime and investigations should be undertaken. Poole and Sky-Mcllvain (2014) explore the current trends and recommend the way education in cyber security should be undertaken in the modern age.

Weisburd and McEwen (2015) recommend the way cybercrime should be mapped with the aim of developing and implementing strategies that will deter cybercrime. Stephenson and Gilbert (2013) offer a guide on the way cybercrime investigations should be undertaken.

From the analysis of all the literature cited in the paper, it is apparent that there are strategies that work, and others that are ineffective in deterring and combating cybercrime challenges now and into the future (Putnam & Elliott, 2001).

Viruses form the highest negative influence on users in relation to cyber crime. Majority of the internet users report viruses as their main threat as compared to the number of people who report losing money in a survey conducted in 2012 and 2013(McGuire,2013).

Similarly, businesses report virus related problems as their main threat on security incident. The samples were collected through random sampling. Statistics from police recordings on cybercrime on police department show that fraud as the most reported form of cyber crime.

However, the data presented from the police cases is not separated into online and offline therefore making the information hard to analyze. These presented the main challenge of conducting research-using data provided by the police. For instance, the police were more likely to record computers fraud as cyber crime without indicating if the crime was committed online or offline (McGuire, 2013).

Majority of the research on cyber crime prevention are based on review of relevant literature and lack of adequate information on the field is one of the biggest challenges. Secondly, much of the information is obtain need from self-reports which as indicated earlier has the challenge on existent laws under which cyber crime is reported. Limited data on cyber crime and the emerging forms of such crimes as cyber terrorisms is the greatest weakness of various researches on cyber crime prevention.

In addition, the survey questions that are mostly used in the conducting these research are self selecting which implies that the information collected is limited in relation to the actual cyber crime. Similarly, most of the crimes are under reported by the victims and organizations due to the fear of negative publicity. Therefore, the actual information relating to cyber crime is with held by the victims, which greatly hinders finding an effective solution to the problem (Rotich et al, 2014).

Several models have been suggested to help reduce increasing rate of cyber crime. One is the KVIRUS model, which is a virus prevention model that aim at identifying virus according to their programs rather than software signature. Other models aim at identifying the cyber criminal through using the details of the internet service Provider ISP and use the necessary laws to apprehend the criminal.

However, with the current technology advancement, this is proving a little bit difficult as criminals have come up with programs that help them to avoid being detected (Rotich et al, 2015).

Types of Cybercrime

The following are the types of cybercrime that are most commonly experienced by organizations.

  1. Computer systems attacks
  2. Cyber bullying
  3. Spamming or phishing emails
  4. Use of prohibited, offensive or illegal content
  5. Material related to sexual abuse on children
  6. Online cases of fraud and swindles
  7. Offences related to copyrights

Strategies for Combating Cyber Crimes

The following strategies are the most applied by organizations to prevent cyber crime. Due to the increased connectivity brought by modern technology, cyber crime cases have significantly increased.

Therefore, organizations are coming up with various strategies in addition to the policies formulated by the government to combat cyber crime. These strategies can be classified as legal, technological and educational/awareness.

Legal strategies focus on avoidances of cyber crimes by discouraging cyber crime criminals from committing through tough legal measures and penalties. Technological strategies focus on making it difficult for criminal to commit cyber crime as well as enhancing security of information and data. Strategies based on creating awareness of cyber crime and data security.

Legal strategies for Combating Cyber Crimes

Some organizations have implemented legal strategies to reduce the increasing threat of cyber crime. They include reporting cyber crimes to the police to other federal investigative agencies as well as websites owned by non-profit organizations that were focused on fighting cyber crime. The government and the law enforcers have a wide responsibility in reducing cyber crime.

Due the critical role that ICT plays in a country and in every industry, it faces numerous challenges and threats that require legal steps in designing effective strategies to reduce cybercrimes. Fighting the threat if cybercrime requires establishments and reviewing of the available legal infrastructure including updating the criminal laws procedures and regulations that deal with the cyber criminals.

Among the legal strategies that can help combat cyber crime include passing necessary legislations on security of electronic communications. Others include enacting laws on fraudulent computer use and computer systems use. Laws on protecting personal and private data should also be passed as a measure of reducing cybercrime.

Lastly, necessary legislations on certifications and digital signatures are essential as a legal approach in reducing cyber crime. Other useful legal measures that can help reduce cybercrime include implementing legislations to protect users of computer systems from becoming cyber crime victims.

The principal aim of legal strategies in fighting cyber crime is making the internet much safer by discouraging criminals from participating in criminal activities by placing strict penalties for offenders. The United States has several regulations on the use of computer and computer technology. The legal regulations play a strategic role in reducing instances of cyber crime.

In addition to implementing the necessary legislation to combat the threat of cybercrime among the public sector, a proper crime reporting mechanization should also be put in place. The biggest challenge in prosecuting cyber crime cases is gathering of evidence depending on the scope of crime.

The existing legal systems require hard evidence that may be hard to obtain in the context of computer technology as criminals rarely leave their marks, which can be used to track them.

However, most organizations fail to report incidences of cyber crime due to lack of access to authorities through which such crimes can be reported. In addition, the long process and the cost involved in reporting and investigating cyber crime discourages individuals from reporting such cases to the relevant authorities.

Therefore, there is need for implementing an online reporting system where organizations can easily report cases of cybercrime attacks. An online system will not only create a simple mechanism through which cyber crime can be reported but also make it easy to alert law enforcers of nay suspected criminal activities and violations of the set regulations even more easily.

An online platform for reporting cyber crime will provide central repository when both organizations and authorities can reference the laws and the context in which they apply regarding cybercrime. An online system for reporting cyber crime will also provide a central database to monitor criminals convicted of cyber crimes and will discourage potential criminals from engaging in such spurious acts.

Secondly, reducing the cybercrime can be achieved by increasing collaboration in the international private sectors in the nations across the globe. Despite the internet connecting different parts of the globe, organizations rarely cooperate to monitor incidences of cyber crime attacks in their areas. Organizations need to strengthen their cooperation behold the physical barriers that the cyber world transcends.

Criminals take advantage of this lack of cooperation to use the same techniques or commit the same cyber attacks on different organizations without being easily detected. Countries need to create legislations that create a framework of International cooperation among the private sectors.

Such collaboration will address the increasing threat of cybercrime attacks that has significantly increased due to social media and adoption of cloud services technology. Collaboration between different organizations will also make it easier to prosecute cyber crime cases because criminals may be located miles away from the actual crime scene. Information that is critical for conducting such investigations can easily be obtained through such collaborations.

Implementing a legal framework that will enable the collaboration strategy will provide the necessary jurisdiction that is required for authorities and law enforcers to conduct investigations on cybercrime. It will provide an easy access to important information located in another country required for investigations of cyber crime cases.

Lack of collaboration creates a challenge for authorities investigating cybercrime incidences especially when the criminals involved are from a different country. However, there has been an increase with many global institutions like the United Nations General Assembly adopt legal strategies to combat cyber crimes threat on an international platform.

Technological strategies for Cyber Security

Majority of the organizations and business rely on technological strategies to combat cybercrime. The technological measures included applying latest security patches, up to date antivirus, operating systems and computer application, password protection, maintaining a strict validation for the data input, monitoring the processes as well as procedures of external contractors who have access to the organizations computer systems.

Others include performing regular scans to the network securities and activities, implementing a network security structure and comparing the traffic accessing the organizations network with its baseline operations. Technology plays an essential role in formulating effective strategies to keep private industry organizations safe from the threat of cybercrime.

Effective strategies to employ in preventing cyber crime depend on the type of crime if its computer enabled or computer dependant. Computer enables crime refers to the traditional form of crime that has been facilitated by the existence of a new technology. Computer dependent crimes require a computer in order to exist.

Technology plays an essential role in aiding cybercrime and is therefore the main targets for the organizations and criminals as well to enhance their security. Best strategies to prevent cybercrime should revolve around technology. The following concepts are essential in developing technological strategies to combat the threat of cyber crime.


Amplifying Force for Reducing Cybercrime

The damage that criminals can cause with technology is much more when compared to what they do without the aid of technology. The concept of amplifying force, therefore, targets reducing criminals’ access to digital technology and subsequently preventing cybercrime.

It is essential that organizations adopt the use of secured technology to prevent cyber crime. Embracing secured technology will ensure updated security measures that can counter the technology used by criminals to commit cyber crime.

Creating Entry Barriers

The main aim of entry barrier strategies is to create a technology barrier for criminals to reduce their access to computer systems and cause damages. An example of the cyber creating barriers strategies is protecting the copyrights of media content using modern technology.

Cybersecurity Strategy through Training and Creating Employee Awareness on Cyber crime

Other cybersecurity strategies used by organizations focus training and creating awareness on cyber crime among their employees as an important factor in controlling cybercrime. The organizations indentified the need for more training and creating awareness in their employees on information security because the increasing accesses to technology meant more risk especially to low awareness users.

The number of internet users has significantly increased with the availability of high computing device that have the potential to access the internet from every part of the world. Private industries have also embraced the use of internet networks in their operations increasing the risk of cyber crime attacks.

Despite the high uptake of technology, organizations in the private industry provide little training for their employees on the risks associated with such technology. This has made them easy targets for cybercrime criminals. Spreading awareness on cybercrime is an effective strategy, which can effectively help to reduce the rising cases of cyber crime in the private industry.

Some of the cyber crime attacks on computers and computers system of many organizations are because of low awareness of the employees and users using the internet.
The private sector should build the technical capacity to handle cybercrime by setting up necessary technical infrastructure that also aids the employee to report cyber crime.

Additionally, there is need for organizations to implement training in cyber forensics to specialized employee to enable them detect cyber crimes early in advance and put up necessary measures. Employees should be equipped with the necessary skills to understand technological evolution as well as the threats and vulnerabilities related to cybercrimes.

The environment through which the organization works is very essential in preventing cyber crime. It is therefore important that that the private sector trains their employees on keeping safe working environment to reduce incidences of cybercrime. A good working environment will also ensure that employees can easily indentify the psychological behavior of a cyber criminal.

Cyber criminals will often look for new ways to exploit the potential victim that can be detected early with by employee through proper training and awareness. A positive working environment will promote proper handling of knowledge and digital evidences that can aid in cyber crimes investigations.

Without proper training, employees may unknowingly contaminate digital evidence or store it in poor conditions, which may make investigations even more challenging. Where technologies are not sufficient to help employee detect cyber crime threats, special training can provide alternatives that employees can rely on in the absence of technology.

 

Figure 1: a graphical representation showing various strategies used in preventing cyber crime

The growing importance of information security and the rising risks of cyber crime threats are making it necessary for organizations to embrace training and educations awareness for their employees. Such programs can be lanced through ICT departments in most organizations and the progress of such awareness program strategies to be monitored regulars to ensure that employees are updated of the emerging threats from cyber crime.

 

Figure 2: A grouping of various strategies implemented by organizations in preventing cyber crime.

Cybercrime Criminal Groups

Digital technology has made it difficult to track and reveal the identity of cybercrime criminal groups. Various measures or strategies that are effective in preventing cyber crime depend on the nature or organization of the cyber criminals. According to Broadhurst (2014), organized cyber crime criminal groups require a high degree of specialization and organization.

Hence, the highly specialized nature of cyber crime groups has only left the government and the authorities speculating on their activities. Over 80% of cyber crime is likely to be committed by organized criminal groups. These groups can be organized into traditional hierarchal organizations or networks. The groups are further divided into types. The first group is known as type 1. It is subdivided into swarms and hubs that essentially operate online.

Swarms are less organized cybecrime criminal groups and comprise of grouped networks that have a common purpose but lack organized leadership. This group of cyber criminals are commonly influenced ideological ideas shared online like hate crime and political activities. On the other hand, hubs are more organized and have a clear structure of command. They engage with diverse online activities that include piracy, botnets phishing attacks and sexual offenses.

The other cybecrime criminal group is the type II group. They are divided into clustered hybrid and extended hybrid. Clustered hybrid involves small groups of people that are that have targeted activities or methods. This group operates both online and offline and mostly involved in credit card and data fraud.

Extended hybrids are less centralized cybecrime criminal groups. The group involves several associates coordinating to ensure that their operations are successful. The third cybecrime criminal group or type III group essentially operates offline but use online platforms to facilitate their activities. They operate in hierarchies and their main activities include malware attacks and blackmailing. The group is also subdivided into aggregate group that are temporal and lacking a clear purpose.

Understating the structures of cyber crime criminal groups can easily help identify the best effective strategies to prevent attacks from each group by an organization.

 

Figure 3: cybercrime criminal groups

Also, identifying cybercrime criminal groups make it easy to identify the threat arising from each cyber crime criminal group and the risk they pose to an organization to come up with a effective strategy to prevent the threat. In addition, disorganized groups pose minimal risk when compared to the well organized crime groups with a clear command structure to coordinate their activities.

Comparing the online hybrid and the offline groups, the threat posed by each group depends with how an organization operates if it is online based or its activities are based on the offline. Online businesses have the highest risk to cyber crime when compared to offline businesses.

Cyber Crime Prevention Strategies

Most organizations implement technological cyber crime prevention strategies in preventing cyber crime. Technological innovation is the leading cyber crime prevention strategy for organizations and individual citizens and has been identified as the most effective.

They can be sub divided into two types that include the soft-based strategies and hard based prevention strategies (Byrne & Marx, 2011). The hard based information strategy aim at using the various intrinsic features to preventing or making it difficult cyber criminals committing cyber crime.

Some of the hard cyber crime prevention strategies that were identified by the study include use of antivirus, use of updated operation systems and applications and password protections among several other measures. These measures feel into the technological strategies of preventing crimes implemented by the organizations involved in the study.

Majority of the organizations use hard prevention strategies to prevent cyber crime threats. However, some of the hard prevention strategies are largely infeasible because the criminal activities that they target are hard to differentiate from non-criminal activates based on the purpose and context that the crime likely took place. It is therefore necessary for organizations to implement architecture or protocols that resist misuse from inappropriate users.

Similarly, hard prevention structures encourage internet-connected devices to act depending on the nature of the environments to reduce chances of intentional manipulation especially by potential cyber crime criminals. The conflict of privacy is another factor that faces the effective implementation of hard prevention strategies on privacy and accountability. For instance, some of the cyber attacks indentified by the study was committed by organization employees.

On the other hand, soft cybercrime prevention strategies include disincentives to discourage criminals from committing cyber crimes. This includes the legal strategies and the strategies based on training and creating awareness to prevent cyber crime indentified in the study. According to Clarke et al, (1998) soft strategies include clearly defining actions, which an organization may term as criminal in its environment.

In addition, raising public or employee awareness on cyber crime through education seminars, workshops and other training activities is an example of soft prevention strategy. Others include promoting effective investigation and prosecution of cybercrime criminals by reporting their actions to the police or various non-governmental organizations that focus in preventing cybecrimes.

Preventing cybecrime through soft prevention strategies requires that the organizations have Cleary defined boundaries on factors constituting an offence and under which context. This can be achieved by educating employees of an organization and creating awareness on where the boundaries lie and possible punishments or legal measures that accompany such boundaries. The challenge of soft prevention strategies that involve measures as identified in the study is collecting sufficient evidence to preset to the court to prosecute cyber.

Another disadvantage is that due to advanced technology and technical knowledge of cyber crime criminals, it makes it difficult to identify the real culprits behind the offence (Clarke et al, 1998). Therefore, the success of legal strategies is subject to the capability of the legal authorities’ to conduct effective investigations to detect the criminal activities and the offender of the crime.

According to Casey (2011), digital evidence can be applied for investigative purposes in indentifying cybercrime offenses and the offenders. Cyber crime is different from convectional crime. Therefore, the strategies that are involved in convectional crime are difficult to implement in fighting cyber crime because the offenders can be based far away from the scene of crime (Poonia et al, 2011).

In addition, cyber crime is illegal interception of information that is illegal as people intercept such information and gain unauthorized access for the information or data.
Therefore, to support the effective application of the indentified legal strategies, there must be adequate law reforms aimed at preventing cyber crime threats.

Traditional cyber laws can no longer match with the innovative modern technology and therefore inadequately deal with cyber crime. The law enforcement agency and judicial communities need to develop new skills as well I order to handle cyber crime cases effectively.

Technology has complicated the regulatory and jurisdiction of cyber crimes as the systems the internet links users all over the internet. For instance, an online payment company based in the United States or any company using online payments may be serving customers in china. The jurisdictions of the applicable cyber crime laws applicable for these two parties are very different. There is therefore a need for adopting a global stand on cyber crime, as it is the case for terrorism.

As a result, the study indentified that technological strategies were the most common among many organizations in preventing cyber crime. In addition, numerous resources considered for the study support such strategies as the most effective in dealing with cyber crime.

However, organizations should also create awareness and educate their employees on cyber crimes. This is essential in ensuring that they exercise caution with sensitive data to minimize risks of such information landing on cyber crime criminals.

Research indicates that the high rate of cyber crime results from carelessness as organizations and individuals underestimate the risk of cyber crime and therefore fail to take adequate measures to protect their information and sensitive data.

In addition, over dependence by the government on centralized systems and lack of proper guidelines on protecting personal information contained in these systems has left millions of individual sensitive information vulnerable.

In response to the increased cases of cyber crime, governments are investing millions of dollars in building cyber skills and capability to as a cybercrime prevention measure.

Emerging Trends in Cybercrime Prevention

Cybercrime is evolving at a very fast rate due to advancement of computer and information technology. Similarly, the society is also evolving with regard to technology use and Innovation. This has led to continued expansion of cyber crime activities when compared to the traditional definition of cyber crime activities in the last decade (Shehu, 2014).

The emergence of social media sites has expanded the environment through which cyber crime can be committed and led to new forms of crimes as well. Reputation damage is a new form of emerged cyber crime that has rooted itself in the social media costing organizations, governments and individuals millions of dollars to reduce the damages.

Economic crimes have significantly risen with organized cyber crime groups organizing well funded into company systems using technologies to committee fraud. A new network known as the dark web has emerged where such information like credit card numbers is sold has made it difficult for authorities to detect the new form of cyber crime as the criminals no longer use normal activities to commit fraud.

Espionage

Espionage is another form of emerging cyber crime where the valuable intellectual properties of an organization like research and development files are stolen (Shehu, 2014). The theft of intellectual property belonging to organizations has caused them to lose millions of dollars.

In some instances, cyber criminal have grown so cunning that the victim may not even realize that tones of valuable information is stolen until the damage is irreversible. The victims begin to realize that their intellectual property have been stolen when they begin to realize counterfeit products in the market as similar technology that is slightly modified.

Activism

Activism is another emerging form of cyber crime. In this case, hackers are backed by supporters who are fighting for an ideological cause. A good example of activism crime is wiki Leaks where sensitive and crucial information especially for government agencies and security organizations are exposed to the public by hackers who intend to compel the government or the victim to pressure.

Cyber Terrorism

Cyber terrorism groups have turned to attacking private or government organizations or even critical national infrastructure to disrupt services or cause damages. Cyber terrorism is posing a serious threat to governments and security authorities, which have turned to offering critical services to the citizens using networks or internet.

The systems that are prone to cyber terrorism crimes include communication networks like telecoms and financial systems that are heavily reliant on the internet (Shehu, 2014). Cyber welfare is also another form of cyber crime that is emerging. In this type of crime, states and governments attack other states or private sector organizations and steal information and valuable data.

Barriers to Fighting Cybercrime

Despite organizations being aware of the significant risk posed by cyber crimes, some have still not taken necessary measures to prevent such threats. In some instances, barriers exist in the way of implementing these strategies, which may render them ineffective.

The first barrier is lack of cooperation between organizations, government agencies and business partners concerning the cyber crime. Every organization has to maneuver its own threat in despite that the same techniques are used to target different organizations every day.

Similarly, coordination lacks between the government authorities and organizations in fighting crime. This has caused organizations to spend numerous resources, which could be saved if they come together and address the problem of cyber crime as one.

Poor communication is also another barrier preventing the implemented strategies on cyber crime to work effectively. To avoid negative publicity, organizations are avoiding disclosing their information on cyber crime. This gives the attackers an advantage to apply the same technique to attack as a many organizations as possible and hindering a swift response to emerging threats and cyber crime activities.

Ignorance and negligence is another barrier for implementing strategies to prevent cyber crime. Some of the organizations are aware of the security risks that exist with their environment and do little to resolve such problems. This is giving cyber crime criminals an easy time to advance their activities without applying much effort.

Examples of negligence includes failing to deactivate access to a an organization data by a former or fired employee, maintaining same passwords for a long period of time, sharing sensitive information like credit card numbers in unsecured networks.

Other acts of negligence include lack of clear guidance policies and protocol on the accessing organization information especially sensitive data. This has led to increased cases of security breaches as hackers gain access to sensitive information through any access to the system.

Without such protocol in place, organizations are bound to incur more losses from cyber crimes. For instance, a criminal with authorization can use the computer for activities that are behold the intentions of the authorizing party constituting cyber crimes.

It becomes difficult to prosecute such criminal cases because the criminal did break the policy as his actions were within his allowed authorizations. Such cases hinder effective prevention of cyber crime results to criminals facing fewer penalties that are not equivalent to the damages and risks caused by their actions.

Cybercrime Prevention Laws and Policies

Computer Fraud and Abuse Act

The United States’ Computer Fraud and Abuse Act was implemented in the 1980s to create a framework to combat the rising criminal activities on cyber crime. The Computer Fraud and Abuse Act was enacted by the United States congress in 1984 in combat the unauthorized use of computers and networks. According the law, it was illegal to access information and data stored by computers without being authorized. The motive of the policy was to curb the trespass to government and financial institution computers.

However, the policy was broad and was amended by the congress to include the federal computers and networks to provide the authorities with a clearer statement in implementing the policy. The amended policy limited investigations at federal level to only federal related interests in cyber crime activities. The policy was further amended to include fraud and property theft facilitated through illegal computer use.

This amendment was influenced to combat distribution of malicious codes and software that could cause damage to critical infrastructure (Jarrett & Bailie, 2015). The policy included intentional altering, damaging or destroying information that belongs to other parties. Further amendments were added to the computer and fraud acts were further amended to include trafficking passwords and other sensitive information that can facilitate accessing unauthorized information.

The amendments were further added to the acts to increase the effectiveness of the policy due to the increased supplication in computer technology. In 1988, the amendment was increased to the act that required information accessed illegally must be through an interstate or foreign communication.

The effect of the amendment was increased jurisdiction on prosecuting cases that involved computer information (Jarrett & Bailie, 2015). The 1990-2008 amendments closed an existing gap in the law that required loss resulting from the crime to exceed $ 5000 and 10 or more computers.

They also increased threats to steal information disclose stolen data publically or failing to repair the damage resulting from the offence, made it a cyber crime to conspire to hack confidential information or data and expand the definition of protected computers to computers used in foreign or interstate communication or commerce. In addition, the amendments provided a mechanism through which property involved in cyber crime acts could be forfeited by the states (Justive.gov, web).

However, despite the numerous amendments on the original acts, it remains ambiguous in combating cyber crime largely due to the current technology that has significantly advanced. The policy lacks clarity on the penalties for the acts increasing the possibility that cyber criminals charged with this act receive low penalties that are not equivalent to the damages arising from their activities.

In addition, the Computer Fraud and Abuse Act does not exclusively specify the relevant authorizes to enforce the act. This has caused conflicts between various law enforcement agencies at both the state and the federal level. In addition, the protected computers are only interstate or foreign computers only used by financial institutions and the government for communication and commerce purposes.

The definition of protected computers indentified in the policy limits its applicability to government and financial institution computers. Therefore, majority of the computers that are facing a huge threat from the cyber crime attacks are not covered by the policy.

The policy also does not explicitly require the proof on the ways that the criminals used to access the protected computers. In addition, it does not specify if the crime covers the use of the computer to access the internet or the internet to access the computer creating a wide gap in implementation of the policy.

It is therefore only illegal to use a protected computer to access the internet and communication purposes (Jarrett & Bailie, 2015). Therefore, criminals who use the internet to access protected computers challenge the applicability of the policy in prosecuting their activities.

In order to reduce the discrepancies created by the Computer Fraud and Abuse Act, the United States Congress amended the Act in 2008 to include explicitly computers not connected to the internet but used for government and financial institutions. This is because some computers are not connected to the internet due to security reasons but are used for the specified protected computer purposes.

Similarly, the Computer Fraud and Abuse Act was further amended to reduce its ambiguity by specifying that the act also includes the computers that are outside the united state but used to restricted purposes. The amendments were influenced by the increased cyber crime activities with criminals outside the United States who hack the protected computers from a foreign country.

The Computer Fraud and Abuse Act is also ambiguous on the definitions exceeding limited authorization and without authorizations. Both instances refer to the insiders and the outsiders accessing the information or data from protected computers. The policy therefore unequally applies to criminals differently depending on weather they are insiders or outsiders.

The policy raises a crisis on the border between allowed authorization with limitation and without authorization, which in several instances are difficult to prove.

The Wiretap Act

The Wiretap Act was enacted by the United States congress in 1986. The makes it a cybercrime to tap into any communication, disclosing or using the material that has been illegally intercepted unless for prosecution and investigative purposes by united states law enforcement agencies. The Wiretap Act was influenced by the increased illegal access of information by criminal through spy software, email cloning, and intrusion equipments from the computer of unsuspecting victim.

The Wiretap Act includes cybercrimes that committing by illegal intercept of communication by criminals unless explicitly stated for the prosecution and investigative purposes. The Wiretap Act is ambiguous as it allows criminals to intercept information and data with the lawful confinements of the policy. The Wiretap Act law focuses on the intentional intercept of communication with the intention to commit cyber crime.

It creates a wide gap in its implementation because criminals can argue that they intercepted communication while conducting their personal investigations. The Wiretap policy therefore creates a crisis on the nature and the context through which the policy can be applied. The policy also creates a challenge when implemented on computer usage.

Computers have the ability to hold recorded information through text form, which can be easily accessed later. According to the policy, such act is not covered in the act presentation a wide gap through which criminals can use to commit cyber crime.

According to the Wiretap policy, it is only illegal to obtain a copy of unauthorized information n or data only when it is being transmitted. Therefore obtaining such information after its destination is not intercept. However, such data or information may still be holding critical and valuable information that can cause significant risk to critical state infrastructure.

Technology has long evolved past the era of telephone wiretaps when the policy was excellently effective. Similar to the computer abuse act, the policy is affected on intercepting communication that affects interstate commerce. The policy therefore creates a crisis where criminals can argue that their activities did not contradict the interstate commerce as indicated by the policy.

For instance, a suspect charged by intercepting signals between the keyboard and computer was dismissed was dismissed as cybercrime because it does not not involve intercepting electronic communication as provided for in the policy (Jarrett & Bailie, 2015). The Wiretap Act therefore provides for prosecution of criminals who use malicious software to intercept emails and other information or data from a victim’s computer during its transmission.

According to the policy, it is also illegal to disclose intercepted information or data. However, it does not an affect the disclosure of information that has already bee shared to the knowledge of the public. However, lack of clarity on the conditions and context through which the intercepted information or data can be disclosed creates ambiguity in implementing the Wiretap Act.

Networks Crimes Statutes

There are numerous statutes enacted by the United States that aim to reduce the access of information and data illegally through networks. One is the acts on unlawful access to stored information that aims to protect confidential information. According to the policy, it is a cybercrime offence to access confidential information without authorization or with limited authorization access.

However, the policy is limited to devices through which access of information or data can be regarded as cyber crime. For instance, accessing home computers does not amount to a cyber crime according to the policy. In addition, the policy also criminalizes altering or changing information that can cause the loss of authorized access to the information. The policy is ambiguous because it definition of storage information limits the scope though which accessing such information may be regarded as cybercrime.

The broad interpretation of electronic storage creates a gap through which numerous cyber crimes related to cyber crime can be accessed illegally and criminals still avoid prosecution. This policy on illegal access of information or data in electronic storage is ambiguous because it does not include the access to such information or data by the parties providing the storage services as contravening the policy.

There are numerous incidences when information storage providers have been involved in cybercrimes activities but cannot be prosecuted due to the ambiguity of the policy. The policy criminalizes intentional transfer or use of another person identity without his consent as a cybercrime.

Another emerging form of cyber crime is identity theft. There are several laws enacted on identity theft to combat the increasing unlawful use of identification information to commit fraud. The policy can only be applied with prove that the criminal intentionally used a false identification that belonged to an actual specific person.

Cyber criminals have gone round through such ambiguous requirement of the policy and committed cyber crimes by using identities that do not belong to any specific person. This policy has therefore created a challenge in its implementation for combating the threat of cyber crime.

The Spam Act

The Spam Act was enacted by congress in 2003 creating a policy to prosecute criminals who sent spam emails especially when the criminal does not disclose his/her identity.

Email spams have become very common and used by criminals to steal confidential information from unsuspecting victims. Although there is several have with capability to filter spam emails, the Spam Act provides a legal avenue that the victim can utilize t ensure that the criminals face justice.

The Spam Act also prohibits transmission of sexual content in spam emails without providing notification on the type of content contained in the email. However, the spam act is not usually utilized on several incidences because of the ambiguity in the policy. The act applies for commercial mails leaving personal or non-commercial emails out of the policy coverage.

It is also important to note that the spam act does not only apply to emails but also to messages sent through the social networking sites (justice.gov, web). The policy also applies to falsified material but requires adequate proof that the material was falsified. The policy has created a crisis on the definition of spam messages.

One court interpreted that messages that contained the correct address of the sender and links to unsubscribe from receiving such mails cannot be categorized as spam. In addition, the Spam Act also criminalizes multiple emails sending with the same content.

Multiple  emails means more than a hundred mails in one day or one thousand in a month. Cyber criminals have found a way of going through the Spam Act by including their addresses and links to unsubscribe from such messages and use such emails for commercial purposes or to trick unsuspecting victims to sharing their personal information. Majority of the cyber crimes committed under this act are not reported, as users prefer using the software to filter unwanted or spam messages from their inboxes.

Presidential/Executive Cybercrime Policy

In addition to the legislations passed by the congress and federal statutes, the president has the powers to give out orders on cybercrime prevention policies. Some presidents have utilized these powers to create policies on preventing the threat of cybercrime where some worked and others have failed.

President Barack Obama’s Cybecrime Policy

Barack Obama’s election into office began with a strong note of curbing the threat of cybercrime when compared to his predecessors. President Barack Obama’s executive orders on cybecrime cover a wider scope because they also have consideration for public  computers, unlike the Congress acts which only cater for protected computers used by governments and selected organizations.

Since taking office in 2009, president Obama has pushed several policies aimed at combating the rising cases of cybercrime. Obama released his proposal policy to deal with cyber crime in May 2011 that focused of protecting the American citizens, critical infrastructure, federal networks and privacy and liberty of private individuals from the threat of cyber crime.

The first part of the Obama cybecrime policy made it necessary for private sector to disclose cyber crime attacks to consumers. This was due to enable consumers take measures to protect their personal information that is held by the attacked organizations and business. The proposal sought to harmonize the state laws with the business policies to protect the public interest whose data and information has been compromised by cyber attacks.

The second part of the proposal aimed at the country’s critical infrastructure from cybercrime. The proposal required that the congress provide legislations on assisting the private sector, government agencies from the DHS through sharing of information on cyber crime and trouble shoot the threat arising from cyber crimes.

The president’s cybercrime prevention proposal also included provisions to protect computers and networks that were used by the national and the state governments. The cybersecurity proposal required that the DHS (department of homeland security) provide resources for the federal networks as well as the civilian networks.

Lastly, the Obama cyber security proposal sought to create a framework for granting individual privacy and liberty adequate protection from cyber threats. However, president Obama’s proposal did not get the full congress approval due to the concerns raised by the digital rights group that it would intrude in the right of privacy for the American citizens (Bessant, 2014).

The Obama administration has attempted to resurrect the sharing of cybercrime threat information by private and government institutions with the department of homeland security. Despite the concerns raised on such a policy, it would be an effective way of combating the threat of cyber crime. This is because lack of sharing cyber crime threats information has only worked to the advantage of the cyber criminals.

In addition, sharing such information can keep the public well informed on the trend of cyber crime attacks helping them mitigate the damages or losses should their personal information and data be compromised. The president has also sought support to increase the government spending in cyber crime prevention as well increase the capacity of the government institutions to fight cybercrime.

After the failure by the congress to approve President Obama’s cyber security proposal into legislation, the president issued executives orders on cybecrime that were based on the principles of his cybersecurity proposal (white house.gov, web).

The executive orders provided a platform where the private sector and the government agencies can share important information that will help curb the threat posed by cybercrime. The executive orders policy also focused on a broad range of factors, including the vulnerability that comes from increased online storage of sensitive data information by American citizens.

The greatest challenge affecting the implementation of president Obama’s cyber crime policies is the political divide between the democrats and the republicans with the republicans favoring market incentives to discourage cyber crime and the democrats favoring legislative approach to combat cybercrime (Bucci et al, 2013).

Without the executive’s efforts directed to reducing the increasing cyber threats, they may jeopardize the American presence online. This is largely because the political division on how the nations should approach the rising cyber threats. In addition, the ideological differences thought the United States have also created a dispute on the best approach to curb the threat rising from cyber crimes.

Therefore, the president’s executive orders mirror the proposals that have failed to pass the congress to legislation. The orders also provide a framework through which the widening gap between the private sector and the government agencies of fighting cyber crime. However, despite the executive orders playing a significant role in combating cybercrime in the United States, they need to be more effectively formulated and defined to reduce their ambiguity for easy implementations.

The  Obama executive orders do not provide a clear strategy on the relationship on sharing information between the private and the government sector. Majority of the organizations are reluctant o sharing information because of the unintentional damage and that sharing some information may at instances contradict the freedom of information act.

Similarly, lack of a clear guideline on information sharing between the two sectors as directed in the executive orders may e be used by regulators against the private sector. Therefore, information sharing is only currently applied between smaller organizations networks based on trust.

The government has also several laws and regulations that govern information sharing process which may contradict with the policy requirements. The policy therefore requires that guidelines be developed to remove the ambiguity on the policy and make its implementation practical.

The information-sharing platform that the president Obama’s executive orders to cybercrime seek to achieve should be built through trust, confidentiality and non-victimization of the parties sharing sensitive information. Most important the congress must also repeal the numerous barriers that hinder information sharing between the private and the government sectors.

In addition, information sharing should not be mandatory but voluntary for both sectors. There is therefore need to create incentives that will encourage the private sector to share sensitive information and data that may be used by cyber criminals to aid their activities.

Creating an environment that is based on cooperation and not coercion may be a challenge given the nature of strained relationship between the government and the private sector. The political divide in the United States is also more likely to interfere with the presidential directives especially given the stand of the incoming government. Presidential policies have the great challenge in that they do not go behold the term limit of the current administration. This poses a challenge of stabling a long working co-operational relationship between the government and the private sector.

To ensure that the policy works as intended and free from political interference, the policy should be anchored on a legal framework to protect the parties that are involved in information sharing. Such legal protection should expressively provide guidelines to eliminate the liability concerns that are the biggest fear for the private sector.

Bucci et al (2013) notes the threat from sharing information has discouraged various businesses and private sector from sharing confidential information that can aid in combating cybercrime. In addition to liability protection for the shared information, the policies require a framework that will prevent competitors gaining a competitive advantage on the market by utilizing the shared information against their partners.

Although implementing such a structure is technical, it is essential because the shared information could be from a compromised database of a company exposing its innovations and other critical data to competitors. The resulting consequences from the shared information may cause substantial loss for the affected company despite that the intention was different.

Cybecrime laws also have to build confidence between the private sector partners that the information shared will be acted upon swiftly and the necessary action taken to combat cybercrimes. The long response time this is common for government agencies may discourage the private sector from contributing critical information if their information is not acted upon to bring meaningfully changes especially considering that leadership skills required to run such a partnership.

Cyber Security Solutions for Cyber Crime Prevention

Based on the findings of the analysis done by the study, it is recommended that the computer and abuse act should therefore be amended to include all the computers that are in the risk of cybercrime attacks. Non –financial institutions are incurring millions in losing due to unauthorized access to information and data by cyber criminals.

In addition, criminal activities on non-protected computers give the criminals an advantage to test various tools and software through which they can employ on protected computers more easily. It also recommended that the act should be amended to reduce the ambiguity that exists within the policy.

Similarly, to the computer abuse act, the study recommends that the Information Intercept Act should be amended to include the broad acts of criminal activities committed outside the interstate commerce context. Private and organizations Computers hold sensitive information that although not directly related to state matters, its disclosure can have an indirect impact to critical infrastructure.

Based on the study findings, it is also recommended that the government should amend the Identity Theft Clause to include criminals who use non-existent identities. This is because cyber criminals now use fake identity to commit cyber crimes by hiding their tracks and go unpunished because of the ambiguity of the policy.

In order to discourage illegal access to information and data on providers of storage services, the existing cybecrime laws should be expanded to increase the service provider’s access of such information as a cyber crime.

Cybercrime is unarguably a complex challenge in the modern world that is defined by immense technological undertakings. Therefore, it is imperative that working strategies are employed in combating its threats.

It is also recommended that organizations such as homeland department of security develop a case-specific approach in developing tactics that will prevent future repeats. In addition, adopting cybecrime regulatory laws that focus on the parties at the risk of experiencing cyber-attacks and doing away with the focus on those that focus on the groups that initiate cybercrime attacks can help reduce cyber crime attacks.

Lastly, organizations should set aside investment that will fund research activities to determine the fronts that make it easier for perpetrators to initiate cybercrime attacks.

The study also recommends that organizations implement both technological measures such applying latest security patches, up to date antivirus, operating systems and computer application, password protection, maintaining a strict validation for the data input, monitoring the processes as well as procedures of external contractors who have access to the organizations computer systems.

Others include performing regular scans to the network securities and activities, and create awareness on cybercrime prevention among their employees. This will create an environment where everyone is cautions of the rising thereat on preventing cyber crime.

The United States congress should increase resources and funding to fight cyber crime. This is because cyber crime criminals are organizing themselves in forms of groups and outsourcing funding from terrorist groups and other criminals organizations to advance their criminal activities. With the potential to utilize modern technologies in facilitating cybercrime, the extent of the damages caused by such actions has therefore increased.

The government should also increase the capacity of its agencies ad department the fight with cyber crime through more resource allocations, provision of relevant training and skills in handling the crisis.

Similarly, the information sharing policies from the presidential directives on cyber crime can be very effective in combating the threat of cyber crime if well enacted.

However, the US cybecrime laws are very ambiguous as currently constituted and require comprehensive reforms to ensure they are easily implemented and workable. For instance, the provision on information sharing is currently limited by the existing legal barriers on information sharing between the US government and the private sectors.

The study also recommends the establishment of national agencies that deal with the cybercrime, its mitigation and prosecution just like the case with the drugs. Currently, cyber crime is classified alongside convectional crime and handled by the US department of homeland security. Such an agency should focus on creating a good working relationship between the private and the government sectors especially in combating cyber crime.

The United States government should also embrace creating awareness through education and training to provide the public with accurate, consistent and reliable information on cybercrime. The department of homeland security that currently coordinates cybercrime prevention efforts should introduce training and awareness initiatives for the public sector.

Other initiatives include creating an effective cyber workforce that is responsible for ensuring cyber security through enforcing the enacted cybecrime laws in combating cyber crime.


Limitations of the study on Cybercrime

The limitation of the study was lack of adequate information on the cybercrime prevention. Majority of the research on cyber crime prevention are based on review of relevant literature and lack of adequate information on the field is one of the biggest challenges.

Secondly, much of the information was obtain need from self-reports and therefore there was no allocable method of confirming the accuracy or biasness of the information obtained. Limited data on cybercrime and the emerging forms of such crimes as cyber terrorisms was also a limitation for the study of various researches on cyber crime prevention.

In addition, sources mostly used to conduct this research are self-selecting, which implies that the information collected is limited in relation to the actual cybercrime policy. Similarly, most of the crimes are under reported by the victims and organizations due to the fear of negative publicity. Therefore, the actual information relating to effectiveness of various cyber crime policies is with held by the victims, which greatly hinders finding an effective solution to the problem (Rotich et al, 2014).


Conclusion

In conclusion, cybercrime has significantly increased in the last decade posing a significant threat various organizations and the entire country as well. Studies have revealed that organizations, both public and private, have had to contend with huge losses arising from instances of cybercrime attacks.

Prasanthi and Ishwarya (2015) define cybercrime as any activity that is computer mediated and considered illegal targeting the security of computer systems and the data they process. Carelessness in organizations and individuals is major cause of the rising rates of cyber crimes as they underestimate the risk of cyber crime and therefore fail to take adequate measures to protect their information and sensitive data.

In addition, overdependence by the government on centralized systems and lack of proper guidelines on protecting personal information contained in these systems has left millions of individual sensitive information vulnerable.

The United States department of homeland security is responsible for operating the national cyber alert system. It also coordinates national response systems on cyber crimes and protecting the nation’s critical structure. The department also regulates and implements government policies that are aimed at combating the threat of cybercrime.

In response to the increased rates of cyber crime, The United States government has passed several laws and regulations that accompany the policies formed to prevent cyber crime. Example of such laws is the electronic and communications acts which was passed in the 1986 to regulate disclosure of sensitive information.

The government has also put considerable efforts in the last 10 years to preventing the threat posed by cyber intrusion through maintaining a reliable, secure, interoperable and open internet. In addition, the government has formulated several policies on cybercrime that focus on protecting critical infrastructure, which include critical information systems from the threat posed by cyber crime. Other efforts by the government focus on improving the ability of victims to report incidences of cyber crime to increase the response time to criminal incidences.

The study analyzed various government policies to combat the threat from cybercrime. Cyber criminals are organized in groups and indentifying these groups can help policy makers to come with effective policies to reduce the threat formed by the operations of such groups. Due to the increased connectivity brought by modern technology, cyber crime cases have significantly increased. Therefore, organizations are also coming up with various strategies in addition to the policies formulated by the government to combat cybercrime.

These strategies can be classified as legal, technological and educational/awareness. Legal strategies focus on avoidances of cyber crimes by discouraging cyber crime criminals from committing through tough legal measures and penalties. Technological strategies focus on making it difficult for criminal to commit cyber crime as well as enhancing security of information and data.

Strategies based on creating awareness of cybercrime and data security. The study highlighted several ambiguous policies on cyber crime preventions for analysis using the policy analysis approach. Examples of the policies analyzed are the computer abuse and fraud act.

The policy lacks clarity on the penalties for the acts increasing the possibility that cyber criminals charged with this act receive low penalties that are not equivalent to the damages arising from their activities. In addition, the act does not exclusively specify the relevant authorizes to enforce the act.

This has caused conflicts between various law enforcement agencies at both the state and the federal level. The policy includes cybercrimes that committing by illegal intercept of communication by criminals unless explicitly stated for the prosecution and investigative purposes.

A similar policy is the interception communication act. The policy is ambiguous as it allows criminals to intercept information and data within the lawful confinements of the policy. The policy focuses on the intentional intercept of communication with the intention to commit cybercrime.

It, thus, creates a wide gap in its implementation because criminals can argue that they intercepted communication while conducting their personal investigations. The policy therefore creates a crisis on the nature and the context through which the policy can be applied. The policy also creates a challenge when implemented on computer usage.

Other policy analyzed is the illegal access of storage of information. The policy on illegal access of information or data in electronic storage is ambiguous because it does not include the access to such information or data by the parties providing the storage services as contravening the policy.

There are numerous incidences when information storage providers have been involved in cyber crimes activities but cannot be prosecuted due to the ambiguity of the policy.

The study further analyzed the indentify theft policy. The policy criminalizes intentional transfer or use of another person identity without his consent as a cyber crime. On presidential/ executive policies, the study analyzed the President Obama’s executive orders.

They cover a wider scope because they include the public when compared to the congress acts, which cover the protected computers used governments selected organizations. However, the laws are ambiguous to implement because the information-sharing framework in which it establishes has several legal barriers created by the United States cybercrime law.

References
Bessant, J. (2014). Democracy Bytes: New Media, New Politics and Generational Change. Springer.

Broadhurst, R., Grabosky, P., Alazab, M., Bouhours, B., & Chon, S. (2014). An Analysis of the Nature of Groups Engaged in Cyber Crime. An Analysis of the Nature of Groups engaged in Cyber Crime, International Journal of Cyber Criminology, 8(1), 1-20.

Bucci, S. P., Rosenzweig, P., & Inserra, D. (2013). A congressional guide: Seven steps to US Security, Prosperity, and Freedom in Cyberspace.Heritage Foundation Backgrounder, (2785).

Byrne, J., & Marx, G. (2011). Technological innovations in crime prevention and policing. A review of the research on implementation and impact. Journal of Police Studies, 20(3), 17-40.

Casey, E. (2011). Digital evidence and computer crime: Forensic science, computers, and the ​internet. Academic press.

Choo, K. K. R. (2011). The cyber threat landscape: Challenges and future research directions. ​Computers & Security, 30(8), 719-731.

Clarke, R., Dempsey, G., Ooi, C. N., & O’Connor, R. F. (1998, February). Technological Aspects of Internet Crime Prevention’. In Proc. Conf.’Internet Crime’, Australian Institute for Criminology, Melbourne University (pp. 16-17).

Dashora, K. (2011). Cyber crime in the society: Problems and preventions. Journal of Alternative Perspectives in the Social Sciences, 3(1), 240-259.

Department of Justice. (2015). Computer Crime and Intellectual Property Section (CCIPS) | Department of Justice. Retrieved from https://www.justice.gov/criminal-ccips

Fatima, A. (2015). E-Banking Security Issues? Is There A Solution in Biometrics?. The Journal ​of Internet Banking and Commerce, 2011.

Halder, D., & Jaishankar, K.(2012). Cybercrime and the victimization of women: laws, rights ​and regulations. Information Science Reference.

Jarrett, M., & Bailie, M. (2015). Prosecuting Computer Crimes. Office of Legal Education Executive Office for United States Attorneys. Retrieved from https://www.justice.gov/sites/default/files/criminal-ccips/legacy/2015/01/14/ccmanual.pdf

McMahon, R., Serrato, D., Bressler, L., & Bressler, M. (2015). Fighting cybercrime calls for developing effective strategy. Journal of Technology Research, 6, 1.

McQuade, S. C. (2006). Understanding and managing cybercrime. Boston: Pearson/Allyn and ​​Bacon.

Nelson, B., Phillips, A., & Steuart, C. (2014). Guide to computer forensics and investigations. ​Cengage Learning.

Poole, B. J., & Sky-McIlvain, E. (2014). Education for an information age.

Poonia, A. S., Bhardwaj, A., & Dangayach, G. S. (2011). Cyber Crime: Practices and Policies for Its Prevention. In The First International Conference on Interdisciplinary Research and Development, Special No. of the International Journal of the Computer, the Internet and Management (Vol. 19).

Prasanthi, L. M., & Ishwarya, T. K. (2015). Cyber Crime: Prevention & Detection. International Journal of Advanced Research in Computer and Communication Engineering , 4(3), 1-4. Retrieved from http://www.ijarcce.com/upload/2015/march-15/IJARCCE%2011.pdf

Putnam, T. L., & Elliott, D. D. (2001). International Responses to cyber crime. Transnational Dimension of Cyber Crime and Terrorism, 35-66.

Rotich, E. K., Metto, S. K., & Muketha, G. M. (2012). A survey on cyber crime perpetration and prevention: A review and model for Cybercrime prevention.

Shehu, A. Y. (2014). Emerging Issues in Cyber-Crime: Causes, Implications and Effects for the Legal Profession. Online Journal of Social Sciences Research, 3(7), 169-180.

Sherman, L. W., Gottfredson, D. C., MacKenzie, D. L., Eck, J., Reuter, P., & Bushway, S. D. (1998). Preventing Crime: What Works, What Doesn’t, What’s Promising. Research in Brief. National Institute of Justice.

Stephenson, P., & Gilbert, K. (2013). Investigating computer-related crime. CRC Press.

The White House. (2016). FACT SHEET: Cybersecurity National Action Plan | whitehouse.gov. Retrieved October 8, 2016, from <https://www.whitehouse.gov/the-press-office/2016/02/09/fact-sheet-cybersecurity-national-action-plan>

Weisburd, D. L., & McEwen, T. (2015). Introduction: Crime mapping and crime​​prevention. Available at SSRN 2629850.

This is a shortened version of the actual dissertation on cybercrime and cybecrime prevention policies. You can request for a free copy of the whole dissertation or have a similar, original, plagiarism free dissertation paper written from scratch on your behalf by our competent dissertation writers at an affordable rate by placing an order now.