1 Running head: RELATIONSHIP BETWEEN PRIVACY AND SECURITY 7 RELATIONSHIP BETWEEN PRIVACY AND SECURITY THE RELATIONSHIP BETWEEN PRIVACY AND CYBERSECURITY IN GOVERNMENT CONTRACTING AGENCIES Table of...

1
Running head: RELATIONSHIP BETWEEN PRIVACY AND SECURITY        
7
RELATIONSHIP BETWEEN PRIVACY AND SECURITY        
THE RELATIONSHIP BETWEEN PRIVACY AND CYBERSECURITY IN GOVERNMENT CONTRACTING AGENCIES
Table of Contents
Abstract…………….…………….…………….…………….…………………............................3
Chapter 1: Introduction……………….……….…...………….…………….…………….………4
Objective of the Project…………….…………….…………….…………….…………………...6
Project Plan…………….…………….…………….…………….…………….……………….…7
Likely Outcome…………….………………...…………….…………….…………….…………8
Relationship to Master’s Program…………….…...………….…………….…………….………9
Chapter 2: Literature Review …………….…………….…………….…………….……………..9
Chapter 3: Methodology/Novelty/Demo….…...……………….…………….…………….……16
    Background….…...……………….…………….………….…………….…..….….……18
    New Approach….…...……………….…………….…………….……………...….……22
The U.S. Privacy Laws.…...…...…...….…...…...…....………….…………..….…………….…17
Europe and Africa Privacy Laws.…...…...…...….……………...…………..…………….…….20
Discussion and Conclusion……….……….…….…………….…………….…………………...25
References.…………….…………….……….…….…………….…………….………………...26
Abstract
    This paper will explore a number of articles that reports on this research that looks at the benefits that contracting companies get by combining privacy and security in their business operations with federal government agencies. This paper will take the articles featured and explored here and combined them with the methodology that is looked at in the case study to identify and explore the areas that need attention and would need more effort; and put forth recommendation to ensure a good joint relationship between the federal agencies that are conducting business with contracting private companies.
Key words: privacy, security, cyber-attacks, threat actors
Chapter 1: Introduction    
Background
When it comes to privacy and cybersecurity, the U.S. government contracting agencies are always in a predicament. Cybersecurity and privacy are critical issues that affect practically every organization since they have access to essential information and are affiliated with the U.S. government making them an appealing target for hostile operations (Zwilling et al., 2020). The U.S. government is concerned about digital and technological protection and growing national security concerns. Government contracts necessitate extraordinarily high levels of information security for commercial firms. The government contracting agencies are expected to adhere to federal privacy policies and the Federal Information Security Management Act of 2002 (FISMA).
A company's computer network may contain personal data about customers and workers and sensitive government information (Li & Liu, 2021). Following high-profile data breaches at significant corporates and healthcare companies, much of the media and legislative focus on cybersecurity and privacy has centered on personal information security and how to report it when it has been compromised. This paper critically examines the relationship between privacy and cyber security in the United States government contracting agencies and provides informative analyses of government contracting agencies' roles. The report further examines how cyber security and privacy intertwine. Going a step further, it provides a foundation of policies and general cybersecurity laws discussions on cyber security and privacy protection and compares what the U.S. currently has with that of Europe and Africa.
This research will examine the relationship between privacy and cybersecurity in U.S. government contracting agencies, as well as explore how cyber security and privacy intertwines, compare the Cybersecurity and Privacy policies of the U.S. and other continents and propose a solution to the current cybersecurity and privacy challenges.
    Cyber security means preventing computer or electronic communications systems or services from being harmed or compromised through malware, protecting those systems and services, and restoring any information included in those systems or services. In contrast to popular belief, achieving complete cyber security is progress. It requires a constant effort to identify and protect against possible cybersecurity issues; and recognize, respond to, and recover from existing cybersecurity incidents. Government contracting agencies and their consumers might be jeopardized if an attacker takes advantage of a weakness in their I.T. system or network. It can be evaluated by looking at an I.T. attack's threats, vulnerabilities, and repercussions.
Information security has risen to the top of the social and political agenda following the current widespread usage of the internet. The issue of privacy has become a global problem because of worldwide trade, communication and travel, and marketing. Keeping one's personal information private is getting increasingly difficult due to advances in computer networks. Nation-to-nation differences exist in the strategy taken to data protection regulation. European Union (E.U.) versus the United States (U.S.) divergences stand out. In the 1990s, the E.U. enacted the Data Protection Directive to safeguard itself and cross-border trade. Private sector parties such as enterprises and non-profits are not protected under the Bill of Rights (Aggarwal & Reddie, 2018). Identity theft, public stalking, and invasive corporate marketing have grown easier because of the internet's rise. As a result of commercialization, information may now be purchased and sold for a fee. Major historical events have sparked privacy concerns, such as census data to pinpoint the residences of ethnic and religious targets during the Holocaust in Europe. At that time, the United States had a heightened sense of security. Government constricting agencies need to view privacy regulation as an impediment to doing business rather than a set of rules for doing it more effectively. The advertisement works as a catalyst for new entrants, new items, and the most incredible offers in the market.
Cybersecurity and privacy are critical concerns for the United States government, taking two main steps to address them. First, contracting agencies that have access to sensitive information are held to a higher standard of security (Aggarwal & Reddie, 2018). Aside from hardening security and safeguarding data, these extra responsibilities have a hazy scope that makes it difficult to gauge their exact impact. It might be challenging to figure out what a contracting agency should perform. It's a part of the government's strategy that offers to assist federal contracting organizations and contractors that have been the victims of cyber assaults. However, this assistance may not be valuable, especially for persistent and complicated state-sponsored cyber threats. Though the government has a legitimate interest in gaining access to information technology systems, many agencies are wary of doing so (Humayun et al., 2020). Cyberspace connection is crucial to the future economic growth of the United States since it enhances all these critical infrastructural sectors.
Objective of the Project
The project will have a couple of objectives, one will be to examine the relationship between privacy and cybersecurity in U.S. government contracting agencies. To explore how cyber security and privacy intertwines. To compare the Cybersecurity and Privacy policies of the U.S. and other continents; and finally look at and propose a solution to the current cybersecurity and privacy challenges. The goal is to uncover what are the current privacy and cybersecurity tools and frameworks that are currently being utilized and see how we can incorporate already existing ones such as NIST and the GDPR to the current setup with the government relationship to the contracting groups. My research paper will look at creating an implementation strategy that takes on exploring of a hypothetical case study of a company that a federal government agency would work with in a contracting capacity. The paper will then develop a framework that would work in this instance, and should therefore be implemented and can be used at any agency level with appropriate tweaks.
Project Plan
I have identified my audience to be IT and cyber security professionals who understand the need to develop this area and realize the need for policies that will transcend this area to a new level. as well as the incoming and seasoned workers in the contracting firms and the federal government. My timeline for my first part of the proposal of his research as well as present a solution, this will look at my hiccups, dilemmas and issues that arise during my research. I will also need to present a positive effect of my research to the development of the current state of affairs in the relationship between the federal government institutions and contracting companies.
With the changing times and the growing need to be as savvy if not savvier and steps ahead than our attackers, there is a growing need to protect essential data from unauthorized eyes. I would like to present my timeline in a Gantt chart form, however, here is the plan shown in the table below:
Likely Outcome
    Government contracting agencies and their consumers might be jeopardized if an attacker takes advantage of a weakness in their I.T. system or network. It can be evaluated by looking at an I.T. attack's threats, vulnerabilities, and repercussions. To my stakeholders who are both the government primarily as well as the contracting agencies, I intend to ask and explain what the ideal framework that would cover both privacy and cyber security in these institutions would be.
Government contracting agencies need to recognize what data and systems they have, how to attack them, how probable it is that they will be attacked, and the challenges they would face if their data and systems are compromised., authenticity, and accessibility are all terms used in the US Code to characterize information security. Government institutions like the Defense Department are vulnerable to cyberattacks, just like the government itself. Cyberattacks like the Solar Winds and Hafnium attacks infiltrated I.T. goods to target their users are instances of this type of attack. I will determine the most ideal frameworks to be used in these two institutions with the go to ensure that the workers work smart and the data is protected.
Relationship to Master’s Program
The Masters of Science in Cybersecurity Program is relevant to my project since some relevant courses will be present in my topic. The IT-535 Advanced Security relate on the regulations and laws, IT588 Cybersecurity Risk Management which dove deeply into the NIST frameworks and not to forget IT 590 Advanced Topics in Cybersecurity that did speak about General Data Protection Regulation implemented in 2018 is the most revered and strictest regulation in the world. All of which will be present and helpful in my project.
Chapter 2 - Literature Review
Introduction to Literature Overview
    The government has large amounts of digital information on individuals, companies, and sensitive topics which may have been collected, processed, stored, and disposed of by government contracting agencies during many contracts. Ensuring to keep such data and the systems that it uses, safe, there needs to be planning, establishing & implementing policies, as well as programming on the part of the government and the citizens alike. Several federal statutes, including the Federal Information Security Modernization Act (FISMA) and Federal Information Technology Acquisition Reform Act of 2014. Guidance papers include O.M.B. circulars and memoranda, and operational directions from the Department of Homeland Security (D.H.S.), while standards and advice produced by the National institute of standards (NIST) also apply to agencies (NIST).
The current World Economic Forum research shows that new techniques are needed for ensuring there is resilience in the cyberspace, and that a catastrophic loss is looming if cyberspace is not adequately secured. A variety of additional channels, such as social media and mobile devices, have been added to entry points of cyberspace threats lately, that would be a good place to start to get some general ideas on where to potentially focus first before going deeper.
The literature review of this research paper will focus on four key areas which are: Political views on privacy and cyber security, Goals for privacy in organizations working with the government, Ethics and Intertwining of privacy and security and Benefits of data protection. What the articles have in common under the Political views on privacy and cyber security is that they look at what the Government current or otherwise is doing or has previously done to further this movement and privacy and how seriously the government takes this topic in relation to action in defense as well as in offense.
The articles under goals for privacy in organizations working with the government, showcase the requirements required by contracting agencies in order to be able to form working partnerships with the government. For ethics and intertwining of privacy and security these articles show that there is an essence of expecting people to do the right thing, expecting organizations to do the right thing, and to work in unison to be able to form a seamless working partnership between two different organizations that are working towards the same goal. The articles under benefits of data protection highlight research that has been conducted in this field that helps educate on the necessity of taking more serious steps to protect data, and the sophistication by which attackers and other malicious actors have become more tactful and resourceful in their attacks. Below I will highlight each article and what it highlights and how it would be beneficial for the research paper.
Political views on Privacy and cyber security
According to Cavelty & Wenger (2019),cyber incidents have become more expensive, more disruptive, and in many cases more political, with a new body of theoretically informed research emerging in parallel. It provides the intellectual history to situate this literature in its broader evolutionary context. After identifying and discussing six drivers from the fields of technology, politics, and science that have been influential in the evolution of cyber security politics and how it is studied, they describe three historically contingent clusters of research. Using the same driving factors to look into the future of research on cyber security politics, we conclude that it is a vibrant and diverse biotope that is benefitting from its interdisciplinarity, its relevance for policy, and its cognizance of the interplay between technological possibilities and political choices of state actors. A variety of additional channels, such as social media and mobile devices, have been added to entry points of cyberspace threats lately, with several factors having the potential to leave government contracting companies exposed to cyber-attacks; as they seek to stay up with the ever-changing landscape generated by innovative technology, and human social activities.
According to the press release by the White House in 2021, cyber incidents that have been affecting the country last year, in May 2021, President Biden issued an executive order on improving the nation’s cybersecurity. The order aims to modernize cybersecurity defenses by protecting federal networks, improving information sharing between...