Abstract

The complexity of cybersecurity in both scope and definition is evidenced in the real world by the myriad federal, state, local, and international agencies which play an integral role in the prevention, mitigation, and investigation of cyber-related incidents. Cyberadversaries range from nation states to organized crime groups to cyberhacktivists, all of which can vary their vectors of attack against a wide range of victims throughout the United States. Victims can include government sites, critical infrastructure, businesses, or individuals. Given the online and digital interactions between companies, systems, and customers, the ability to effectively fortify systems has become increasingly impossible. Adding to the complexity of defense are the complexity and size of the criminal adversaries. Nation states primarily engage in warfare, espionage, malicious attacks, and corporate theft. Organized crime groups engage in fraud, identity theft, ransomware, and spear phishing campaigns for financial gain. Cyberhacktivists 7pursue a social agenda through a variety of cyberattacks designed to gain attention for their cause. As a result, the governmental reaction to cybersecurity has been to create or empower a panoply of agencies with authorities or jurisdiction, which was designed to provide the necessary response expertise to the evolving threat driven by the Internet and cyber-enabled enhancements to our global environment. However, this approach over time has led to confusion for the victims of cyberattacks as well as jurisdictional fighting among the many agencies. Thus, numerous legislative actions and executive orders have been enacted to define “the lanes in the road” for lead roles and to facilitate the coordination, outreach, and liaison between the agencies. This chapter will discuss the government and law enforcement agencies involved in cybersecurity, their roles, governing structures, and coordinating entities.