The United States is frequently ranked among the most advanced e-government countries in the world (Accenture, 2004; United Nations, 2003; West, 2004). While many of these surveys emphasize the importance of technological issues, such as Web sites, interoperable data standards, and security protections, considerably less attention has been focused on the legislative environment that either facilitates or hinders the development of e-government at the national level. Like all countries, the United States has long grappled with the problem of how to centrally coordinate a diverse and sometimes incongruous collection of departments and agencies to achieve improved efficiencies, while maintaining a level of flexibility that enables these entities to carry out their specialized responsibilities effectively. This challenge can be made harder by the integration of information technology into government, by reifying organizational boundaries in the form of so-called “stove pipes” and “islands of automation.” To combat these problems, national governments are attempting to use legislative means to harmonize a cacophony of independent initiatives, and establish benchmarks for oversight. On December 17, 2002, President George W. Bush signed the E-Government Act of 2002 (116 Stat. 2899; P.L. 107-347) into law. Although there are many existing laws regarding issues such as information technology (IT) management, privacy, and information security, the E-Government Act of 2002 is the first national law that specifically addresses e-government in the United States. Prior to the passage of the E-Government Act, the law frequently cited as the most comprehensive information technology-related law was the Clinger-Cohen Act, signed into law in 1996, just 5 years after the development of the World Wide Web (1991) and at a time when the potential uses of the Internet were just beginning to be recognized by the larger, general public. The Clinger-Cohen Act provisions focus primarily on a narrow range of issues, including the decentralization of IT management within the U.S. federal government, pilot testing of new IT procurement procedures, and the establishment of chief information officer (CIO) positions in the major departments and agencies. In contrast, the provisions of the E-Government Act, described in greater detail below, address a much more comprehensive range of issues, suggesting that the integration of IT into government operations has reached a critical turning point. Some of these provisions include information security, IT management and training, the digital divide, and the creation of an Office of Electronic Government to coordinate and oversee e-government initiatives government-wide, among other duties.
Cybersecurity Threat Modelling: A Case Study of An Ecommerce Platform Migration to the Public Cloud