21 October 2017
Robert Siciliano

Identity Theft Expert

Robert Siciliano - IDTheftSecurity.com

739Posts 2,037,484Views 62Comments

Citizens Need to be More Involved in Cybersecurity

14 February 2010  |  3098 views  |  2

In the University of Cincinnati’s Journal of Homeland Security and Emergency Management, the authors write “The general population must be engaged as active security providers, not simply beneficiaries of security policy, because their practices often create the threats to which government responds.” Somebody is saying to take personal responsibility and start doing things securely opposed to expecting it to all be done for you. What a revelation!

Just because everyone has access to the Internet, doesn’t mean they are using it securely. If a person decides to login, they should take some basic courses or read about how to login securely. And the education doesn’t stop there. New scams pop up every day and one has to be aware of their options. I write almost every day and there is never a shortage of topics for me to discuss.

The Internet can be a dangerous neighborhood with bad people around every corner. I got an email from a colleague today who is in the security business. He asked me if the email he received from Facebook to change his password was a fake or real. This is a smart guy, who obviously never heard of the Facebook phishing scam before.

NetworkWorld reports They cite the coordinated attack that overwhelmed U.S. and South Korean government sites last July as being the type of attack that individuals can unwittingly participate in by allowing their computers to be taken over by botnets, the authors say. The awareness they call for has to go beyond simply “if you do not protect yourselves bad things will happen to you” and create a sense that cyber security is a civic duty. Most users remain unaware that not only is their computer data vulnerable, but that their insecure access to cyberspace can be exploited by others turning them into unwitting agents of coordinated cyber threats [both criminal and disruptive attacks],”they say. “Cybersecurity must become a national civic responsibility.”

Frankly, we as citizens HAVE TO do something. Richard Clarke, the president’s cybersecurity adviser, recently wrote that the Department of Homeland Security “has neither a plan nor the capability” to protect the U.S.’s cyber infrastructure. He said companies and individuals “almost uniformly believe that they should fund as much corporate cybersecurity as is necessary to maintain profitability and no more.”

Whether you realize it or not, your computer is one of the biggest threats to your personal security. The Obama administration believes that your computer is also one of the biggest threats to national security.

The message is: Think before you click. Know who’s on the other side of that instant message. What you say or do in cyberspace stays in cyberspace — for many to see, steal and use against you or your government.

TagsSecurityRisk & regulation

Comments: (3)

Uri Rivner
Uri Rivner - BioCatch - Tel Aviv | 14 February, 2010, 10:34

I'd like to consider awareness as one line of defense out of many. Certainly a lot can be done to promote awareness, but today's attack methods - drive by download, social network infection - are so far from the good old Phishing days, where you had an actual chance of educating people about the threat, that we can only consider it as one part of the equation.

It's like expecting people not to catch Swine Flu. Yes, you can educate people about that, but you also need government-funded vaccines, antibacterial gel distributed in public toilets, tight monitoring for any violent variants, etc. This discussion is similar to the one I pointed out in "Finger pointing in commercial banking": http://www.finextra.com/community/fullblog.aspx?id=3792

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Cedric Pariente
Cedric Pariente - Racine Alpha - Paris | 14 February, 2010, 14:58

I agree with Uri.

The knowledge required to be safe on the internet today is so huge and changing every day, that it's almost a full time job.

How do you want to explain someone who hardly knows how to surf what a man-in-the-browser is?

Efforts have to be made on every side, but the users' side will take time to be educated.

Security vendors have to keep that in mind when developping their solutions.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Robert Siciliano
Robert Siciliano - IDTheftSecurity.com - Boston | 15 February, 2010, 14:17

Thanks Gents,

Great feedback. We have to at least push education in a way that wakes people up. Not everyone will havbe the capacity, but those that do will effectuate change.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)

Latest posts from Robert

What Was Scary About Blackhat 2017?

02 August 2017  |  6038 views  |  0 comments | recomends Recommends 0 TagsSecurity

Black Hat 2017 was an Amazing Event

29 July 2017  |  6677 views  |  0 comments | recomends Recommends 0 TagsSecurity

Blackhat Hackers Love Office Printers

28 July 2017  |  5283 views  |  0 comments | recomends Recommends 0 TagsSecurity

Getting Owned or Pwned SUCKS!

13 June 2017  |  5705 views  |  0 comments | recomends Recommends 0 TagsSecurity

Parents Beware of Finstagram

27 April 2017  |  5178 views  |  0 comments | recomends Recommends 0 TagsSecurity

Robert's profile

job title Security Analyst
location Boston
member since 2010
Summary profile See full profile »
Security analyst, published author, television news correspondent. Deliver presentations throughout the United States, Canada and internationally on identity theft protection and personal security....

Robert's expertise

Member since 2009
732 posts62 comments

Who's commenting on Robert's posts

Ketharaman Swaminathan
Adedeji Olowe