19 April 2018
Robert Siciliano

Identity Theft Expert

Robert Siciliano - IDTheftSecurity.com

747Posts 2,138,357Views 62Comments

Citizens Need to be More Involved in Cybersecurity

14 February 2010  |  3165 views  |  2

In the University of Cincinnati’s Journal of Homeland Security and Emergency Management, the authors write “The general population must be engaged as active security providers, not simply beneficiaries of security policy, because their practices often create the threats to which government responds.” Somebody is saying to take personal responsibility and start doing things securely opposed to expecting it to all be done for you. What a revelation!

Just because everyone has access to the Internet, doesn’t mean they are using it securely. If a person decides to login, they should take some basic courses or read about how to login securely. And the education doesn’t stop there. New scams pop up every day and one has to be aware of their options. I write almost every day and there is never a shortage of topics for me to discuss.

The Internet can be a dangerous neighborhood with bad people around every corner. I got an email from a colleague today who is in the security business. He asked me if the email he received from Facebook to change his password was a fake or real. This is a smart guy, who obviously never heard of the Facebook phishing scam before.

NetworkWorld reports They cite the coordinated attack that overwhelmed U.S. and South Korean government sites last July as being the type of attack that individuals can unwittingly participate in by allowing their computers to be taken over by botnets, the authors say. The awareness they call for has to go beyond simply “if you do not protect yourselves bad things will happen to you” and create a sense that cyber security is a civic duty. Most users remain unaware that not only is their computer data vulnerable, but that their insecure access to cyberspace can be exploited by others turning them into unwitting agents of coordinated cyber threats [both criminal and disruptive attacks],”they say. “Cybersecurity must become a national civic responsibility.”

Frankly, we as citizens HAVE TO do something. Richard Clarke, the president’s cybersecurity adviser, recently wrote that the Department of Homeland Security “has neither a plan nor the capability” to protect the U.S.’s cyber infrastructure. He said companies and individuals “almost uniformly believe that they should fund as much corporate cybersecurity as is necessary to maintain profitability and no more.”

Whether you realize it or not, your computer is one of the biggest threats to your personal security. The Obama administration believes that your computer is also one of the biggest threats to national security.

The message is: Think before you click. Know who’s on the other side of that instant message. What you say or do in cyberspace stays in cyberspace — for many to see, steal and use against you or your government.

TagsSecurityRisk & regulation

Comments: (3)

Uri Rivner
Uri Rivner - BioCatch - Tel Aviv | 14 February, 2010, 10:34

I'd like to consider awareness as one line of defense out of many. Certainly a lot can be done to promote awareness, but today's attack methods - drive by download, social network infection - are so far from the good old Phishing days, where you had an actual chance of educating people about the threat, that we can only consider it as one part of the equation.

It's like expecting people not to catch Swine Flu. Yes, you can educate people about that, but you also need government-funded vaccines, antibacterial gel distributed in public toilets, tight monitoring for any violent variants, etc. This discussion is similar to the one I pointed out in "Finger pointing in commercial banking": http://www.finextra.com/community/fullblog.aspx?id=3792

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Cedric Pariente
Cedric Pariente - EFFI Consultants - Paris | 14 February, 2010, 14:58

I agree with Uri.

The knowledge required to be safe on the internet today is so huge and changing every day, that it's almost a full time job.

How do you want to explain someone who hardly knows how to surf what a man-in-the-browser is?

Efforts have to be made on every side, but the users' side will take time to be educated.

Security vendors have to keep that in mind when developping their solutions.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Robert Siciliano
Robert Siciliano - IDTheftSecurity.com - Boston | 15 February, 2010, 14:17

Thanks Gents,

Great feedback. We have to at least push education in a way that wakes people up. Not everyone will havbe the capacity, but those that do will effectuate change.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)

Latest posts from Robert

Mobile Phone Numbers Are as Sensitive as Your Social Security Number

2 hours ago  |  716 views  |  0 comments | recomends Recommends 0 TagsSecurity

The Term Identity Theft Protection is Often a Lie

06 April 2018  |  5083 views  |  0 comments | recomends Recommends 0 TagsSecurity

Use a Password Manager Or You WILL Get Hacked

19 March 2018  |  3740 views  |  0 comments | recomends Recommends 0 TagsSecurity

14 Social Media Disasters Ready to Strike

03 March 2018  |  4862 views  |  0 comments | recomends Recommends 0 TagsSecurity

Understanding and Stopping Criminal Identity Theft

23 February 2018  |  6543 views  |  0 comments | recomends Recommends 0 TagsSecurity

Robert's profile

job title Security Analyst
location Boston
member since 2010
Summary profile See full profile »
Security analyst, published author, television news correspondent. Deliver presentations throughout the United States, Canada and internationally on identity theft protection and personal security....

Robert's expertise

Member since 2009
739 posts62 comments

Who's commenting on Robert's posts