Now, unless you are in the industry OR associated with it, the chances are you’ve not got a clue that October is “click responsibly” or National Cybersecurity Awareness Month. After all, we share October with Breast Cancer Awareness, LBGTQ History, and 14 other notable causes. We are finally showing up in Wikipedia on their reference page for “month-long observations” alongside 100 other things jammed into each year. However, to the greater planet (around 7.6 billion folks at the moment), there’s little awareness that this month is THE month to think about all those digital safety things we keep bragging about.
And that’s a problem…
By Chris Roberts, Researcher, Hacker, CISO
Because let’s face it, we’d be in less of a mess if we gave kids a box of matches to play with than electronic devices. Sure, we’d have to ensure that the entire house was flame retardant and that we actually remembered where we put the extinguishers, but we’d have fewer kids being groomed online, less bullying, cyberstalking, fraud, and a whole lot more attentiveness in the world.
However, that’s NOT going to change, so what DO we do about it?
Firstly, we can talk about awareness and education from a younger age. Waiting until the kids are in high school and being handed a Chromebook or something similar, and then regretting about how the online world is dangerous, is far too late. How about we work on educating them from the crawl-stage onwards? After all, parents have been pampering kids with electronics since that point, so it makes sense to start the conversations about safety and what it means to be a good, upstanding digital citizen from that very age. There’s enough of us out there that can help, volunteer, educate, or come up with engaging material to bring a level of awareness from the K-onwards (Kindergarten). There are efforts underway, but they need all of our help in any way we can, after all THIS is the generation that’s going to be responsible for the Internet when we’re sitting in our retirement homes dribbling into the sunset.
Secondly, we’re going to have to have a conversation with the parents. We understand the menace that most digital systems are, the parasitic nature that many programs bring to those devices all wrapped up in seemingly innocent games and social interaction tools. However, despite all our best efforts, two things are apparent; the likes of exploitive software companies are here to stay until we can deal with them more efficiently, and most parents or guardians have absolutely NO clue as to the dangers of letting their kids online at an early age. The first one’s going to have to be dealt with through legislation and other methods and the second (the parent/guardian) is again an education, awareness, and crucially accountability discussion.
At this point, I’m going to borrow from two good friends in the industry. Both Ryan Cloutier and Evan Francen talk at length about accountability in the context of our industry and those of us in it. They talk about how we need to hold ourselves and our technologies to higher standards and to actually be responsible for what we’re doing in this world, as opposed to simply going along like lambs to the digital slaughter on the alters of IPO or venture capitalism (as many folks are seemingly focused on).
Now, if we take some rough numbers, we have 2.2 billion kids in the world, around 800 million elderly, which means those of us in the middle have to step up and look after the rest. That’s 4.6 billion of us to look after 3 billion. So, all it takes is for one of us to tell two other people about HOW to become safer online, how to approach technology, and how to question more and believe less.
That’s not too hard, is it? Seriously, each of us tells two other people. Preferably one person in the caring group and one in the crawler range. Crucially we also need to make sure we inform folks outside of our own comfort circle (including strangers). To pull another quote from another industry expert, Rachel Arnold, “WE need to get off our own Island…”
Now, if we add to this equation, the simple fact that there are around 3.5 billion smartphones dotted around the globe, we have another way to influence. I’m not talking about everyone rushing out to start another education/awareness company OR another app to get lost in the mix; I am talking about driving quality content, consistent messaging, and reinforcing the desire to help those around us become a little safer and a lot less risky in how they approach the digital world we live in, preferably in a language other than English. (Newsflash: The U.S. only has 4% of the world’s population, they rank 3rd in mobile users, and let’s face it, we’ve only got around 15% of the population of the planet that speaks this language). So, let’s see if we can use our strengths and capabilities to influence others all over the globe?
I know that this line of thinking is radical, we’re back to putting people ahead in the equation, we’re using technology simply as a mechanism for carrying our message, and we’re engaging in processes, policies, and controls to help alleviate the issues. We’re NOT chasing down a technology solution, we’re not whiteboarding another widget that can translate, and we’re sure as hell NOT trying to explain to anyone how AI is going to solve this. It’s simply back to where we started thousands of years ago. We sat around the fire explaining to the kids what was good in our tribe, where we could go, and what would try to eat us if we wandered too far. Nothing’s really changed. The tribe is now global, and technology can take us anywhere, at any time, we just must respect it a lot more than we do.
So, please take the time to talk with others, in a language they understand, at a level they can absorb, and with simple, basic help that they can effectively utilize.
About the Author
Chris Roberts possesses a rich experience within the domain of information security and is globally recognized as one of the pioneering wizards on vulnerability research and counter-threat intelligence. He has worked on a multiplicity of projects specializing in intelligence gathering, DarkNet research, deception technologies, and cryptography with several organizations and has been credited by many of the top Information Technology and Security disciplines.
Views expressed in this article are personal. The facts, opinions, and language in the article do not reflect the views of CISO MAG and CISO MAG does not assume any responsibility or liability for the same.
Related story: Cybersecurity Awareness – Act Now!