The US Government has designated October as National Cyber Security Awareness Month (NCSAM) to promote awareness of the security risks associated with the computer age. In a world where the United Nations have declared the internet “a key means by which individuals can exercise their right to freedom and expression,” is it any wonder that those same channels have become the target of the unscrupulous criminal, often seeking to exploit our naivety to gain access to our information and ultimately our funds?
Most people know the terms — malware, spam, virus, trojan, denial of service, phishing, etc. — and so may be deluded into thinking they know how these scams work. In fact, the techniques used in cyber crime represent levels of sophistication far beyond the grasp of most people and too many businesses.
Governments worldwide have an important duty of care regarding the security of their citizens and the integrity of their infrastructure, and cyber security sits at the cornerstone of this duty. As reflected at the Business Continuity Leaders summit that FICO hosted earlier this year in London, the UK financial regulatory bodies have sought to test the capabilities of the banks to withstand a sustained cyber attack as part of the 2012 Olympic security preparation. And as I reflected in this blog back in May, the move toward a more resilient environment of data security and protection is paramount.
So how is cyber security awareness best effected? Well, the Business Continuity and Risk Management community, of which I am a member, is proposing the education start at common points of interaction, including the popular social media sites and trusted organisational web pages. Getting end-users familiar with security and protocols for their most frequent online activities helps to create a level of expectation and promote awareness.
Education is a mammoth task and there is no silver bullet. Events like the NCSAM provide useful reminders, advice and guidance to the innocent consumer.