Shoring Up National Cyber Security Infrastructure

Monday, February 21, 2011

Robert Siciliano

37d5f81e2277051bc17116221040d51c

The wild, wild web is the most exciting, alluring, and all-around awesome thing available to us today. It’s also something we have come to rely on to a fault. And that’s a little scary.

The Internet is a decentralized wilderness, used by billions of devices worldwide.

Joe Lieberman, chairman of the Homeland Security and Governmental Affairs Committee, introduced a controversial bill designed to empower the United States to shut down the Internet, explaining:

“For all of its user-friendly allure, the Internet can also be a dangerous place with electronic pipelines that run directly into everything from personal bank accounts to key infrastructure to government and industrial secrets, our economic security, national security and public safety are now all at risk from new kinds of enemies — cyber-warriors, cyber-spies, cyber-terrorists and cyber-criminals.”

Regardless of the politics behind the issue, shutting down the Internet would have dire consequence on everything from electricity, water delivery, transportation, and food production. We simply aren’t prepared for that kind of shift.

But the question remains, how do we shore up our nation’s critical infrastructure against online attacks?

States, governments, and corporations are investing billions in online infrastructure. Thousands of cyber security professionals are being trained to keep us safe. I can only hope that many are decentralizing their systems in order to become self-reliant if necessary.

While technologists and government leaders are sorting this out, the weakest link in the chain is still…drum roll, please…you.

Corporations and government agencies are legally required to secure their systems, at least minimally. But no such standards exist for the consumer. No laws require you to take a single step for the sake of your own security.

Software vendors should certainly be held accountable if their products aren’t secure, but this alone is inadequate.

If you buy a bike for your child, for example, it’s up to you to teach him to ride safely, and to require him to wear a helmet. In many places, children are legally required to wear bike helmets. Similarly, you can’t drive a car without a license, and you can’t get that license without proper training.

It should be the same with technology. Before you come to rely on a smartphone or PC, you ought to receive training on how to use it securely.

I have enough faith in people to believe that if we truly understand the consequences of inaction, we’ll come together and act to resolve whatever problems we face.

We need to get together on this issue and do something about it…like, yesterday.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto, discusses the possibility of an Internet crash on Fox Boston. (Disclosures)

Possibly Related Articles:
11634
Policy
Policy Cyber Security Infrastructure vendor Kill Switch Consumers
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.