AFCEA International Cyber Committee calls on government to teach citizens how to protect cyber ecosystem
Fairfax, VA, Jan. 27 - As much as 80 percent of the cyber threats the American public faces today stem from poor or non-existent computer hygiene. U.S. adversaries are using this malady to their strategic advantage and systematically degrading the national infrastructure. They are subverting U.S. economic and military superiority; eroding citizens' confidence in the government's ability to protect and defend the nation; and, ultimately, turning back the clock on American prosperity.
These are the conclusions of AFCEA International's Cyber Committee, which are detailed in a white paper now available online. Committee members Robert Dix and Chris Folk authored the paper. It calls on U.S. government agencies to create and lead a national awareness and educational campaign to remedy the situation. Dix is the vice president of global government affairs and public policy at Juniper Networks; Folk is the director of the Homeland Security Systems Engineering and Development Institute, National Protection Division, The MITRE Corporation.
"Understanding the '80 percent challenge' and the underlying premise behind it—that we can boost our defenses by routinely implementing computer hygiene—can increase our defense game significantly," the authors suggest. "If we better educate individuals, and if we forge stronger partnerships between citizens and the industry and government sectors, we can raise the cost of attacks to the adversary. We can turn the 80 percent problem into the 80 percent solution.
The need to better educate users to take personal responsibility for their own safety and security in this space is an imperative, they add. "Currently, there is a gap, primarily because users simply don't understand what the cyber threats are, how their information can be compromised or what to do. We can and must change that," Dix and Folk say.
The "we" they are referring to are the numerous governmental and other organizations that are in contact with the public on a daily basis. Their recommendation is to establish a coordinated and integrated nationally led program to articulate the cybersecurity challenges and leverage existing outreach and communication conduits and mechanisms.
"The program would combine very easy-to-understand guidelines and employ solutions underpinned by a set of non-product-specific protective measures and best practices. Further, government and private groups who already engage with their customers and constituents would promulgate these solutions to individuals, groups, businesses—especially small- and medium-size—and non-profits alike," they propose.
The HOME Campaign is at the core of this initiative. The elements—hygiene, ownership, multipliers and ecosystem, or HOME—encapsulate concepts that enable all citizens to learn and employ safe computing habits. They must keep their personal computer systems up to date; protect personal information; understand that owning multiple devices increases the avenues for attack; and recognize their role in protecting networked systems.
"The time and attention of the nation on this topic needs to be addressed today," Dix and Folk state. "Cybersecurity ideas and issues must be demystified. … Users must understand their role in basic computer hygiene. … Users must ask for more secure products. The government can help facilitate and make sure there are stronger policies and higher standards for security, but all citizens must drive these actions."
AFCEA International, established in 1946, is a non-profit membership association serving the military, government, industry and academia.