Be aware! Be very aware!
“No. Be afraid. Be very afraid.”?[1]
There is just something about old cemeteries around midnight with a full moon, accompanied by strange noises, which somehow always occur behind you. The traditional “scary” holiday, Halloween, is almost here. Many of the things we learned as children, much of which was passed on to the next generation, surround being “aware”. These things become second nature for people in how they interact with the world, in a safer way. Most of these are not just for Halloween time, and most are useful to people of all ages.??Some of the big ones are:
·???????“don’t go to sketchy [risky] places”
·???????“don’t talk to strangers”
·???????“be aware of your surroundings” (i.e., cars, people, area, etc.)
·???????“look both ways before crossing the street”
·???????“have an adult check your candy before you eat”?
·???????“don’t overindulge” (i.e., eat so much candy you get sick)
These concepts are so ingrained in most people that they do not have to consciously think of them to have their own personal “safety-sensor” go off, putting themselves on elevated alert and adjusting their behavior.??We might turn a corner while walking in a big city and immediately feel that we are heading into an area that might not be so safe. Or perhaps it is a lone person, after work, walking to their car in dimly lit parking lot at night and being hyper aware of noises and other signs of potential trouble. The “looking both ways before crossing the street” one, is notoriously automatic for people … although, I think mobile phones, texting and apps, may be eroding our innate safety mechanism for this one ??.
What is not so natural for people in this ever-advancing technical world, is awareness of cybersecurity and how to stay “cyber safe”. As children, most of us were probably not taught to change the default configuration of our toys, not to choose a simple passcode for a game, diary, etc., and probably not even to worry too much about “shoulder surfing” risk when playing games in the family room. In fact, in a lot of cases people probably tended to keep things simple to make them easy to use and to avoid problems like forgetting a passcode. The risk was pretty low in nearly all these situations due to factors such as the potential radius of exposure and the value of what might be compromised. Although, adolescent skirmishes can certainly be a major concern for the participants and their parents, if for example, someone is accused of cheating in an important game of “go fish” ??.?
The good news is that it seems like the current generation of young adults and generations that follow are “growing up” more in-tune with privacy and security concerns. I can see this in my own personal life as the young(er) set of family and their friends, definitely appear to pay more attention and ask more questions related to privacy and cybersecurity (i.e., “I received this message, is it legit”, “is it ok to install this software”). This bodes well for organizations in the future, as new waves of personnel will have a more built-in sense of cybersecurity, which will therefore lead to more secure environments and reduced risk.
Perhaps you were surprised by the inclusion of “overindulgence” in the initial examples above, referring to Halloween candy. You may be asking yourself what this has to do with cybersecurity. I’m connecting that particular dot in the following manner. First, there is so much information out there and so many things vying for our attention. Second, it is also relatively easy to sign up for all sorts of apps, services, discounts, free trials, clubs, etc., which creates numerous additional threats and increases risk. If we overindulge in information or in cyber-things, it can be very easy to miss an important indicator (i.e., such as an alert message) or we may not be able to keep up with the best practices for privacy and security, for every single cyber-thing we utilize. You may be interested in a book I read a while back (circa 2015) by?Clay Johnson, “The Information Diet: A Case for Conscious Consumption”?[2]. It talks about the need to appropriately manage the information in our lives.
领英推荐
Even the “check with an adult about your Halloween candy” item can be applied to cybersecurity from the perspective of, if you are not sure about something then seek out an expert. It could be someone knowledgeable in your own team, a team in your organization dedicated to cybersecurity or perhaps a well-known industry organization [3][4][5]. So it isn’t just “think before you click” , but also “if you’re in doubt, reach out”
In addition, to?CyberSecurity Awareness?[6], there are many things that are commemorated, memorialized, or observed in the month of October. There is Breast Cancer Awareness, Domestic Violence Awareness and Mental Health Day, just to name a few?[7][8][9]. Someday the need may fade for such programs of awareness and support as we solve major challenges in the world related to things such as health, safety, and security. These movements will perhaps become just historical remembrances of such societal challenges. In the meantime, let us focus on what we can do to support important programs and movements, while being more aware and prepared. As an IT security person, I’m hoping that you will make CyberSecurity Awareness, one of those focus areas.?
References:
[1] Quote from the movie -?The Fly, Brooksfilms, SLM Production Group (1986)
[2] Johnson, Clay,?The Information Diet: A Case for Conscious Consumption, O’Reilly Media, 2015 (ISBN-13:?978-1491933398)
[3] IBM Security - https://www.ibm.com/security
[4] Cybersecurity & Infrastructure Security Agency (CISA) - https://www.cisa.gov
[5] NIST Computer Security Resource Center - https://csrc.nist.gov
[10] Image of a busy street in India - Photo?40882212???R S Vivek?|?Dreamstime.com
[11] Image of woman on bench - Photo?104203485???Guruxox?|?Dreamstime.com
Bringing Visibility and Security to XIoT
3 年Interesting read and great play on Halloween, Bill. We were taught a lot at a young age which helped us tap into natural instincts and build awareness. And the jury is still out on the smartphones...