Wanted: A Smokey Bear for cybersecurity

Cybersecurity has become more than a homeland security issue; it has become a national lifestyle issue that hinges on raising education at the individual level, a panel of information security experts said today.

“If the U.S. is going to continue to be a center of innovation in the world, we need to up our game” and get on par with the science, engineering and technology schooling of China and India, according to Richard Schaffer, information assurance director at the National Security Agency.

“It’s a U.S. problem; it’s a challenge that, [if left] unmet, is going to put us in a dangerous situation in 10 or 20 years when we can’t afford to be in second place. We never want to be in second place,” Schaffer added.

Beyond formal education, U.S. cybersecurity strategy needs to develop a public awareness campaign that permeates the workplace, schools and homes —much like the development of Smokey Bear to promote fire safety, panelists said.

“This [campaign] needs to include secretaries, administrators, front-line people who have no idea [about technology and cyberspace] — not just front line cyber operators,” said Adam Meyers, an SRA International information assurance principal who currently works with the State Department.

“We need a public awareness campaign that [says], ‘There is a threat, and you need to know how to deal with it,’ whether it’s malware or clicking on bad links or attachments,” Meyers said.

According to Bill Hunteman, association chief information officer for cyber security at the Energy Department, the U.S. has a ways to go in maturing our understanding and utilization of cyberspace. “Right now in cyber security we are roughly where we were in the medical field in the 1880s,” when the sick were recognized and quarantined, for example.

“We need to get to a point where individuals understand they are accountable and responsible for their own cyber security,” Hunteman added.