So, HellCat, tell us how you REALLY feel.

In the end, we all pay. Yeah, pie in the sky, and you're right. Until we, as a professional community, begin to be good ambassadors of AT&T and reach out and help the folks--friends, family, neighbors--we are accomplishing a tremendous disservice in helping to secure our homeland. I've even chastised some homeland security organizations on this very issue.

In the '50s and '60s, when we were under the threat of nuclear annihilation, we religiously practiced Civil Defense drills of "duck and cover." And we were taught "why." The federal government splashed spots on radio and TV programs, ran short newsreels before indoor and outdoor movies, and handed out brochures at various places.

What's happening now? Is the American citizenry--oops, residents--being educated to the 'net dangers facing us as a society? They're our eyes, ears, and nose on the front lines; if we don't teach them, we all will fall prey to what escapes their vigilance. Sure, we may have our systems diligently protected, but what use is that if the 'net has crawled to a slow because of DDoS attacks unknowingly launched from our friends, family, and neighbors systems?

The government needs to start a mass education campaign, and we need to do our part in it to influence the small corners of the world that we live in. Working together, we can greatly diminish the threat and reduce the ramifications. Sure, it's going to cost money, 30 smacks a year for an AV product and signature service that is usually configured to be obtained automatically. Quality firewalls can be had on the cheap, even free for private users; so to IDSs. And if mom & pop shops don't cough up the minimal cost to protect their systems, then they will fall prey to market dynamics and others with more tech savvy will take their place.

For the past couple of years I've hosted a safe computing practices page on my web site, in great part prompted by the International Computer Security Day organization. And I DRIVE home the point how vulnerable systems are without adequate protection--I mince no words to announce, "Be afraid, be very afraid." While I can't be sure they'll implement any of my recommendations, at least I've educated them so that when they do fall prey, they'll have a basic understanding of what they need to do to prevent becoming a victim again.

If we all do our part in raising the education and awareness of those around us, we'll begin to climb the mountain before us in unison and eventually reach the summit. Otherwise we'll continue to gaggle around the bottom wailing our voices to the air only to see an avalanche race down the slopes and swallow many who've not heard our cry.

But if we remain silent, who will hear us? Give Scott two thumbs up for an excellent article. We need more of 'em.

~riv

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/193/23363#23363