Partner Perspectives  Connecting marketers to our tech communities.
11/1/2016
01:40 PM
David O'Berry
David O'Berry
Partner Perspectives
50%
50%

We Must Become Good Digital Citizens

Digital citizenship carries many capabilities and benefits, but there also have to be some rules and responsibilities.

Many would say that being a good citizen includes respecting the rights and property of others, following the rules, taking responsibility for your actions, and generally working to maintain and improve the people and places around you. Our society has grown gradually over generations, with a mixture of property and personal rights, written and unwritten rules, and a variety of culture and traditions.

Our digital environment has grown quickly and haphazardly, with new things grafted on top of the old, few codified rights, existing rules and laws bent and mutated to try to fit the digital realm, and a very different set of cultures and traditions. How can we broaden the concept of good citizenship to our rapidly changing digital world?

As a security professional, I’m going to look at the subset of this question that applies to protecting rights and property.

In the physical world, we take responsibility for protecting our own property, both from nature’s actions and human ones. If we build a home in a hurricane zone, we add shutters to the windows, build the house on stilts to keep it above floodwaters, and take other recommended precautions. To protect against human threats, we use fences, motion sensors, and burglar alarms. Since the only safe digital neighborhood is one with absolutely no Internet connection, we need to take similar responsibility for protecting our digital assets. This is not a recent development, yet we still see far too many security breaches and data thefts. So how can we help people become better digital citizens who are able to protect themselves and others?

As a society, we have addressed various emerging threats to physical health and property in the past through nagging public reminders, overt education, and increased consequences. Sometimes, we require proof of ability with licenses and certifications, to assure us that we are in safe hands. Is it time to apply similar techniques to digital security?

Digital Healthcare

We may have a few unhealthy habits, but we generally try to follow guidelines for better health and have a range of services available to help with emergencies, acute problems, and chronic issues. We often go for annual checkups and will frequently look up symptoms on the Internet to help determine if we need to see a professional.

What could digital healthcare look like? There are vendors that provide emergency and acute-care services for digital devices, and many offer checkups and other preventative measures. But few of us take advantage of such services, whether because of the cost, complexity, lack of awareness, or inconsistent quality. Many large organizations have internal programs for their own equipment and employees, but they do not extend beyond the corporate walls into the home.

Educate The Children

When we try to make a significant change in our society, sometimes we educate our younger generation and rely on the generational shift to affect change. We teach children in schools about citizenship and health. We have sports organizations to improve fitness and help them protect themselves. We have other groups that offer badges and certificates for learning specific skills. Is it time for digital scout badges, cyber martial-arts belts, or credits for Internet citizenship?

There are a lot of gaps that need to be addressed as our society and cultures adapt to the digital age. This will be a lifelong activity for many, as we learn more about our digital interactions and people continue to invent new devices and applications. Digital citizenship carries many capabilities and benefits, but there also have to be some rules and responsibilities. Whether we go the explicit route with licenses and badges, or the tacit route with expectations and peer pressure, it is time to take our membership in this digital nation seriously.

David O'Berry is a reformed CxO/CIO currently working for the "Dark Side" in Worldwide Strategic Technologies within Intel Security Group's Office of the CTO. He spent 19 years on the enterprise side as a network manager, director of information technology systems and ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Why Cybersecurity Must Be an International Effort
Kelly Sheridan, Associate Editor, Dark Reading,  12/6/2017
NIST Releases New Cybersecurity Framework Draft
Jai Vijayan, Freelance writer,  12/6/2017
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Year in Security: 2017
A look at the biggest news stories (so far) of 2017 that shaped the cybersecurity landscape -- from Russian hacking, ransomware's coming-out party, and voting machine vulnerabilities to the massive data breach of credit-monitoring firm Equifax.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.