Partner Perspectives  Connecting marketers to our tech communities.
11/1/2016
01:40 PM
David O'Berry
David O'Berry
Partner Perspectives
50%
50%

We Must Become Good Digital Citizens

Digital citizenship carries many capabilities and benefits, but there also have to be some rules and responsibilities.

Many would say that being a good citizen includes respecting the rights and property of others, following the rules, taking responsibility for your actions, and generally working to maintain and improve the people and places around you. Our society has grown gradually over generations, with a mixture of property and personal rights, written and unwritten rules, and a variety of culture and traditions.

Our digital environment has grown quickly and haphazardly, with new things grafted on top of the old, few codified rights, existing rules and laws bent and mutated to try to fit the digital realm, and a very different set of cultures and traditions. How can we broaden the concept of good citizenship to our rapidly changing digital world?

As a security professional, I’m going to look at the subset of this question that applies to protecting rights and property.

In the physical world, we take responsibility for protecting our own property, both from nature’s actions and human ones. If we build a home in a hurricane zone, we add shutters to the windows, build the house on stilts to keep it above floodwaters, and take other recommended precautions. To protect against human threats, we use fences, motion sensors, and burglar alarms. Since the only safe digital neighborhood is one with absolutely no Internet connection, we need to take similar responsibility for protecting our digital assets. This is not a recent development, yet we still see far too many security breaches and data thefts. So how can we help people become better digital citizens who are able to protect themselves and others?

As a society, we have addressed various emerging threats to physical health and property in the past through nagging public reminders, overt education, and increased consequences. Sometimes, we require proof of ability with licenses and certifications, to assure us that we are in safe hands. Is it time to apply similar techniques to digital security?

Digital Healthcare

We may have a few unhealthy habits, but we generally try to follow guidelines for better health and have a range of services available to help with emergencies, acute problems, and chronic issues. We often go for annual checkups and will frequently look up symptoms on the Internet to help determine if we need to see a professional.

What could digital healthcare look like? There are vendors that provide emergency and acute-care services for digital devices, and many offer checkups and other preventative measures. But few of us take advantage of such services, whether because of the cost, complexity, lack of awareness, or inconsistent quality. Many large organizations have internal programs for their own equipment and employees, but they do not extend beyond the corporate walls into the home.

Educate The Children

When we try to make a significant change in our society, sometimes we educate our younger generation and rely on the generational shift to affect change. We teach children in schools about citizenship and health. We have sports organizations to improve fitness and help them protect themselves. We have other groups that offer badges and certificates for learning specific skills. Is it time for digital scout badges, cyber martial-arts belts, or credits for Internet citizenship?

There are a lot of gaps that need to be addressed as our society and cultures adapt to the digital age. This will be a lifelong activity for many, as we learn more about our digital interactions and people continue to invent new devices and applications. Digital citizenship carries many capabilities and benefits, but there also have to be some rules and responsibilities. Whether we go the explicit route with licenses and badges, or the tacit route with expectations and peer pressure, it is time to take our membership in this digital nation seriously.

David O'Berry is a reformed CxO/CIO currently working for the "Dark Side" in Worldwide Strategic Technologies within Intel Security Group's Office of the CTO. He spent 19 years on the enterprise side as a network manager, director of information technology systems and ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
High Stress Levels Impacting CISOs Physically, Mentally
Jai Vijayan, Freelance writer,  2/14/2019
Valentine's Emails Laced with Gandcrab Ransomware
Kelly Sheridan, Staff Editor, Dark Reading,  2/14/2019
Making the Case for a Cybersecurity Moon Shot
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  2/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-8980
PUBLISHED: 2019-02-21
A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory consumption) by triggering vfs_read failures.
CVE-2019-8979
PUBLISHED: 2019-02-21
Koseven through 3.3.9, and Kohana through 3.3.6, has SQL Injection when the order_by() parameter can be controlled.
CVE-2013-7469
PUBLISHED: 2019-02-21
Seafile through 6.2.11 always uses the same Initialization Vector (IV) with Cipher Block Chaining (CBC) Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks.
CVE-2018-20146
PUBLISHED: 2019-02-21
An issue was discovered in Liquidware ProfileUnity before 6.8.0 with Liquidware FlexApp before 6.8.0. A local user could obtain administrator rights, as demonstrated by use of PowerShell.
CVE-2019-5727
PUBLISHED: 2019-02-21
Splunk Web in Splunk Enterprise 6.5.x before 6.5.5, 6.4.x before 6.4.9, 6.3.x before 6.3.12, 6.2.x before 6.2.14, 6.1.x before 6.1.14, and 6.0.x before 6.0.15 and Splunk Light before 6.6.0 has Persistent XSS, aka SPL-138827.