The recent attacks on Google have brought increased attention to cybersecurity. Now a new report (PDF) from political scientists at the University of Cincinnati says that defense is ultimately in our hands as citizens. In what has undertones of the Cold War and the Patriot Act – but also indicates the new levels of engagement, both private and in terms of national security – that we might ultimately have as citizens in an age where privacy decreases and corporate, governmental and individual vulnerabilities increase. The report’s authors, Richard Harknett and James Stever, say that while discussions of cybersecurity coordination frequently occur between governmental agencies and businesses, a crucial third element, the public, is not brought into the discussion.
“The general population must be engaged as active security providers, not simply beneficiaries of security policy, because their practices often create the threats to which government must respond,” write Harknett and Stever in their report, “The Cybersecurity Triad: Government, Private Sector Partners and the Engaged Cybersecurity Citizen,” published in the Journal of Homeland Security and Emergency Management.
What the researchers suggest is an ideological shift on the part of the public. The article deliberately borrows ideas and language from the Cold War, calling for a nationwide initiative that “establishes a relationship between the public and cybersecurity.”
While today’s citizens know less about cybersecurity than they knew of the nuclear threat during the Cold War, they are more directly involved in it.
“[T]he general populations’ complicity in weakening national cybersecurity goes unrecognized,” the report’s authors write, giving the example of 50,000 compromised computers that might have been part of the botnet that attacked the U.S. and South Korea last year.
To do this, the researchers argue, citizens must stop looking at the internet as a private concern and start seeing it as a public good, with the goal of changing people’s behaviors, making the individual’s following of security measures a part of civic duty.
“[T]he key reorientation of any cyber awareness plan must hinge on the notion of active participation in enhancing national security as a civic duty,” Harknett and Stever write.
(Image: The Library of Congress)