Business heavyweights plan security awareness campaign

by Steve Ragan - Aug 10 2010, 13:28

From both the government and private sectors, including security vendors and federal agencies, a new information awareness campaign is set to kick off in October that reaches out to Internet users in order to spread basic security concepts.

The National Cyber Security Alliance (NCSA), along with the Anti-Phishing Working Group (APWG), has officially announced the creation of a public campaign that will develop Internet safety awareness for the overall public.

The public-private messaging convention will seek ideas and information from the usual suspects in the security world, including Trend Micro, ESET, Symantec, McAfee, RSA, and AVG, as well as private sector giants Microsoft, Google, Visa, Wal-Mart, Yahoo, VeriSign, Verizon, PayPal, Facebook, Costco and others.

“We’ve been planning this for three years,” Trend Micro’s David Perry told The Tech Herald during a conversation at Black Hat recently.

“What we’re looking to do is come up with basic education for the consumer, because we haven’t got a chance from doing it from the top down, we have to do it from the bottom up. Our best model is World War II, how they spread messages about ‘don’t waste anything’ and ‘loose lips sink ships’.”

Aside from the expected security industry and private sector partners, the U.S. government is on board as well, including the U.S. Department of Justice, the FBI, DHS, U.S. Department of Commerce, the U.S. Federal Trade Commission, and the IRS.

Perry said that the partnership aims to tell the public two things. “One, control your impulses online. Two, safe computer hygiene.”

Hygiene means many things, such as the use of anti-Virus software, the use of firewalls, and other security layers. Impulse control aims at getting users to think before they download anything. The kickoff for the campaign is set for National Cyber Security Awareness Month in October.

During the ramp-up for the awareness campaign, the public-private messaging convention did some early studies, which showed a majority of those surveyed feel a personal responsibility to be safer online.

 “We were very surprised to find out the public is concerned about Internet security,” Perry said.

The study, which included more than a thousand Americans, revealed the need for simple, easy-to-understand resources and tips to help ensure their safety and security online. With that in mind, the public-private convention plans to deliver.

The survey data made an interesting comparison, in that those who took part likened security awareness to the level of awareness given to environmental matters. In addition, they said that their concerns over information theft due to Internet crime are just as serious as their worries over job loss and lack of healthcare coverage.

“Losing their identity, personal or financial information to a criminal gang is a daunting fear for Americans, one that ranks with job security and access to healthcare,” said APWG Secretary General Peter Cassidy in a statement.

“It’s no wonder that many Americans are already taking steps to protect their online lives,” he added, noting that the survey data showed an anxious need to gather more information on how to stop the loss and control their lives online. “Clearly, they crave personal control.”

While the task of a public awareness campaign has been on the table for years, this is the first time major steps have been taken to push such efforts on a massive scale, with a serious involvement from more than just government and security notables.

Nothing is set in stone, but it is entirely possible for a new breed of PSAs to come from this initiative.

PSAs that could include not just ID Theft awareness, but awareness aimed at other risky activities online, like as blindly following links in email to fake awareness campaigns that lead to Malware, such as those “shocking” videos that are seen on Facebook.

Around the Web