Communities are at risk form Cyber Criminals, and Organised Crime, but the fact of the matter is, in the majority of cases the public are not aware of the vulnerable position they can be in when they use on-line resources (AKA the Internet) – say buying goods, services, using an I-Phone, setting up their Home based Wireless Internet Connection, or just opening an e-mail. Each action can and does carry risk!
For example are Internet users aware that approximately 95% of all e-mail in circulation is SPAM. Are users aware that simply opening an e-mail could lead to their on-line banking and credit card details being compromised by a Cyber Criminal!
The other questions are related to, after the fact security issues - if users do fall victim to an insecurity, would they be aware, and for that matter know where to go to resolve their exposure?
Wireless and Broadband connectivity has done much to support learning and education, and many young people now have computers in their bedrooms – but if they are connected to the Internet, do you know who these young users are talking to – and for that matter, do they?
Education & Awareness: The solution is User Security Education & Awareness. Out of work with the House of Lords, on the Security of the Internet Paper published in 2007, through to work with EURIM to support a number of vulnerable groups (both elders and the young), materialised into a Security for a Digital Britain Conference which was ran on 24th September 2009 in Nottingham, and more local event of this type are needed.
It is not just about the end users, but organisations and businesses as well – in the last 12 months we have proven insecurity with the way organisations do business, and deploy their systems – ranging from showing businesses how it was possible to gain unfettered access to rear end information (some relating to the client accounts and passwords), loss of systems with customer data on (your information), exposure of on-line authorisation systems to gain unauthorised access to user accounts, through to finding holes in deployed systems which were hosting sensitive applications (which was subject to a Radio 4 Report in 2009).
Sorry for the repetition, but the answer to making a difference is to start to deploy some forms of Public Security Awareness & Education – as with smoking, if you buy a packet of cigarettes, they come with a health warning – maybe the same applies in the logical sense when one purchases a new computer, or other Internet enabled device.
