For a few years now, several institutions in the United States (Department of Homeland Security (DHS), the National Cyber Security Alliance (NCSA), and many others) declared October as the month of cyber-security. I find this a really good idea.
Unfortunately, all initiatives like “the day of…” or “the month of…” (fill with your preferred choice) have a limited effect. In fact, our mind immediately focuses on something else once the event is over. In a perfect world, the cyber-security should be a top-priority every time we are online. And this is a problem today: we are always online!
Let’s check a classic business day. You wake up at 7AM, take a shower and read your e-mails, favorites RSS feeds and Tweets from the last night. Then, in the traffic jam, you check the real-time traffic information and a few urgent e-mails. Arrived at your desk, you are immediately reachable (instant messaging, e-mail, Twitter, …) and the same occurs again when you’re back to home after your work day.
Even more, basic actions in your citizen life are web-based today: contact your local administration to request a new passport or ID-card, submit your tax return or your gas/electricity meter indexes. Stay aware when you access online resources and submit data! The target audience of such services is broaden by powerful communication campaign and citizens are not geeks nor experts anymore.
The goal of the NCSAM is to pass security awareness messages. But not only during one month, it’s a recurrent job! Here are some example of security awareness messages. Event at home you can establish some security rules.
And you? What did you do to educate your [family|coworkers|customers|…] ?