By Adam Palmer,Lead Cyber Security Advisor for Symantec's Norton-brand products.
Sitting at your desktop, smart phone, or tablet computer, it’s easy to forget that your individual device is part of a network eco-system. The illusion of individuality on the Internet creates the false perception that individual actions will not impact the larger network. This is, of course, not reality. The Internet is an eco-system. One infected part affects the health and functioning of the entire body.
Who is responsible for the security of the Internet? Is it governments, security companies, the military, individual users? All of the above?
Securing the Internet cannot be outsourced, ignored or forgotten. It is the responsibility of every user of every type. We now live in a connected world in which industry, government, and consumers share the same communications channels. In essence, we are all in this together. One person’s lack of responsibility not only harms that individual but provides a platform for other innocent users to be attacked.
For several years while I worked as both a prosecutor and as the Legal Director for The National Center for Missing & Exploited Children, I heard a troubling comment. I heard the statement that a few companies did not want to find evidence of Internet crimes against children on their systems because, once found, it would then be their burden to do something about it. This argument is not only legally flawed but a frightening view towards corporate citizenship.
In response to my concerns, I published an article in 2008 entitled “Protecting Children Online: Where Corporate Responsibility is just Good Business” that outlined the case for corporations to actively protect kids online. I believe that the majority of companies today recognize the need for responsibility in addressing cyber crimes against children; however, consumer cyber fraud seems to now be suffering the same lack of understanding that once plagued efforts to stop internet crimes against children.
There are still over a million computer systems believed to be infected with the Conficker worm. This is despite the fact that a security patch against Conficker is easy to obtain and install. Conficker-infected computers have the potential to be controlled by unknown criminal gangs to launch malicious attacks against other Internet users. This is unacceptable. Individual users must take personal responsibility to secure their systems.
In many areas of our lives we have learned to take personal responsibility and have come to understand the effect of our actions on others with whom we share the same environment. People today are more aware about the impact of pollution on the environment and drivers know they risk the lives of innocent people when they drive intoxicated. Individuals who carelessly litter or drive drunk experience well-deserved community shame and disapproval. Their irresponsibility causes problems in the community that we all share. As we enjoy the Internet and appreciate the benefits it brings to our lives, we need to also remember that this is part of the sensitive environment we all share. Security starts with each individual user's responsible behavior in the cyber world.
We will have a much safer cyber world if those users who ignore security feel the same community pressure we apply to irresponsible behavior in the physical world. Keeping cyber space safe starts with improving the individual responsibility of each Internet user.