Search
Thursday 24 July 2014
  • :
  • :

Why National Cyber Security Awareness Month Won't Change Anything

October has been deemed National Cyber Security Awareness Month (NCSAM) by SafetyOnline.org and is endorsed by the Department of Homeland Security. At first glance, NCSAM seems like a great idea. People need to know how their personal data is being used and how much personal information they’re giving away every time they log into their Facebook or Google account. Raising awareness is a great way to get people to change their habits and protect their personal information, right?

Sort of.

There are two major problems with how the public views social networking and cyber security. At the end of the day, cyber security simply isn’t convenient or fun. Everyone knows they should care about their online safety, yet few take real action to protect their digital data and online reputation.

The Security vs. Convenience Conundrum

The problem with cyber security in 2012 is that it’s inconvenient. Consider the following graph:

Put simply, the more secure your data is, the harder it is to access. This holds true for both real-world security and cyber security. As a simple example, consider the following passwords:

asdfgh123

hlN67f7D7nQtSQJ

The first password is much less secure, but much easier to type every time you need to log into your email, while the latter is secure but a pain in the ass to remember and type. Fortunately, many web apps can offer to save your password for you so you don’t even have to log in. This raises the question: are you comfortable with allowing anyone on your computer access to all your saved passwords?

Passwords are just one example. On Facebook, most of you are aware that you have advanced privacy controls available, but how many of you actually take the time to set up custom facebook privacy controls? And as long as web sites make it easier for us to use their services, people are going to willingly compromise their security & privacy to save 10 seconds every time they log on.

The latest trend in getting the people to give up their security for convenience is Facedeals - a new technology allowing real-life businesses to scan & save your face in exchange for a small deal or coupon. Facedeals offers consumers an easier way to check in at their favorite establishments and receive custom deals. How much personal information are you willing to give up to make your daily life a little bit easier?

Online Sharing – Better than Sex?

Beyond the basic security vs. convenience conundrum, you have to consider that people want to share more than they did just 10 years ago. I remember my childhood days on the internet in the early/mid 90′s where we were told not to give out our real name, address, or birthday anywhere on the internet lest someone use it to steal my identity. Today, I own more than 20 social networks and Web2.0 profiles that not only have my full name, but my entire biography and contact information listed.

Social networking has made sharing even our most intimate details on the internet not only acceptable, but normative. What’s more, recent research has shown that sharing personal information on social media rewards the brain in the same way as sex. That’s right, the rush you get from logging into Facebook and seeing “10 New Notifications” lights your brain up in the same way as getting frisky with your significant other.

It’s no wonder people compulsively check their Facebook and Twitter all day – everyone wants that little rush of neurotransmitters from seeing how many people “Liked” their witty status update. As social media evolves technologically, this phenomenon can spread to other aspects beyond just notifications and “Likes.”

Consider Foursquare. If you’re not familiar with the platform, users compete for titles and awards by allowing Foursquare to track their location at public check-ins. Innocent enough, but we’ve already covered the litany of security problems associated with geotracking. Foursquare makes you want to share your location by gamifying their service into a big competition for mayorship of a given establishment.

The point of all this is: sharing is fun, and companies are figuring out more and more clever ways of getting us to divulge our personal information, which in turn opens us up to security breaches.

Cyber Security Solutions

It’s not that I believe National Cyber Security Month is worthless – it is certainly a step in the right direction. The problem is that people are always going to take the path of least resistance, especially on the Internet. Raising awareness for security will get some people to notice, sure. But 90% of those people are going to say, “Oh yeah, online security is important,” and then go right on back to Facebook  and their old oversharing habits.

People are always going to tend toward laziness and take the path of least resistance. That’s why companies that truly respect cyber security and user privacy need to have easy-to-use default options. We’ve seen some of the right intentions with the recent Do Not Track initiative. The problem is, this initiative needs to come out of the social networks themselves and not from governmental 3rd parties.

Or perhaps instead of focusing on issuing tips that people aren’t going to follow, we could take a page out of the books of different social networks and create a fun incentive to being safe online. That is, create a site that is both safe and hip. That is exactly what Sgrouples is trying to do.

Only time will tell of a method that actually works. It’s possible that people will only begin to take the necessary steps out of their way once they’ve been burned by identity theft or a tarnished reputation, etc. Until then, we continue to spread the word in hopes that something catches on.


Images from: http://www.us-nesco.org/category/ncsam/, http://www.digitaltrends.com/social-media/over-sharing-on-social-media-is-just-like-sex-experts-say/, http://old.chumworth.com/2010/02/




One thought on “Why National Cyber Security Awareness Month Won't Change Anything

Leave a Reply

Your email address will not be published. Required fields are marked *