Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Partner Perspectives  Connecting marketers to our tech communities.
11/1/2016
01:40 PM
David O'Berry
David O'Berry
Partner Perspectives
50%
50%

We Must Become Good Digital Citizens

Digital citizenship carries many capabilities and benefits, but there also have to be some rules and responsibilities.

Many would say that being a good citizen includes respecting the rights and property of others, following the rules, taking responsibility for your actions, and generally working to maintain and improve the people and places around you. Our society has grown gradually over generations, with a mixture of property and personal rights, written and unwritten rules, and a variety of culture and traditions.

Our digital environment has grown quickly and haphazardly, with new things grafted on top of the old, few codified rights, existing rules and laws bent and mutated to try to fit the digital realm, and a very different set of cultures and traditions. How can we broaden the concept of good citizenship to our rapidly changing digital world?

As a security professional, I’m going to look at the subset of this question that applies to protecting rights and property.

In the physical world, we take responsibility for protecting our own property, both from nature’s actions and human ones. If we build a home in a hurricane zone, we add shutters to the windows, build the house on stilts to keep it above floodwaters, and take other recommended precautions. To protect against human threats, we use fences, motion sensors, and burglar alarms. Since the only safe digital neighborhood is one with absolutely no Internet connection, we need to take similar responsibility for protecting our digital assets. This is not a recent development, yet we still see far too many security breaches and data thefts. So how can we help people become better digital citizens who are able to protect themselves and others?

As a society, we have addressed various emerging threats to physical health and property in the past through nagging public reminders, overt education, and increased consequences. Sometimes, we require proof of ability with licenses and certifications, to assure us that we are in safe hands. Is it time to apply similar techniques to digital security?

Digital Healthcare

We may have a few unhealthy habits, but we generally try to follow guidelines for better health and have a range of services available to help with emergencies, acute problems, and chronic issues. We often go for annual checkups and will frequently look up symptoms on the Internet to help determine if we need to see a professional.

What could digital healthcare look like? There are vendors that provide emergency and acute-care services for digital devices, and many offer checkups and other preventative measures. But few of us take advantage of such services, whether because of the cost, complexity, lack of awareness, or inconsistent quality. Many large organizations have internal programs for their own equipment and employees, but they do not extend beyond the corporate walls into the home.

Educate The Children

When we try to make a significant change in our society, sometimes we educate our younger generation and rely on the generational shift to affect change. We teach children in schools about citizenship and health. We have sports organizations to improve fitness and help them protect themselves. We have other groups that offer badges and certificates for learning specific skills. Is it time for digital scout badges, cyber martial-arts belts, or credits for Internet citizenship?

There are a lot of gaps that need to be addressed as our society and cultures adapt to the digital age. This will be a lifelong activity for many, as we learn more about our digital interactions and people continue to invent new devices and applications. Digital citizenship carries many capabilities and benefits, but there also have to be some rules and responsibilities. Whether we go the explicit route with licenses and badges, or the tacit route with expectations and peer pressure, it is time to take our membership in this digital nation seriously.

David O'Berry is a reformed CxO/CIO currently working for the "Dark Side" in Worldwide Strategic Technologies within Intel Security Group's Office of the CTO. He spent 19 years on the enterprise side as a network manager, director of information technology systems and ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
5/17/2019 | 9:32:06 AM
Good digital citizen
Starts early - have written this before but last year my wife, daughter and grand-daughter came to visit my work place and rec'd visitor badges.  Cariana, age 3, enjoyed pizza and met my collegues and when they left, little 3 year old picked up the visitor badges and said THESE HAVE TO BE RETURNED.   She then walked them back to the security desk and handed them in.  The agent was enchanted!!!!!   Wanted to adopt her on the spot.  Lesson: a 3 year old got the concept of perimeter security BETTER than most employees.  Go figure. 
SILLYHEART21
50%
50%
SILLYHEART21,
User Rank: Apprentice
5/16/2019 | 12:04:27 PM
Linked In-Can't connect with you
Dude likely this story is awesome but did you know that on LInked In you have to have the premium package or something ridiculous to connect with you?  I'm not paying for that even if you have 100"aphabits" after your name.  I have like 7 or something btw. I don't even know waht dark Reading is right now but will read later.  You laughed at my joke on Linked In reagarding the bump lock thing/topic and so I tried to connect.  Didn't know if you knoew that normal people cannot connect with you unless they pay $$ for exclusive linked in pkg.  Just fyi Cory Rochon-Ratko on Linked In.  SILLYHEART21 on youTUBE.  ttyl maybe. lol
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/2/2020
Ripple20 Threatens Increasingly Connected Medical Devices
Kelly Sheridan, Staff Editor, Dark Reading,  6/30/2020
DDoS Attacks Jump 542% from Q4 2019 to Q1 2020
Dark Reading Staff 6/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-9498
PUBLISHED: 2020-07-02
Apache Guacamole 1.1.0 and older may mishandle pointers involved inprocessing data received via RDP static virtual channels. If a userconnects to a malicious or compromised RDP server, a series ofspecially-crafted PDUs could result in memory corruption, possiblyallowing arbitrary code to be executed...
CVE-2020-3282
PUBLISHED: 2020-07-02
A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an unauthenticated, remote attack...
CVE-2020-5909
PUBLISHED: 2020-07-02
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, when users run the command displayed in NGINX Controller user interface (UI) to fetch the agent installer, the server TLS certificate is not verified.
CVE-2020-5910
PUBLISHED: 2020-07-02
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the Neural Autonomic Transport System (NATS) messaging services in use by the NGINX Controller do not require any form of authentication, so any successful connection would be authorized.
CVE-2020-5911
PUBLISHED: 2020-07-02
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller installer starts the download of Kubernetes packages from an HTTP URL On Debian/Ubuntu system.