Why Safer Internet Day could teach businesses a thing or two
Safer Internet Day 2016 promotes better web security for families - but corporations should listen up as well
Today is Safer Internet Day 2016, which promotes the safe and responsible use of digital technology for children. Maybe grown-ups in business suits should be paying attention as well, though.
With participation in more than a hundred countries, support from the European Commission and a mission to 'create a better internet' by making the web more secure, Safer Internet Day is obviously a good thing.
The only bad thing is that it's only aimed at families, and in particular, children.
Reading through the various reports and releases that have been published this morning, I can't help but see huge parallels between the risks, behaviours and understanding of kids when it comes to internet safety and grown-ups working in the average enterprise.
The Symantec 'Norton' brand promotes the role of parents in making the internet a safer place for their kids. Vice-president Nick Shaw says: "The internet can be a valuable resource for childrens development, and parents play a critical role in educating their children about safe internet behaviours. They should have an open dialogue about online experiences encountered and establish house rules on Internet usage."
Replace 'children' with 'employees' and 'parents' with 'management' in the above statement and tell me that does not resonate within an enterprise environment?
Shaw quotes stats suggesting that 44 per cent of parents worry their kids will give too much information out to strangers and 36 per cent are concerned this will have repercussions for the entire family. Does this sound like a familiar business concern, too?
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
Take a look at the type of measures that Norton advises parents to share with their kids and things become even more familiar: use strong and unique passwords, establish house rules for information sharing, think before you click, and use endpoint security solutions to secure all your devices.
Elsewhere Kaspersky Lab tells me that 12 per cent of 16-19 years olds in the UK know someone who has engaged in an illegal cyber-activity. I'm willing to bet that a higher number of staff know someone who has engaged in an activity at work that breaks security policy.
Equally, more than half of those teens who knew about such activity said they would advise them to stop but not tell anyone else, and one in three would 'keep well out of it'
My experience of talking to employees about security policy infractions suggests this has a precise correlation with the attitude of staff to what are all too often seen as 'non-consequential' misdemeanours, rather than something requiring remediation to protect corporate assets.
Moreover, Kaspersky finds that 44 per cent of teens know about phishing and 41 per cent know about malware. Mention DDoS and understanding drops to 24 per cent, with 17 per cent knowing about ransomware and only 13 per cent having a grip on cryptomalware.
Again, I reckon those figures stack up pretty well to understanding in the workplace. If anything, I'd say the kids have a better handle on the risk than most adults.
Yet education, as Safer Internet Day strives to point out, is key to driving a more secure environment in which to work and play.
Nick Viney, VP of consumer technology at Intel Security, gets it right when he says "we all have a responsibility - parents, teachers and technology experts - to ensure children understand how to protect themselves from the potential risks online, and that comes as a result of greater education and by having ongoing conversations with children".
Again, transpose the 'parent/teacher' stuff with 'management' and swap 'children' for 'employees' and you can see how there really is no difference in the message being presented here.
Security risks need to be taught and understood before they can be effectively mitigated, whether at home, at school, or at work.
Insecurity is child's play, no matter how old you are.
Davey is a three-decade veteran technology journalist specialising in cybersecurity and privacy matters and has been a Contributing Editor at PC Pro magazine since the first issue was published in 1994. He's also a Senior Contributor at Forbes, and co-founder of the Forbes Straight Talking Cyber video project that won the ‘Most Educational Content’ category at the 2021 European Cybersecurity Blogger Awards.
Davey has also picked up many other awards over the years, including the Security Serious ‘Cyber Writer of the Year’ title in 2020. As well as being the only three-time winner of the BT Security Journalist of the Year award (2006, 2008, 2010) Davey was also named BT Technology Journalist of the Year in 1996 for a forward-looking feature in PC Pro Magazine called ‘Threats to the Internet.’ In 2011 he was honoured with the Enigma Award for a lifetime contribution to IT security journalism which, thankfully, didn’t end his ongoing contributions - or his life for that matter.
You can follow Davey on Twitter @happygeek, or email him at davey@happygeek.com.