Strong Cyber Reasons Make Strong Cyber Actions
Throughout Shakespeare’s “King John,” the chief protagonist is consistently given sound advice: “strong reasons make strong actions.” Today, that advice is quite relevant given our globally ‘connected’ environment.
As a society we face a dangerous combination of both known and unknown cyber vulnerabilities, each with the potential to adversely impact virtually every institution and every individual. Additionally, the United States faces strong adversaries with growing and sophisticated cyber capabilities. Unauthorized attacks on our networks within Federal, State, Local and private-sector entities are persistent and often completely unattributable.
With each passing day, these attacks are increasing as we see billions – and growing – numbers of physical devices around the world connect to the internet to share data. According to Statista, a leading provider of market and consumer data, there will be approximately 6.6 billion smartphone users in 2022. By 2026, that number will increase by 22% to 7.5 billion users.
This significant increase in smartphone usage will also drive an uptick in the Internet of Things (IoT) connected devices. In 2025, that number of IoT devices will be close to 40 billion. By 2050 it’s estimated that this number will grow to over 50 billion connected IoT devices worldwide. That’s nearly 6 devices per every person on earth. These statistics are rather conservative. Some estimates have the number of connected devices as high as 75 billion over the next couple of decades.
Because of this new reality, governments and industry should convene a blue-ribbon panel of experts to develop and implement an international public awareness campaign focused on safety in a continuously connected society. This panel, which would include individuals from multiple sectors and countries, should be comprised of experts from technology, marketing, public policy, and healthcare to name a few. This approach, which would result in an impressive education and awareness campaign supported by tools and products, is consistent with the magnitude of the growing threat we face from cyber malicious actors.
This campaign would be modelled after some of the most successful public awareness campaigns we have seen around critical priorities, such as:
- Only You Can Prevent Forest Fires
- A Mind is a Terrible Thing to Waste
- Take a Bite Out of Crime
- Friends Don't Let Friends Drive Drunk
We have clear and compelling evidence that these national awareness campaigns work. For example, the “Friends Don’t Let Friends Drive Drunk” campaign first appeared in 1990. This hard-hitting campaign was instrumental in achieving a 10% decrease in alcohol-related fatalities between 1990 and 1991. In addition, 62% of young Americans reported that they were now more conscious of the dangers of drunk driving than they had been previously and 34% refused to drink at all when they were planning to drive.
With all that is at risk for our society, we should reaffirm our commitment to ensuring the public has a solid understanding of what it means to be safe in the continuously connected society we inhabit.
In this connected society where we enjoy unprecedented technology advances and conveniences, it is critical that we intentionally and continually raise awareness of the inherent vulnerabilities exploited across our communications networks (e.g. devices, IT systems, businesses, governments and homes). I have long held that the U.S. should lead the way in creating awareness of these realities by developing this type of international campaign aimed specifically at helping individuals understand how to protect themselves in a connected world.
Imagine for one moment a global cybersecurity campaign that would galvanize the world to consider how to better protect itself against cyber malicious actors. Now, I will admit there are several campaigns out there including the National Cybersecurity Alliance’s #BeCyberSmart, that remind folks to be careful and even provide a wealth of tips on how to do so. But these campaigns fall short of rousing the cybersecurity collective consciousness of the public because they are simply too small, and resource constrained to make a difference on a massive level.
Now is the time to convene an international consortium of experts to develop a Cybersecurity Awareness Campaign, led by the United States private sector community and the Federal Government. Now is the time to help individuals and businesses to better protect themselves against cyber malicious actors. Now is the time because “Strong Reasons Make Strong Actions.”