WASHINGTON--The U.S. government's cybersecurity czar on Monday called on those in the know to become "ambassadors" of the protect-thy-computer message to the masses.
Greg Garcia, assistant secretary for cybersecurity and communications within the Department of Homeland Security, said it's critical for everyone to take cyberrisks seriously, in hopes of meeting his department's ultimate goal: making the United States "the most dangerous place in the real world for cybercriminals to do business."
Welcome to the fourth annual National Cybersecurity Awareness month, the government's designated time for drumbeating how much it cares about apprehending cybercrooks, keeping your own data under wraps and pressuring others to treat it with care as well. That's no small task, as Homeland Security in particular has drawn criticism for years--and as recently as a few months ago--from politicians concerned the agency chiefly responsible for coordinating the nation's response to cyberincidents hasn't been doing a good enough job at it.
Garcia spoke at the inaugural National Cybersecurity Awareness Summit, a daylong event put on here by a non-profit partnership of federal government agencies and software vendors like Microsoft, McAfee, Symantec and Computer Associates.
But his pep talk wouldn't have been complete without the prognostications of doom and gloom evoked so often in this space. In this case, Garcia said the number of cyberincidents reported to the U.S. Computer Emergency Readiness Team (US-CERT) has been growing ever since the clearinghouse for tracking and managing security incidents was established in 2003, and the report tally is likely to continue to rise. That's not necessarily because the raw number of attacks or other malicious events is climbing, though--it may just be because more people are becoming aware of US-CERT's services.
Within the federal government, Garcia said he's aiming to get all cabinet-level agencies hooked up by the end of next year to a system known as Einstein. It's the first tool that has allowed agencies to watch in real time over traffic patterns at their network gateways in an attempt to spot worms or other unwanted presences. The 13 federal agencies currently using the tool have been able to report problematic sightings to US-CERT within four to five hours, rather than four to five days, Garcia said.
Homeland Security is also preparing to release a document outlining essential skills that IT security professionals need and to stage another mock cyberattack, known as Cyber Storm 2, next March. As with the first exercise conducted last year, it's intended to test the readiness and potential responses of various government and private sector entities should a massive cybercatastrophe strike.
But ultimately, securing cyberspace depends on each computer user taking on a measure of "personal responsibility," Garcia said. He urged people to bone up on the educational materials available at Web sites like OnGuardOnline.gov and StaySafeOnline.org and to encourage others to do the same.