Responding to comments made by Singapore’s communications minister on the constant and dynamic changes taking place in the ICT arena – and the positive and negative issues that cyberspace creates for business and society in general – I believe that IT security education is crucial in meeting what Minister Yaacob Ibrahim is calling for.
Minister Ibrahim’s comments about ICT’s business benefits – and the cyber-security disadvantages – are just as valid here in the UK, as they are in Singapore, where the Minister made his comments at a security conference earlier this week.
Singapore has the highest number of dollar millionaires per capita in the world, with one in six households in this category. It is one of the world’s richest countries – and it has the same cybercrime problems as we do.
This is what makes Minister Ibrahim’s call for governments to spend more time and effort on educating their citizens – and other countries – about online threats, rather than weaponising cyberspace, all the more valid.
It is clear that education on the dangers of cyberspace and how to protect oneself is the way forward in meeting Minister Ibrahim’s call for a better understanding of the technology and its usage. It is important to understand that IT security systems have to become easier to implement, manage and use, so that people not only know what they should do, but are able to easily put their knowledge into practice in the real world.
To provide security-aware employees, we also need to start educating at a grass roots level, with representatives of relevant security organisations supporting schools and universities to inform students about the very real cyber-security threat.
This is something that is already happening with security associations, such as ISC and broader organisations, such as CEOP, the inter-agency Child Exploit and Online Protection Centre. To create a more security conscious society, these lessons should form part of the National Curriculum.
In the US they have another inter-agency initiative, the National Cyber Security Awareness Month. Reflecting the interconnectedness of the modern world and the message that all computer users have a role in securing cyberspace, this event has taken place every October since 2004 when it was set up.
My company’s observations, backed up by the recent PWC Information Security Breaches survey, are that a thorough awareness of ICT among employees is fundamental to reducing employee related security incidents. When people come to understand the importance of exercising personal responsibility, they adopt securer online practices.
Children are using technology at a younger and younger age, but are not hearing suitable security messages often enough. Many parents are in the dark themselves so unable to pass on these skills to their children. This should be of concern to us all.
Minister Ibrahim is correct to include the education of other countries in his observations. We must be careful not to neglect developing economies, or the cybersecurity issue will come back to haunt us in the future, as we grow online trade with such countries.