Shark Bait

Knowledge Centers

Operating Systems

Networking & Internet

Mobile & Wireless

Security

Storage

Business Intelligence

Servers & Data Center

Computerworld Reports

Industry

See your link here

Michael R. Farnum

Hitting the Security Nerve

Our civic duty as Internet citizens

3 comments

IT TOPICS:Internet, Security

If you have a computer that is connected to the Internet, isn't it your responsibility in today's age of cyber crime to make sure it is secure? I concede that the age of script kiddies attacking individual PCs seems to be over. Today's attacks are more and more narrow in scope, targeted at organizations that will make the attack profitable. But even if you are not a victim of a targeted attack, you could be an unwitting accomplice in the targeted attacks. If your computer has been infected with a bot and has been made a part of a bot farm, then you are part of the problem. If you do not take steps in making sure you are secure, then you are contributing to the insecurity of the Internet as a whole.

So if an individual should be thus responsible, how much more should an organization be responsible? The reason I ask is because I run across many companies that say that security is not a priority for them because they have never had an incident. They are small to medium-sized companies that don't really have a lot of intellectual property, financial data, or customer data that the bad guys would be after (or so they think), so they don't see any use in buying into security. This is the E-PIT-O-ME of irresponsibility, but the limited vision of some people and their concern with nothing but the bottom dollar is contributing to the problem. So many companies and organizations do their civic duty in the physical community by sponsoring little league baseball teams, contributing to charities, etc. But they either don't know or don't care that they owe that same responsibility to the cyber community ("cyber community" sounds a bit corny, but oh well).

In fact, I ran across two companies like this just today. One fully admitted to not being worried about security. The other knew it was needed, but he was new to the job, and he was pretty sure it would be difficult to sell security to his management. Man, I so wanted to tell them that there how irresponsible they were being and how they were contributing to the insecurity of the Internet. I would love to get a shot at scanning the computers and servers on networks and showing them how many bot-infected computers they have. These people have been p0wned, and they don't even know it. And they don't realize the impact they are having.

Email this

Digg this

What People Are Saying

Add new comment

Sam, Point well taken. I am

Submitted by Michael R. Farnum on September 27, 2007 - 11:02 P.M.

Sam,

Point well taken. I am also an advocate of clean pipes. However, my point was more directed at the businesses out there who do not take security seriously and how much more dangerous they can be than an individual user.

Michael R. Farnum

Better to be despised for too anxious apprehensions than ruined by too confident a security.
Edmund Burke (1729 - 1797)

Reply | Report this comment

Great theory, but as long as

Submitted by Sam Van Ryder on September 27, 2007 - 3:46 P.M.

Great theory, but as long as your average (home and business) user doesn't know how to maintain their PC, I wouldn't count on them helping out. Kind of like a neighborhood watch where the burglars are ninjas and all the homeowners are blind and wheelchair bound.
Another good reason for a clean pipe initiative from your friendly local telco.

Reply | Report this comment

Great point - I think

Submitted by ashleyw on September 27, 2007 - 10:10 A.M.

Great point - I think security is a responsibility that each individual or company needs to take -- for the sake of their employees, customers, or even their own personal information! Rarely does a lack of security only affect one individual. Unfortunately, with incidents involving poor security happening so frequently, it seems that people almost become desensitized to it, instead of being motivated to protect their info and their networks.

Reply | Report this comment

Google Dashboard: Convenient, useful, but no big deal

Web filtering internationally, part 1: China

Spam culture, part 3: Nigeria (and 419 scams)

Obama Drupal-ing around; whitehouse.gov goes open source

LIVE Nov 10, 2009 12:00 PM ET

Architecting Business Intelligence Applications for Change: The Open Solution

LIVE Nov 12, 2009 02:00 PM ET

Forrester Consulting - Optimizing Users and Applications in a Mobile World
Learn how to successfully deploy a WAN optimization solution that is specifically tuned for a mobile environment!

Top to Bottom Performance Management Excellence at the City of Chicago
View now.

Faster, Cheaper and Easier to Maintain
Can you afford not to upgrade your servers to today's advanced, energy-efficient technologies?

Effectively Implementing Datacenter Automation
Effectively select and deploy the best datacenter automation solution today!

The State of PCI DSS Compliance at Organizations Today
Download this resource today!

Aligning IT to Business: The Rising Importance of Application Delivery Networks
Application Delivery Networking (ADN) will play a vital role in helping enterprises incorporate strategic technologies to achieve business initiatives.

All White Papers | All Webcasts