The Value of Cyber-Awareness CampaignsEducation is Good, but Expectations May be Unrealistically High
And consumers like this. Nobody asks consumers to maintain their refrigerators or the anti-lock brakes on their cars, or their mobile phones. They like not having to deal with updates, patches, new drivers, all the paraphernalia from the hobbyist roots of the computing devices we use today. The trend is for consumer to be more like consumers and less like operators.
But put consumer preferences aside, let's look at opponents in cyberspace. One class of opponents, called advanced persistent threat, can defeat giant corporations that spend heavily on security. Consumers don't have a chance. Calling for everyone to defend their own patch of cyberspace has a nice, frontiersman-like ring to it, but it won't actually work against well-resourced, sophisticated opponents. Daniel Boone and Grandma, even after a month of awareness, are not going to beat the PLA or the Russian mafia.
Teaching people how to use the Web could be useful, but it won't do much for security.
Teaching consumers or kids what to suspect on the Web probably isn't a bad idea. It would be useful to teach them that the Internet and the Web have, if anything, lowered the quality of information available to the public. On the Internet, no one can tell you're a dog, but they also can't tell if you are a member of the flat earth society who simply made up your data - that would describe too many websites, including the one used by the State of Virginia to research its new history textbooks. Teaching people how to use the Web could be useful, but it won't do much for security.
James Lewis is a senior fellow and director of the technology and public policy program, which includes the Commission on Cybersecurity for the 44th Presidency, at the Center for Strategic and International Studies, a not-for-profit Washington think tank.
Check out our interviews with Lewis: