October Is National Cybersecurity Awareness Month

Four days into the month and you'd never know!

If you watched any football games yesterday you are well aware of the fact that October is National breast cancer awareness month. Kudos to the NFL for bringing national attention to this deadly disease and donating money to find a cure. You are probably unaware however is that October is also National Cybersecurity Awareness Month. Over the course of the last year, we've witnessed visible cyber attacks on Google in January. We've seen the activation of the U.S. Cyber Command at Ft. Meade. At my last count, there were 10 different bills in Congress related to cybersecurity, including, "The Protecting Cyberspace as a National Asset Act," a comprehensive piece of legislation coming out of the Senate's Homeland Security and Government Affairs Committee. Former "cyber czar" Richard Clarke published a new book titled, "Cyberwar." Finally, we've recently witnessed the Stuxnet worm, a cyber weapon attacking the Iranian nuclear infrastructure. I am providing this brief history to highlight a problem -- if you aren't a Washington cybersecurity insider, you would never know it is National Cybersecurity Awareness Month. Ironic? Yes, but also sad. Now I know it is early in the month and there is lots of further activity planned. I am also aware of the fantastic work driven by the National Cyber Security Alliance, an industry group spearheading the National Cybersecurity Awareness Month (www.staysafeonline.org). President Obama will step up and talk about cybersecurity, and the indefatigable Howard Schmidt will be as vocal and visible as possible throughout October. These folks deserve a lot of credit, but somehow the IT and security industries continue to offer lip service support for National Cybersecurity Awareness Month through their Federal offices alone. I did a quick web site scan of leading IT and security companies this morning. Only RSA Security mentioned National Cybersecurity Awareness Month on its web site (Note: The acting NCSA President works at EMC/RSA). My point here is that National Cybersecurity Awareness Month isn't making enough people aware of cybersecurity vulnerabilities, education, or government initiatives. Why? It doesn't appear to me like the industry really cares. Oh sure, there is a bit of token money to appease their clients in Washington, but where is the national spotlight? Beats me. I was on this soap box last year, and will continue to be until I'm proven wrong. I probably have 20 meetings scheduled with security industry insiders in October and I'll ask each and every one of them if they know what month this is. My guess is that they will say National Breast Cancer Awareness Month.

SUBSCRIBE! Get the best of CSO delivered to your email inbox.