Americans want security, don't know how to get it

A study released today by the National Cyber Security Alliance (NCSA) and the Anti-Phishing Working Group (APWG) indicates that most Americans are genuinely concerned about online safety and security. Furthermore, according to the study, they recognize their responsibility to contribute to the Internet's overall security and are willing to take steps in that direction.

The biggest obstacle, perhaps unsurprisingly, is the lack of clear, concise instructions on what users should do to protect themselves. This is an area in which we, as an industry, have to improve. When you combine the complexity and diversity of available technologies with a lack of consistency around messaging, terminology, and visual symbols, it's no wonder that consumers are feeling confused.

The upcoming National Cybersecurity Awareness Campaign, which the NCSA and APWG are spearheading, should be a step in the right direction. It promises a unified messaging campaign to increase awareness nationwide, and perhaps even internationally. Of course, if this survey is any indication, this will be a challenge, as the issue isn't so much awareness of the problem, but rather awareness of the solution.

Over the coming months, StopBadware will be working with industry partners to help them do their part to protect consumers from badware. Part of this, undoubtedly, will be consumer education. Just as we (and, by extension, our partners like Google and Firefox) now offer webmasters specific tips on finding, removing, and preventing badware on their websites, we need to work together to present clear guidance for users on how to protect their computers, their handheld devices, and their online information.

SBW, ASC, NCSA launch Chain of Trust initiative

Today at the Anti-Spyware Coalition (ASC) public workshop in DC, StopBadware, the ASC, and the National Cyber Security Alliance (NCSA) launched the "Chain of Trust" initiative. From the press release:
Developed by the Anti-Spyware Coalition (ASC), National Cyber Security Alliance (NCSA) and, the Chain of Trust Initiative will link together security vendors, researchers, government agencies, Internet companies, network providers, advocacy and education groups in a systemic effort to stem the rising tide of malware.
The first order of business in the Chain of Trust Initiative is to map the complex, interdependent network of organizations and individuals that make up the chain. Only by identifying all the vulnerable links and understanding how they connect to one another can malware fighters get a handle on the problem and begin to develop consensus solutions.
For those interested in ideas coming out of the workshop, feel free to follow the tag #asc09 on Twitter, flickr, and other tag-enabled sites.

Top 8 Cyber Security Practices

The National Cyber Security Alliance, which is coordinating the effort designating October as National Cyber Security Awareness Month, has a list of the "Top 8 Cyber Security Practices." This list, although not new to many in the StopBadware community, is a great resource for educating users about the key concepts for staying safe online.
Here's the list:

  1. Protect your personal information. It's valuable.
  2. Know who you're dealing with online.
  3. Use anti-virus software, a firewall, and anti-spyware software to help keep your computer safe and secure.
  4. Be sure to set up your operating system and web browser software properly, and update them regularly.
  5. Use strong passwords or strong authentication technology to help protect your personal information.
  6. Back up important files.
  7. Learn what to do if something goes wrong.
  8. Protect your children online.