Citizen Soldiers have a long tradition in American History. The basic premise of self government and liberty demands self defense. Ben Franklin is credited as saying, if we trade liberty for security, we shall have neither. That is true today in a world of international terrorism and cyber attacks.
If we depend on our government to provide our security we trade away some of our liberty. If we desire freedom and liberty we must be responsible for our own security. We of course need a standing military for common defense. We need law enforcement, and some government involvement, but the more we delegate to government the more we restrict our own freedom.
One area which has been long in contention is gun rights, but an emerging battle is our electronic freedom, rights of privacy, free association, free speech, and many others related to information and the internet. Much like patriots of old being armed and equipped for physical defense todays patriots must be trained and equipped for information security.
Dependence on the government to regulate, control, and defend our information systems requires increasing restrictions to our freedoms - our liberty. If we wish to remain free we must step up and take responsibility for defending those freedoms and providing security.
Our infrastructure and information systems are under constant attack. Bad actors scan and search for weak links in our defenses. A network is only as secure as its weakest password. One of the simplest things we can do as free citizens is to secure our personal connections and our own personal information.
If we do not inform ourselves about security, arm ourselves with the knowledge and tools needed to secure ourselves, we abdicate our responsibilities and trade our liberty for government imposed security. There are instances where government intrusion is necessary, as in the context of common defense, but the better we defend our private information security the less government needs to intrude on our freedoms.
Big government is happy to take that responsibility and power. The more we empower government the more we abandon liberty.
Our rights and our ability to defend ourselves in the electronic frontier is under continual attack from our benevolent defenders in the government. But it is because we neglect or refuse to take responsibility as citizens. As we've said many times, the weakest link opens the network to attack.
One person with poor operational security practices can open their system to attack and then connect that system to a network and cause it to be compromised.
Imagine a worker taking their laptop to a coffee shop at lunch, their system being infiltrated by a bad actor, and then returning and reconnecting to the work network and infecting it with malicious code. Said worker could be at a power facility, a nuclear reactor, or any critical infrastructure facility. Another worker might click on a malicious email, or visit an infected site on the internet.
We are all responsible for information security and operational security.
We hope this blog will help you begin to learn and implement best practices, whether you are a white hat ethical hacker or a casual user of information technology. We are not all cyber warriors, but we are each responsible for basic security.
No comments:
Post a Comment