Why Safer Internet Day could teach businesses a thing or two
Safer Internet Day 2016 promotes better web security for families - but corporations should listen up as well
Today is Safer Internet Day 2016, which promotes the safe and responsible use of digital technology for children. Maybe grown-ups in business suits should be paying attention as well, though.
With participation in more than a hundred countries, support from the European Commission and a mission to 'create a better internet' by making the web more secure, Safer Internet Day is obviously a good thing.
The only bad thing is that it's only aimed at families, and in particular, children.
Reading through the various reports and releases that have been published this morning, I can't help but see huge parallels between the risks, behaviours and understanding of kids when it comes to internet safety and grown-ups working in the average enterprise.
The Symantec 'Norton' brand promotes the role of parents in making the internet a safer place for their kids. Vice-president Nick Shaw says: "The internet can be a valuable resource for childrenís development, and parents play a critical role in educating their children about safe internet behaviours. They should have an open dialogue about online experiences encountered and establish house rules on Internet usage."
Replace 'children' with 'employees' and 'parents' with 'management' in the above statement and tell me that does not resonate within an enterprise environment?
Shaw quotes stats suggesting that 44 per cent of parents worry their kids will give too much information out to strangers and 36 per cent are concerned this will have repercussions for the entire family. Does this sound like a familiar business concern, too?
Take a look at the type of measures that Norton advises parents to share with their kids and things become even more familiar: use strong and unique passwords, establish house rules for information sharing, think before you click, and use endpoint security solutions to secure all your devices.
Elsewhere Kaspersky Lab tells me that 12 per cent of 16-19 years olds in the UK know someone who has engaged in an illegal cyber-activity. I'm willing to bet that a higher number of staff know someone who has engaged in an activity at work that breaks security policy.
Equally, more than half of those teens who knew about such activity said they would advise them to stop but not tell anyone else, and one in three would 'keep well out of it'
My experience of talking to employees about security policy infractions suggests this has a precise correlation with the attitude of staff to what are all too often seen as 'non-consequential' misdemeanours, rather than something requiring remediation to protect corporate assets.
Moreover, Kaspersky finds that 44 per cent of teens know about phishing and 41 per cent know about malware. Mention DDoS and understanding drops to 24 per cent, with 17 per cent knowing about ransomware and only 13 per cent having a grip on cryptomalware.
Again, I reckon those figures stack up pretty well to understanding in the workplace. If anything, I'd say the kids have a better handle on the risk than most adults.
Yet education, as Safer Internet Day strives to point out, is key to driving a more secure environment in which to work and play.
Nick Viney, VP of consumer technology at Intel Security, gets it right when he says "we all have a responsibility - parents, teachers and technology experts - to ensure children understand how to protect themselves from the potential risks online, and that comes as a result of greater education and by having ongoing conversations with children".
Again, transpose the 'parent/teacher' stuff with 'management' and swap 'children' for 'employees' and you can see how there really is no difference in the message being presented here.
Security risks need to be taught and understood before they can be effectively mitigated, whether at home, at school, or at work.
Insecurity is child's play, no matter how old you are.