The Joint Responsibilities of Cybersecurity

The Internet revolution has delivered tremendous benefits to American consumers.

In the most fundamental ways, the Internet has brought new levels of productivity, convenience and efficiency to our personal and professional lives. Research (or comparison shopping!) that once took hours or days can take minutes on the Internet; bills can be paid and transactions executed in seconds; information and documents can be shared in an instant; and with e-mail and instant messaging, we can communicate with people anywhere in the world as if they were right there.

Unfortunately, the benefits of the Internet have also brought a host of new challenges, and security is at the top of the list. We increasingly read about another computer virus (search), a network security breach or the theft of online information (search). For both consumers and businesses, these violations cost time, money and frustration. While quantifying losses is an imprecise science, Nicholas Weaver and Vern Paxson of the International Computer Science Institute (search) recently estimated that a single "superworm" could cost businesses upwards of $50 billion in damage.

The bottom line: Cybersecurity rightly deserves the attention of government, the technology industry and — yes — consumers.

There is no magic bullet for defeating all online threats, but industry, law enforcement and consumers can make great strides if they work together. Automakers, highway patrol and careful drivers all contribute to making our freeways safe. Similarly, we all share responsibility for making the Internet a secure place.

First and foremost, we should recognize that criminals are the ones who commit security violations. A computer virus begins with a virus writer. Hackers willfully break into corporate networks. Online identity thieves are committing fraud. As much as we’d like to blame security glitches in software, we have to acknowledge that criminals play the central role, and law enforcement must respond.

Fortunately, Congress, state lawmakers and law enforcement agencies have taken positive steps. Tough new laws specifically outlaw online crime (search) and empower law enforcement to move against cybercriminals. In August, Operation Web Snare (search) — a local, state, federal and international effort — netted more than 150 arrests and convictions for identity theft, online fraud and other crimes.

The technology industry has also come a long way in responding to security concerns. Leading providers of anti-virus software — McAfee, Symantec and Grisoft — continually update their products in an effort to stay one step ahead of virus writers. Across the board, members of the technology industry are vigilant in identifying and patching flaws in their software. The recent release of Microsoft’s Windows XP Service Pack 2 offers strengthened security to users of Microsoft’s flagship operating system.

It is a mistake, however, to think that avoiding specific products, companies or services will solve all security woes. It is true that Microsoft — the largest, most visible software company in the world — has had its share of security flaws. But in the last year, patches for critical flaws have been issued for Apple and Linux operating systems, the Mozilla browser and many other products. Pointing fingers offers no help.

Fortunately, consumers can help by taking an active role in ensuring their own security on the Internet. Just as you would lock your doors and windows, consumers should follow basic steps to protect themselves. Computer users need to install anti-virus software and keep virus definitions updated; install or activate a firewall; keep software current; and be cautious of fishy e-mails, attachments and links.

By adhering to these few simple rules, consumers will help ensure that they do not become victims of a cyber-attack or unwilling participants in spreading worms.

It is sad to say, but cybersecurity (search) is a never-ending battle. Criminals will always seek out ways to prey on businesses and consumers, both online and offline. But the battle is not hopeless, and we should give no quarter. With industry leadership and cooperation, technological advances and increased law enforcement — as well as consumer vigilance — we can make significant progress in securing the Internet.

Jim Prendergast is the executive director of Americans for Technology Leadership.