Oct. 1 is the start of yet another 31-day period focused on online safety and security. Microsoft has supported National Cyber Security Awareness Month (NCSAM) in the U.S. for 11 straight years. This year, NCSAM is further extending its footprint to Europe, Latin America and elsewhere—as we all seek to raise awareness about the best and easiest ways to stay safer and more secure online.
In partnership with the National Cyber Security Alliance (NCSA), the U.S. Department of Homeland Security (DHS) will kick off NCSAM in Nashville, Tennessee, while Europe will launch its cyber security month at a day-long event in Brussels. Regardless of where one chooses to mark the start of the month, it’s important to remember why we come together each year in this way and what we aim to accomplish.
When we talk about public awareness-raising in cybersecurity or educating individuals and families about staying safer online, it’s for a specific purpose: we are trying to effect behavioral change. We want individuals to become better digital citizens; to exercise safer online habits and practices because we want them to be safer, and to do their part to protect the overall online ecosystem. Moreover, we want them to influence and encourage others to behave responsibly and appropriately in the digital world. But, behavioral change is difficult and it takes time. It certainly doesn’t happen at Internet speed. I view this progression as moving along a behavioral-change continuum. We start by raising awareness about online safety, security and privacy issues; we then need to focus on changing people’s attitudes toward a given topic or activity. Then, we hope they will shift their beliefs in addressing or preventing issues before they arise, and ultimately change their behavior for the better.
In 2009, NCSA teamed up with APWG—the organization formerly known as the Anti-Phishing Working Group—for the very purpose of raising awareness about online safety and security. In turn, the two kicked off what, in my view, is one of the most successful public-private partnerships in operation today. NCSA and APWG set out to agree on a single, actionable, unifying message that companies and organizations could all use to help educate individuals and families about life online. One year later, 25 major corporations, including Microsoft, as well as seven U.S. government agencies and departments, met in Seattle at NCSAM 2010 where STOP. THINK. CONNECT. (STC) was revealed—a simple, easily understood message designed to drive people to action to help safeguard their digital lifestyles.
STC has since been recreated or adapted by nearly 150 organizations and 13 governments. These groups use STC either internally to help educate employees, or they evangelize it and share it with their customers and constituents. Those numbers are continuing to grow, as STC can be licensed and used freely by anyone who asks. STC witnessed a new level of international cooperation this past May, when NCSA and APWG hosted more than 40 representatives from governments, technology companies, non-governmental organizations and child advocacy agencies from 13 geographies. The group met at Microsoft’s European headquarters in Paris to share knowledge and experiences, and to explore broader international collaboration.
There is no one-size-fits-all approach to cyber security and safety. But if, where appropriate, more groups could echo this same message, consumers would recognize the effort as a legitimate call to action, as opposed to “noise” that needs to be filtered out or ignored altogether. Collectively, we need to break through the many messages and pieces of guidance delivered to consumers daily. It will be far more impactful to hear a single, compelling message from several different trusted entities, as opposed to loosely similar messages from a multitude of organizations. Indeed, we have a greater chance of moving consumers along that behavioral-change continuum if we band together in a louder chorus.
Microsoft has assumed an active role in NCSA and STC from the beginning. Not only do we share in the broad responsibility to help protect consumers online, but we also firmly believe that together—as industry, government, NGOs, child safety organizations, law enforcement and others—we can accomplish more than any single entity or organization on its own. And, much like NCSA’s pre-STC research showed, when one person or organization is safer and more secure online, all others also benefit from that state of being: “Safer for me; more secure for all.” Working in concert, I know we can continue to capitalize on what STOP. THINK. CONNECT. has started, and gain even more ground going forward.
For more information about Microsoft’s participation in STC and to learn how you can get involved this NCSAM, visit our website; “like” us on Facebook; follow us on Twitter, and look for my “point of view” following the #MSFTCOSO hashtag.