Last week President Barack Obama gave his annual State of the Union Address. Not surprisingly, among the things his address touched on was cybersecurity.

CSEE’s Professor Anupam Joshi, director of the UMBC Center for Cybersecurity, was one of nine academics invited by The Conversation to give reactions to particular items mention in the address. His remarks were included in their article, The State of the Union 2015 – a closer look at the president’s ‘ambitious agenda’.

The need for cyberhygiene
Anupam Joshi, University of Maryland Baltimore

The fact that cybersecurity found mention in the president’s SOTU address, among weighty issues like fundamental new approaches to taxation and foreign policy, is a testament to how important this issue is today. From (corporate) espionage and identity theft to financial crimes and ransomware, cyberspace is where sophisticated state, non-state and criminal enterprise actors are now most active.

The president correctly identified that we need to protect cyberspace to reap the benefits of the digital revolution, focusing on greater information sharing to improve security.

Presumably, this refers to passage of proposed legislation to provide targeted liability protection that would enable more information about private sector attacks to reach the Department of Homeland Security’s National Cybersecurity and Communications Integration Center. Such legislation will enable researchers to have the data to better understand, detect, and deter attacks, but there are also significant issues around privacy and data security that need to be carefully addressed.

Earlier this month, the White House suggested that better tools for law enforcement, newer requirements on reporting data breaches, and support for cybersecurity education are needed.

These are all important, but I would urge a particular focus on significantly expanding cybersecurity education far beyond the typical college-level courses to train cyber defenders.

What we need is a greater awareness of “cyberhygiene” for the average internet user – simple “preventative medicine” tactics to minimize risk for individuals and for us all. Just as kids are taught to wash hands for 20 seconds or be careful around strangers for example, they should be taught to be careful when clicking on links embedded in emails.