Securing our eCity: Grassroots block-by-block cyber threat awareness
While there has been quite a bit of buzz lately around the Securing Our eCity (SOeC) win of the Department of Homeland Security's National Cybersecurity Awareness Challenge, the buzz back in San Diego isn't media driven, it's participant driven and it's passionate.
I have witnessed a passion which has rallied SOeC's cybersecurity experts who consist of cops, lawyers, techies, urbanites, doctors and high school seniors, and this passion started long before the win this month and the White House visit.
The SOeC buzz: An insider's perspective
The buzz around SOeC consists of passion, a sense of legacy and collaboration. SOeC's growth is due in no small part to internet technology like Twitter, Facebook, WordPress, YouTube, as well as the no-cost, highly effective instructor-led training workshops.
The excitement is from what we all feel while participating in the growth of something special. Securing Our eCity combines a positive, grassroots-driven community effort with a scalable model for public-private partnership. This model eCity methodology is designed to take back our digital streets from the criminals, spies and terrorists who form the 21st century's cyber threats of cyberwarfare, cyberterrorism and cybercrime.
Two of the challenges SOeC faced were clearly articulated in the very first months of Securing Our eCity's existence: cybersecurity awareness and the prevalent use of the internet by those who wish to do us harm.
“Not everyone on the internet is a bad guy, but every bad guy is on the Internet.” – Karen Hewitt, U.S. attorney
This buzz even infuses small and large group attendees of our one-hour workshops. Some are quoted as saying they 'ran back to their desks to make personal security changes.' Metrics gathered through unobtrusive embedded methods, like the audience-response clickers, back up the buzz by showing an average 37 percent rise between pre-workshop and post-workshop assessment in cybersecurity awareness.
Adopting elements of this model is what got DHS all fired up, but it's not about the award. The award was not about us, it was about how all of us together can make that critical difference in an interconnected world where business banking is being pillaged and our nation's educational institutions are under constant attack, often more than 300,000 per hour.
Mayor's Cyber Cup Prize: ESET scholarship turns HARDCORE
Just prior to Securing Our eCity's win and subsequent White House visit, I had the opportunity to watch some of our SOeC partners prepare and deliver their curriculums for our Mayor's Cyber Cup scholarship winners.
This was a first for all of us. Later, most of the parents of the winning participants related that their expectations were that we'd give their kids a typical internship – empty trash cans, maybe do some light research for a week and a nice letter at the end. You know, corporate lip service.
No lip service here. SOeC went hardcore and our winners got skull sweat and hands on in wicked Red Team / Blue Team fashion. From social engineering to principles of ancient Greek and Roman warfare, every day was a new challenge.
Geek to geek, cheek to cheek with some of the most experienced people in San Diego, our partner/instructors spanned SOeC: from law enforcement partners U.S. Attorney Mitch Dembin to SAIC VP and Cyber Cup moderator Scott Kennedy. They included door-busting CATCH Team detectives, IT policy-makers and security architects, ESET's own Jeff Debrosse, myself and a host of others too numerous to name.
All of our partner/instructors went above and beyond, motivated to create the best learning experience possible for a very technical and potentially very boring subject: cybersecurity. From the server rooms, courtrooms and boardrooms to the classrooms, all the instructors were fired up and all delivered their best.
I saw pride radiating on faces and in the body language when each SOeC partner/instructor described their own personal feelings they held of the opportunity to address these high school winners. The instructors almost universally related to me afterwards that they saw “these kids as our nation's future leaders” in cybersecurity.
Success = creating a community of passionate participants
During our Cyber Cup Scholarship, I watched speakers ranging from the cyber cops for the San Diego CATCH team to U.S. attorneys who prosecute the most cyber intrusion cases in the nation (San Diego district ranks third out of 94 districts for all felonies). They were fired up, every one of them.
I watched industry leaders who came from nationally known companies, like SAIC, whose pride at being included in speaking to these four students far eclipsed anything deemed compulsory.
One comment about that DHS award frames its relevance perfectly:
“This award is really being given to the City of San Diego and the 200-plus stakeholders involved in the Securing Our eCity initiative,” said Darin Andersen, COO, ESET.
Roll that pebble and start an avalanche
My opinion is that everyone reading this can take actionable steps away from it today.
- If you personally “don't know what you don't know,” look toward learning just a handful of steps today which can make you and your family safer online.
- If you are an industry expert, look at how you can personally step up and start your own community-driven public-private partnerships in your own eCity.
Regardless of which category you fall into, you are safer for the small action you begin today. We are open source and very grassroots. Give us a shout and we'll help to start that pebble rolling in your own eCity.