Category Archives: spam

National Cyber Security Alliance Announces New Agreement to Promote Cyber Security Education Programs Nationwide

AscentiveInternet Safety information from the Ascentive team

The National Cyber Security Alliance (NCSA) – a non-profit public-private partnership focused on cyber security awareness and education for all digital citizens – has announced that on behalf of the National Cybersecurity Education Council (NCEC) it has signed a memorandum of understanding (MOU) with the U.S. Department of Education (ED) and the National Institute of Standards and Technology (NIST) to formally institute and promote cyber security education programs in K-12 schools, higher education, and career and technical education environments nationwide.

The new agreement paves the way for the continuation of the recently established public private partnership known as the National Cybersecurity Education Council to build a consensus on the future of cyber education in the United States. The multi-stakeholder effort will bring together government, industry, nonprofit, academia and other educational organizations to make recommendations and suggest guidelines on cyber education.  The collaboration will also include all parties participating in a working group to identify the cyber education needs of all young people and the foundational knowledge, skills and competencies needed by government and industry to build a workforce that can protect America’s vital digital assets.

The MOU’s partnership supports many of the educational efforts responding to President Obama’s 2009 Cyberspace Policy Review, which called for the nation to “build an education system that will enhance understanding of cyber security and allow the United States to retain and expand upon its scientific, engineering, and market leadership in information technology.” Toward this end, in the spring of 2010, the National Institute of Standards and Technology (NIST) within the U.S. Department of Commerce led a team involving many departments and agencies across the government in launching the National Initiative for Cybersecurity Education (NICE). The goal of NICE is to establish an operational, sustainable and continually improving cyber security education program for the nation to use sound cyber practices that will enhance the nation’s security. NICE includes four focus areas, or tracks:  cyber security awareness, formal cyber security education, cyber security workforce structure, and cyber security workforce training and professional development. The public/private partnership, which the MOU fosters, will advance efforts of the formal education track, particularly responding to the needs identified in the Cyberspace Policy Review for a K-12 cyber security education program for digital safety, ethics, and security and for expanded university curricula.

NCEC members are also cognizant of the inherent demand for improved cyber security education in bolstering America’s future workforce.

Today, the U.S. faces a deficit in the number of cyber security professionals in our country, and predictions of our future needs are worrisome. Estimates from a recent study by (ISC)2 and Frost and Sullivan reveal a need of more than 700,000 new information security professionals in the Americas by 2015. What’s more, the U.S. Bureau of Labor Statistics estimate that there will be 295,000 new IT jobs created in the U.S. between 2008 and 2018 – many of which will require cyber security expertise. This data points out a great responsibility within the U.S. education system and other industry groups to help produce cyber capable citizens.

“Our children live in an interconnected technology-based world with a growing need for digital skill sets,” said U.S. Secretary of Education Arne Duncan. “An education that incorporates tools to understand, navigate and operate technology will encourage students to exercise awareness when using digital platforms while helping better prepare them for the jobs of the future.”

“This important MOU will add another dimension to the public/private partnership that is key to cyber security awareness and formal cyber education,” said Special Assistant to the President and Cybersecurity Coordinator, Howard Schmidt.  “Through the partnership, we will continue to increase public awareness of safe cyber behavior, as well as expanding the availability of the cyber education so vital to the future of our workforce.”

“Our future depends on a digital citizenry that can use the Internet safely, securely, ethically and productively,” said Michael Kaiser, executive director of the National Cyber Security Alliance. “Today, the United States faces a daunting challenge. We need to build a cyber security ready workforce trained to deal with a constantly changing digital infrastructure that is protected against a broad range of cyber threats. This broad effort is critical because cyber security and digital safety touches everyone.”

“With cyber threats on the rise, career opportunities in cyber security will continue to grow and students need to have the access to the necessary foundational STEM education and other prerequisites needed to pursue them,” said NICE National Lead, Dr.Ernest McDuffie. “Higher education and technical training must lead to skills and competencies that meet the hiring requirements of government and industry to fill the growing need for cyber security professionals. This working group will help pave the way to achieving this goal.”

“We are proud to convene and lead this new nationwide effort to help make cyber security education widely available and accessible,” said John Havermann, of EMC Corporation and president of the NCSA Board of Directors. “There is no organization or government agency that can tackle this problem alone. It’s going to take a diverse partnership between government, industry, academia and others to work together to develop shared priorities and a path forward.”

Cyber education is also critical to our nation’s economic growth as evidenced by a recent survey, conducted by Zogby International for NCSA and Symantec, of U.S. small business owners that shows a high portion of businesses need employees with cyber security skills. When employers were asked to rate skills necessary for new hires, U.S. small businesses report the following skills are very relevant or essential:

Understanding privacy (51%);

Importance of protecting intellectual property (49%);

Basic knowledge of using technology ethically (47%);

Basic knowledge of Internet security practices (passwords, identifying secure websites) (44%).

In addition, NCSA and Microsoft recently conducted research on the state of cyber security education and the results make clear better cyber education is needed in America’s K-12 classrooms.

 

More than one-third of U.S. K-12 teachers (36%) received zero hours of professional development training by their school districts in issues related to online safety, security and ethics in the past year. (86% received less than six hours of related training).

Only 51% of teachers agree their school districts do an adequate job of preparing students for online safety, security and ethics.

Few K-12 educators are teaching topics that would prepare students to be cyber-capable employees or cyber security-aware college students. In the past year, a mere 4% taught about careers in cyber security; 20% taught about knowing when it is safe to download files; 23% taught about using strong passwords; and just 7% taught about the role of the Internet in the U.S. economy.

 

Photo Credit


Cyberattacks on the Rise

AscentiveCybersecurity information from the Ascentive team

New cybercrime statistics published by HP reveal that the cost of cyber attacks has risen more than 50%* since last year, and IT security expert Stu Sjouwerman cautions that number is likely to grow. As the founder and CEO of Internet Security Awareness Training (ISAT) firm KnowBe4, Sjouwerman (pronounced “shower-man”) has made it his mission to learn the increasingly sophisticated tactics used by the latest generation of cybercriminals – and to educate small and medium enterprises (SMEs) on how to recognize and avoid them.

According to the Second Annual Cost of Cyber Crime Study, which was sponsored by ArcSight (an HP company) and conducted by the Ponemon Institute, survey respondents reported losses between $1.5 million and $36.5 million per year due to cyber attacks. Collectively, their median annualized cost was $5.9 million – a 56% increase over the $3.8 million figure reported in the July 2010 study. Other key findings announced by HP: the frequency of cyber attacks has increased nearly 45%, and the time and cost to resolve them has risen. The study’s findings indicate that a single attack now takes an average of 18 days and $416,000 to correct.

As many executives and entrepreneurs have learned the hard way, today’s cybercriminals are stepping up their efforts with stealthy tactics and sophisticated technology. This latest study shows that cyber attacks and their related costs are rapidly growing, so business need to be proactive in combating cybercrime if they want to avoid financial loss,” cautioned Sjouwerman.

To educate SMEs on the evolution of cybercrime – and help them better understand what they’re up against today – KnowBe4 provides an overview of the “Five Generations of Cybercrime” on its website. “While the first generation of hackers were more interested in notoriety than financial gain, today’s cybercriminals – Generation Five – are more likely to be operating within organized crime syndicates and profiting handsomely from their schemes,” Sjouwerman explained. “Coding skills are no longer required. Tools and malware are readily available through a thriving underground market, so even a relative novice could quickly get in on the action.”

Among the alarming developments Sjouwerman and his KnowBe4 colleagues are seeing today are:

  • · Licensed malware complete with technical support
  • · Cybercrime social networks with escrow services
  • · “Pay-for-play” malware infection services
  • · Botnet rentals for cybercrime sprees

Sjouwerman believes that the reason so many companies are falling victim to cybercrime is because they’re not taking proactive measures to prevent it. He attributes the growth of the criminal enterprise to a false sense of security among executives at SMEs and a lack of training among their employees. “Many people assume antivirus software and an IT team are sufficient protection against cyber attacks. But the fact is that cybercriminals can bypass corporate security measures simply by tricking one employee into clicking a link. With one click, malware can be instantly downloaded to a computer and quickly spread across an entire network. And in most cases, the employee is completely unaware he or she has just given cybercriminals open access to company systems.”

Photo Credit


Learning by Grace launch site to Stop Cyber-Bullying

AscentiveInternet Safety tips from the Ascentive team

Learning By Grace is pleased to announce the launch of its STOP CYBER BULLYING CAMPAIGN with a FREE resource for the online homeschooling community called Stop Cyber Bullying (http://cyberbullying.learningbygrace.org). Learning By Grace defines cyber bullying as “the intentional use of digital content to lie, deceive, harass, threaten, mock, shame or bully a minor” and cyber harassment as “the same behaviors directed towards adults or companies.”

The Stop Cyber Bullying website is packed with information to help students and educators combat the newest epidemic gripping our country. Cyber harassment can be life threatening; it can destroy reputations and businesses. Over 30 teenagers have died as a result of cyber bullying. Children are not the only victims of cyber abuse; cyber harassers target adults as well. In an age where anyone can post anything about anyone with almost complete immunity and anonymity, the future of reputation and the future of privacy are being questioned.

“Having experienced cyber harassment for years, I learned firsthand how painful and frightening it can be. So like all of the injustices God has shown me, I set out to right the wrong”, says Mimi Rothschild. “Education about the cyber harassment crisis empowers students to recognize it and stop it. The cyber harassers ended up not only torturing me, but every member of my family as well”, she explains. When Rothschild’s son died of medical negligence, she started an advocacy organization for children. When Rothschild’s other son was hospitalized for 2 years, she started online homeschooling Academies that bring school to kids.”

Rothschild is the Co-Founder and CEO of Learning By Grace, the nation’s leading provider of Christian online homeschooling programs. “We founded Learning By Grace after our son was hospitalized for 2 years with a life threatening condition requiring life support. We met wonderful other children who were also hospitalized for long periods of time and saw a need for a school that could come to them.”

Learning By Grace manages 5 online Academies that offer over 150 online, state of the art, Biblically based PreK-12 courses. Learning By Grace is celebrating its 10th year of managing online homeschooling programs. It attributes its exponential growth to its state of the art online curriculum that consists of close to 200,000 pages of original Christian educational content and its affordable tuition.  During the summer of 2011, a team of Curriculum developers added access to 20,000 videos from Discovery Education to the 150 online courses, quadrupling the effectiveness of their programs.

According to Cyber bullying statistics from the i-SAFE foundation:

•       Over half of adolescents and teens have been bullied online, and about the same number have engaged in cyber bullying.

•      More than 1 in 3 young people have experienced cyber threats online.

•      Over 25 percent of adolescents and teens have been bullied repeatedly through their cell phones or the Internet

Working to Halt Abuse (WHOA) fight online harassment through education of the general public, education of law enforcement personnel, and empowerment of victims publishes that there are about 75 new cases of cyber bullying or cyber harassment reported to them on a weekly basis.

“We hope Learning By Grace’s new free Stop Cyber bullying website will shed light on a dark issue that can create serious harm and even threaten life.” says Rothschild.

The website offers tutorials, webisodes, videos and tips on how to prevent cyber bullying and how to combat it if it rears its head. It was built using resources available through the US Department of Education, US Department of Health and Human Services and the US Department of Justice.

Photo Credit


Cyber-bullying in the Workplace

Internet safety tips from the Ascentive team

Parents all over the world are aware of the growing threat of cyber-bullying. Cyberbullying is the use of information and communication technologies to support deliberate, repeated, and hostile behavior by an individual or group that is intended to harm others. Approximately half of U.S. students are impacted by bullying each school day on buses, in the cafeteria, gym, hallways, playground, and in classrooms. But you may be surprised to know that cyber-bullying has discovered a whole new arena: the workplace. Unfortunately, Cyber-bullying has taken workplace bullying to a new level.

We all know how quickly an email can spread information or an idea. Imagine the impact when an email or even a text messages broadcasts an unverified rumor about a target.

Even worse, whereas cyber-bullying is usually the act of one person attacking a single target, there’s also the possibility of cyber-bullying mutating into cyber-mobbing, which is an instance of multiple people attacking someone. All a workplace cyber-bully needs to know is your email address or phone number. These cyber-bullies can remain anonymous under an assumed email identity, or even block their number when calling you.

Luckily, there a few things you can do to curb cyber-bullying:

•    Save emails that contain any type of bullying messages. Your company may have a way to find out who owns that account, and you can then block that email address from sending you anything. In addition, the email can serve as evidence that you are being bullied. And if you have received a bullying email from a fellow employee, forward it to your Human Resources department.

•    Never use your work email account for personal matters. Always use a completely separate email account for personal use.

•   Never tell your online connections (people you have never met in real life) your company’s name or where it is located. If you do, you run the risk of someone learning the email address that you use for work.

•   Use an email program that filters out anyone that’s not list in your “safe” list. For extra security you can download an email verification program from the Internet that ensures you are in control of who sends you emails. With these programs an unidentified sender has to first apply to you, then you can accept or decline the request.

•    For Cyber-bullies who use text messages to attack, you can also block identified phone numbers. Just call your cell phone company to arrange the block on the number.

Although Cyber-bullying is a passive form of bullying, it’s as serious as any other form of bullying at work. Just remember that you can always take the steps above to block and verify who contacts you in order to regain control.


Hackers prank Tupac hoax on PBS website

Business news from the Ascentive team

PBS officials say hackers have cracked the network’s website and posted a fake story claiming dead rapper Tupac Shakur was alive in New Zealand. LulzSec, the hacker group that claimed responsibility for the prank, are said to have acted in response to a recent “Frontline” investigative news program focusing on the whistleblower site WikiLeaks. PBS confirmed Monday that the website had been hacked. The phony story had been taken down as of Monday morning. It had been posted on the site of the “PBS NewsHour” program, which is produced by WETA-TV in Arlington, Va.

Anne Bentley, PBS’ vice president of corporate communications, said in an email that erroneous information posted on the website has been corrected. The hackers also posted login information for two internal PBS sites: one that media use to access the PBS pressroom and an internal communications website for stations, she said. She said all affected parties were being notified.

David Fanning, executive producer of “Frontline,” said he was learning of the hacking early Monday, nearly a week after the program aired its “WikiSecrets” documentary about the leak of U.S. diplomatic cables to the WikiLeaks website. The documentary, produced by WGBH-TV in Boston, generated criticism and debate on the program’s website in recent days from those sympathetic to WikiLeaks founder Julian Assange and from those who thought the program was fair, Fanning said. “Frontline” producers hear impassioned responses all the time, Fanning said. Having a group attack the PBS website over a news program was unusual but “probably not unexpected,” he said. “From our point of view, we just see it as a disappointing and irresponsible act, especially since we have been very open to publishing criticism of the film … and the film included other points of view. This kind of action is irresponsible and chilling.”

A group calling itself LulzSec (aka The Lulz Boat on Twitter) claimed responsibility and posted links to other hacks, including a video apparently taunting the network. Taunting messages were also posted on the group’s Twitter page targeting the PBS program “Frontline.” One message said the group recently saw the “WikiSecrets” show and was “less than impressed.”

PBS ombudsman Michael Getler wrote about the “WikiSecrets” documentary in his weekly column Thursday, saying it had generated only a handful of complaints, though he had expected more mail from viewers. “This may be a good thing for Frontline if it suggests that most viewers found the program to be in keeping with Frontline’s reputation for fair yet tough reporting,” Getler wrote. Getler raised some questions about the reporting in the program but said he found the questioning by interviewer Martin Smith to be “tough but proper.”