National Cybersecurity Alliance advocates ‘shared responsibility’ for securing the Internet

The targeting of Sen. Claire McCaskill by Russian intelligency agency hackers, as she runs for re-election, underscores the need for each individual and organization to take online privacy and security as a core part of our everyday lives.

Related: Using ‘gamification’ for security training

The National Cyber Security Alliance is a  non-profit group, underwritten by the top tech companies and biggest banks, that has been out there since 2001 promoting best practices and supplying programs to engrain this mindset in our society.  NCSA operates the StaySafeOnline website that provides a variety of cybersecurity educational resources and programs.

I sat down with Russ Schrader, NCSA’s new executive director, who outlined the terrific resources NCSA makes available. One program, for instance, puts on workshops for Congressional staffers and other federal employees on how to recognize and avoid nation-state backed hackers looking to interfere in elections.

For a full drill down on our conversation, please listen to the accompanying podcast. Here are excerpts, edited for clarity and length:

LW: What is the National Cyber Security Alliance?

Schrader: We are a leading nonpartisan, nonprofit group that’s very involved as a convener of experts to talk about a number of the top issues in cybersecurity. We also have a lot of educational programs that reach far beyond the insular, cybersecurity expert areas.

LW: How did this organization get started?


Schrader: The legacy is a group of CISOs from companies like Facebook, Google, Microsoft, Cisco, Oracle, Mastercard, Visa, Bank of America, Wells Fargo and a lot of others. They built a very robust  group of committed cybersecurity professionals in their own businesses. But they also realized there was a greater good in encouraging safety and security of the Internet, as it becomes more and more an important part of people’s lives.

LW: Your high-level mission, as I understand it, is generally to build the level of awareness across the board?

Schrader:  Absolutely. We have a lot of programs geared toward education at a lot of different levels. In addition to the consumer levels that we’re doing, we also work with people on the Hill,  and try to help them during this election time, or when there may be unfriendly actors trying to hack into their e-mails or hijack their social media accounts. We’re really dealing directly with congressional staffers, and agency staffers, to help them protect themselves and, by extension, the American people.

LW: What are you doing for small and medium sized businesses?

 Schrader: SMBs are the backbone of America; they’ve been a major driver of economic growth in a lot of different ways.  And they are a big part of the supply chain to large companies.

A large retailer may spend millions on cyber security. But their  contractors may not be spending that kind of money, and simply do not have that expertise.

So we’ve boiled the NIST framework  down into a very focused workshop exercise. We bring together 150 or so people into a room for morning and just work through exercises. We will give them 10 so focused tips and ask them to just take a couple of them, just do it two or three things to improve their security posture.

LW: What  should we all understand about cyber threats as they exist today?

Schrader: Everyone who works at a company is also a consumer. We are all always using our  connected devices,  no matter where you are, no matter what you’re doing. We bring our devices home and use them in our personal lives. We’re all continually exposed to cyber threats. So security has become a shared responsibility.

LW: So, put another way, be mindful of our digital footprints, right?

Schrader: Yes. One of the things we advocate is a digital spring cleaning. Every spring my grandmother would move the furniture, roll up the carpets and take out the blinds, to go, top to bottom, to let in all the fresh air, clean out the house and just get ready for another year.

So let’s apply that to the digital world. Chances are your phone and  your laptop have apps that you haven’t touched in a year. Well, get rid of them; clean up that space. Find out what information they’ve been collecting from you, quietly in the background. And get rid of them.

There is no reason why you need to have them. Simple steps will make your device cleaner, faster and open up storage space. And it will also help prevent possible malware infections.

LW: Regular big cleanups, just like grandma used to do.

Schrader:  That’s absolutely right.  And, frankly, I find it easier to clean my phone than it is to do some of what my grandmother used to do around the house.

*** This is a Security Bloggers Network syndicated blog from The Last Watchdog authored by bacohido. Read the original post at: