Like the fire that Prometheus of Greek mythology stole from the gods and gave to man, the internet was taken from the government and given this powerful tool to the common man. It is a place where ordinary folks like you and me have access to people, places and things that only a few were privileged to have access to. Never before in human history has there been an easily accessible, highly decentralized information source. It has revolutionized how we gather information, communicate, think and shop. Now, according to the Promethean myth, both he and mankind were punished by Zeus for his gift of illumination. For stealing fire, the fire that brought warmth, comfort, security and the light of knowledge to man, Prometheus was chained to a mountaintop where he would be eternally tortured. For receiving that fire, suffering and despair was unleashed upon man.

So it is today with the internet. From novelty to necessity, the internet is fraught with danger. First there were computer viruses, worms and Trojan Horses. To combat those threats we purchased firewalls, antivirus and antispyware programs. Now we have information theft from websites that we’ve do business with. Criminals use that information to make fraudulent purchases and steal our identities. We have the people who prey on and exploit our innocent children. There is software that monitors our children’s internet usage to make sure that they access only age appropriate content. We also physically watch our children when they are online to further ensure their safety, but there is still more to be done.

When it comes to personal information stored on someone else’s database, we are powerless when it comes to that data’s security. We have heard countless news reports of personal information having been stolen from banks and corporations. We all know at least one person who has been a victim of identity theft. Most states have some laws regarding cyber security. California has probably the strongest of them all. However, that law is for businesses and it only mandates disclosure to consumers AFTER a security breach has occurred. Is it time for government intervention to help protect OUR private information?

There is a Federal Agency charged with cyber security and it is called the National Cyber Security Division (NCSD). It is part of the Department of Homeland Security (DHS), born out of the September 11, 2001 tragedy. It was created to improve the United States’ defense against internet-based attacks. However, it has been plagued with inconsistent leadership. Richard Clarke, who was, then chairman of the Counter-terrorism Security Group was offered the position. He refused it due to his concern that there would be too much bureaucracy between him and the Homeland Security director. Since then, there has been four different division heads.

There is also the United States Computer Emergency Readiness Team (US-CERT). It is a part of NCSD, and it is a partnership between DHS, public and private sectors. Their job is the coordination of responses to internet security threats. They release information about current security issues, vulnerabilities and exploits called Cyber Security Alerts. Then, they contact software vendors so that they can create patches and software updates to fix the vulnerability.

This is a reactive approach where the damage has already been done. The steps taken are to contain the threat and stop it from spreading, when the threat should be prevented in the first place and the source of these threats is people exploiting security flaws in software. That is why certain industries, such as utilities, Internet Service Providers and software companies should be regulated. They need to better safeguard our personal information against loss, theft and misuse. Companies must be forced to make more secure software to protect us from malicious code. However, corporations say regulation is anticompetitive and will stifle innovation, while Government officials and security experts agree that the private sector has failed in its handling of cyber security threats and that regulation is needed. Those software companies who write insecure code should be liable for the security flaws and be fined heavily.

That is why I propose tactics that are already in use in the War on Terror. The government must employ hunter-killer operations to scour the internet to track down, find and capture those who create viruses, steal information and prey on our children. Once captured, they will be aggressively prosecuted. The infrastructure is already in place, it just requires the focus to do it.

There is no Deus ex Machina to solve the problem of cyber security. The Federal Government does all that it can to protect itself from internet-based threats while we are left to fend for ourselves. Corporations in the private sector will not act unless it is proven profitable to their shareholders or unless they are compelled to do so by Federal mandate. The Federal Government must work with the private sector to actively work towards not just their cyber safety, but ours as well, because our safety ensures their safety. What are your thoughts on how the government should organize to address cyber crimes?

Author: Ralph Clarke editorial staff writer for SafetyIssues.com