While in Washington DC last week, I attended the kickoff event for National Cybersecurity Awareness Month. The event was sponsored by the National Cybersecurity Alliance and featured prominent speakers including Department of Homeland Security Secretary Janet Napolitano, Deputy Defense Secretary William Lynn, and the White House National Security Staff's Acting Senior Director for Cybersecurity, Chris Painter.
It's now one week later and I couldn't be more disappointed. Aside from the good work by the National Cybersecurity Alliance and a few isolated public and private sector initiatives, next to nothing has happened.
This week I met with about 20 security professionals this week including some who work in the public sector. Some of these folks were security technology vendors and some were security practioners. Not one knew that it was National Cybersecurity Awareness Month. Each day I checked the web sites of leading security vendors. Yes, there were a few banner ads and press releases but not much more.
Coincidentally, October is also National Breast Cancer Awareness Month. This event has been heavily promoted in many ways. For example, NFL players wore pink gloves, hats, and shoes last week to offer their support.
I'm not suggesting that the cybersecurity community work out a deal with the NFL, but I am suggesting that there is a lesson to be learned. Obviously, the breast cancer survivor, research, and charitable community are passionate about their cause and are doing all they can to promote awareness. It's time the cybersecurity community drop some of its profit-driven, self-serving behavior and recognize that we should be as passionate about our cause as others are.