Cyber security by the rest of us ...

Breakdown of cyber crime types reported by learners in Week 1

As part of the Introduction to Cyber Security MOOC, we asked learners to review their computer security practices at the start of their learning by completing a simple online survey / self-audit.  Over 9100 learners completed the survey in Week 1 of the course, highlighting some interesting findings.

For example, although 84% of respondents had configured their computers to require a password on startup, 30% did not 'lock' their computer so that it required the password to be re-entered if they left it unattended.

With regard to password management, 55% of respondents depended on their memory for storing passwords, whereas 26% used software (password manager / web browser) to manage their passwords.  It is noteworthy that 18% reported that they write their passwords down and 59% reuse the same username / password across multiple websites.

It was reassuring to note that 90% of learners who completed the survey reported that they use anti-virus software on their computer, and 96% of these learners make sure to keep the software up to date.  However, in addition to the 10% of learners who don't use anti-virus software, 13% reported that they do not take steps to update their software - indicating there is a significant user population whose machines are vulnerable to being attacked by cyber criminals.

The final noteworthy result from this survey was that 46% of respondents reported that they had been victims of some form of computer crime.  The breakdown of the types of crime reported by these learners is shown above.



Comments

Post a Comment

Popular posts from this blog

Cloud Wedge - geek of the week

Image
CloudWedge: 'Geek of the Week' My colleague Yijun Yu recently wrote a opinion piece for The Conversation about how cloud computing could have made a difference to the search for Malayian Airlines MH370.  Essentially the question he poses is: why, in the age of global internet connectivity (including now onboard planes!), do we depend on the onboard flight data recorder for information about what happens on a plane? Of course there are numerous challenges with this - not least the cost of bandwidth for all the flight data (including cockpit audio) to be uploaded in real time and the security of the data.  Yijun's article addresses some aspects of the latter, and the former is not an insurmountable problem.  For example it should be possible to upload basic flight telemetry (e.g., GPS location, air speed, engine statistics and fuel data) without requiring significant bandwidth.  Indeed aero engine manufacturers such as Rolls-Royce deployed engine monitoring systems
Read more

Priming Code Club

Code Club Assembly Presentation from akbandara As part of my work with STEMnet, I recently signed up as a CodeClub volunteer at St. Bernadette's Catholic Primary School in Milton Keynes.  Working with Kate Clarke, the ICT leader at the school, I am going to be leading an after-school club that will introduce kids in Year 5 and Year 6 to the exciting world of programming.  CodeClub is a nationwide, volunteer driven, grass-roots movement to get kids learning about the fun that can be had programming computers, rather than simply using them. In order to give the kids some idea about what they might be letting themselves in for, last week I delivered the short presentation (embedded above) at the school.  I started out by getting the kids to identify different computers, and think about what a computer really does, i.e. follows a set of instructions to complete a task.  We then played with a neat little iPad game called 'Kodable' which allows the player to progr
Read more

Are we losing the Internet Security battle?

Image
I was recently invited by Heimdal Security to take part in an expert roundup, with the theme of "Is Internet Security a Losing Battle?".   The main thrust of my answer was to question our use of analogies of conflict in the context of Internet Security or cyber security.  As I said in my response: "... in this context the metaphors of conflict, such as ‘war’ and ‘battle’ are unhelpful because they suggest that internet security is the responsibility of the technologists who act our defensive force against attackers.   Instead, as has been argued by technology activists like Cory Doctorow  and others we might have more success by thinking of cyber security using the analogy of public health and communicable diseases.   By using this analogy, we make cyber security issues more relevant to people and spur them to gain a better understanding that, like diseases, any of us can be afflicted by a cyber security attack.  We can also adopt an analogous approach for han
Read more