During the past couple of weeks, there have been numerous reports and surveys issued by business associations warning about the increased hazard of cyber security disruption to
corporate America and the average computer user. This has been mirrored with news of cyber security breaches at federal computer databases.
While news coverage of this issue is not lacking, one problem persists: Is anyone actually absorbing these warnings, or do proponents of the subject need to ratchet up its PR
volume?
Among the most notable reports and surveys have included the warning that the lack of a standing plan for restoring the Internet after a major disruption could open the door to
a "cyber Katrina" (Business Roundtable), a study that found 67% of consumers cannot identify a secure Web site (National Cyber Security Alliance and Bank of
America), the findings that half of American consumers avoid making online purchases for fear of having financial information stolen (Cyber Security Industry Alliance
and Pineda Consulting), the discovery that every financial institution in Canada has been the subject of a cyber security attack (Deloitte Touche Tohmatsu),
and the statistic that 81% of the CIOs and IT executives at roughly 1,000 smaller companies believe cyber security is the primary disaster facing their operations ("AT&T
Business Continuity Survey").
Furthermore, the Washington Post reported earlier this month that a government consultant successfully hacked the FBI's classified computer system in 2004 and
gained access to 38,000 employee passwords, including that of FBI director Robert S. Mueller III, while the Baltimore Sun reported Chinese hackers were able to steal
information from the classified computer system serving the Joints Chief of Staff.
How can one explain this rise in cyber security fears? "I believe there is a growing alarm because of the high levels of terrorism now," observes Loren Lloyd, CEO of Lloyd
Computer Services in Oshawa, Ontario. "Terrorism is in the news on a daily basis, and with the advances made on the Internet, it would only fit that terrorists would also
want to attack the World Wide Web."
PR To The Rescue?
But are people taking this seriously? It depends on the audience.
"On the trade side, particularly with the grown technology security press, it is very easy for a case to be made," says Andy Freed, COO of the Cyber Security Industry Alliance.
"That audience is certainly quite keen to those issues."
Freed notes the vigorous PR push to influence government policy. "PR is certainly a large component of any lobbying strategy," he continues. "It is important for us to work
with the legislators and their staffs to understand the issue, and to work with all of the different agencies where cyber security can impact legislation - banking reform, telecom
reform, Department of Homeland Security, etc."
But Freed adds the Capitol Hill focus has yet to achieve a significant goal: The appointment of assistant secretary for cyber security within the Department of Homeland
Security (the position was created on July 13, 2005, but remains vacant). "Clearly DHS has a lot of competing priorities," says Freed. "We'd like to see that rise to the
top."
Equally problematic is what appears to be consumer indifference.
"From a PR standpoint, it is difficult promoting it," says John Sidline, managing partner of Mobility Public Relations in Lake Oswego, OR, and a specialist in high-tech
PR. "People are less likely to talk about how they were exposed to security issues and how they are addressing it. As for the companies selling security solutions, they can't
get a lot of customer references for PR purposes. There is a complete absence of customers talking about how great their solutions are. It is the biggest challenge on the PR
side - do you want to tell any potential hacker what your solution is?"
Sidline worries that many consumers have no interest in paying heed to cyber security PR outreach. "A lot of consumers just sort of ignore it," he says. "The more robust the
security solution, the less likely the average person gets it. They find it too complicated and don't understand it."
In a way, the underlying PR challenge is to give the impression of victory over the hackers. Unfortunately, that is not likely.
"There is no such thing as 100% hacker proof," says Bruce Zubee, president of Zubee Internet Services in Middletown, CT. A provider of e-commerce solutions, Zubee
recently had one of his online operations disrupted by hackers traced back to Afghanistan. Zubee is resigned, however, to the belief nothing is going to stop the hackers.
"You can build a very strong house and someone will come along and build a stronger machine to knock it down," he says, with a sigh. "Where there's a will, there's a way."
Contacts:
Loren Lloyd, [email protected]; Andy Freed, 202.204.0838; John Sidline, [email protected]; Bruce Zubee, [email protected].