Abstract
This paper outlines how early alert systems can help home users and SMEs in improving their security hygiene (culture of security). The viability of our framework and concepts are evaluated using www.CASEScontact.org as a case study. The latter offers its services to targeted groups of home users and SMEs supporting them in better protecting their information and data assets stored on, for instance, PCs or smartphones. As this paper shows, careful targeting of services (e.g., type of information and technical focus) and diligence (e.g., accurate and timely information is being provided) are a must for attaining users’ trust and confidence. Only then may behavioral change follow that will, in turn, improve security hygiene (culture of security). As a result, we present conceptual and empirical evidence for the need to integrate marketing and information security elements to improve an early alert system’s resource-advantage.
Keywords
- awareness
- critical infrastructure
- critical infrastructure protection
- crime
- culture of security
- cybercrime
- CASEScontact.org
- CyTRAP Labs
- early warning system
- EWS
- freeware
- identity theft
- incident response
- information assurance
- information security
- lessons learned
- malware
- phishing
- patch management
- prevention
- public-private partnership
- privacy
- risk management
- security assurance
- security guide
- threat
- trust
- US-CERT
- virus
- vulnerability
- worm
An earlier version of this paper was presented at the First International Workshop on CRITICAL INFORMATION INFRASTRUCTURES SECURITY (CRITIS’06) August 30 – September 2, 2006 Samos Island, Greece. A longer and more detailed version of this paper entitled “New threats and national warning systems – lessons to be learned” can be downloaded from http://cytrap.eu/blog/?p=30.
This is a preview of subscription content, access via your institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
OECD Broadband Statistics. OECD, Paris (December 2005), Available: http://casescontact.org/euist_view.php?newsID=4019 (last access: May 22, 2006)
Gattiker, U. E.: Digital divide is dead but keeping broadband competition alive remains a challenge. CyTRAP Labs, Zurich (October 2006), Available: http://cytrap.eu/blog/?p=66 (last access: October 20, 2006)
CERT/CC Overview Incident and Vulnerability Trends. Cert Coordination Center, Pittsburgh, PA (2001), http://www.cert.org/present/cert-overview-trends/module-5.pdf (last access: May 21, 2006)
Gattiker, U. E.: Blended threats - are the computer security’s new nemesis? CyTRAP Labs, Zurich (August 2006), Available: http://cytrap.eu/blog/?p=23 (last access: October 20, 2006)
Gattiker, U. E.: Identity theft, anti-virus protection: Insurance plans for professionals. CASEScontact.org, Zurich (May 2002), Available: http://casescontact.org/euist_view.php?newsID=2564 (last access: June 15, 2006)
Lenhart, A., Madden, M., Hitlin, P.: Teens and technology: Youth are leading the transition to a fully wired and mobile nation Report Family, Friends & Community. Pew Internet & American Life Project, Washington, DC (July 27, 2005), Available: http://www.pewinternet.org/report_display.asp?r=162 (last access: June 13, 2006)
Terena Incident Taxonomy and Description Working Group. Taxonomy of the computer security incident related terminology (Work in Progress). Author, Amsterdam (not dated), Available: http://www.terena.nl/activities/tf-csirt/iodef/docs/i-taxonomy_terms.html (last access: June 14, 2006)
Sony BMG rootkit. CyTRAP Labs: getting the security jargon right. CyTRAP Labs, Copenhagen (2006), http://cytrap.org/RiskIT/mod/glossary/view.php?id=13&mode=entry&hook=284 (last access: August 2, 2006)
Burnett, P., Gattiker, U.E.: An information sharing vision for improving internet security: Building a warning, advice and reporting point (WARP). CASES network, Copenhagen, DK (November 2002), Available: http://casescontact.org/euist_view.php?newsID=2869 (last access: June 8, 2006)
Gattiker, U.E.: Best Practices Guide - Instant Messaging (IM) audit - managing IM communication securely & successfully CASEScontact.org, Zurich (May 2006), Available: http://casescontact.org/euist_view.php?newsID=3981 (last access: June 15, 2006)
Gattiker, U.E.: CyTRAP Labs–national alert systems are needed since today’s mechanisms do not appear to work. CyTRAP Labs, Copenhagen (June 2006), Available: http://casescontact.org/euist_view.php?newsID=4030 (last access: June 8, 2006)
Zero-day exploit. CyTRAP Labs: Getting the security jargon right. CyTRAP Labs, Zurich (2006), http://cytrap.org/RiskIT/mod/glossary/view.php?id=2&mode=entry&hook=7 (accessed: May 23, 2006)
Commission of the European Communities. COM (2002) 263 final (COMMUNICATION FROM THE COMMISSION TO THE COUNCIL, THE EUROPEAN PARLIAMENT, THE ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE REGIONS) - eEurope 2005: An information society for all An Action Plan to be presented in view of the Sevilla European Council, 21/22 (28.5.2002), 23 Pages (June 2002), Available: http://casescontact.org/euist_view.php?newsID=2779 (last access: June 8, 2006)
Hunt, S.D., Arnett, D.B.: Does marketing success lead to market success? J. of Business Research 59, 820–828 (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gattiker, U.E. (2006). Can an Early Warning System for Home Users and SMEs Make a Difference? A Field Study. In: Lopez, J. (eds) Critical Information Infrastructures Security. CRITIS 2006. Lecture Notes in Computer Science, vol 4347. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11962977_10
Download citation
DOI: https://doi.org/10.1007/11962977_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-69083-2
Online ISBN: 978-3-540-69084-9
eBook Packages: Computer ScienceComputer Science (R0)