Democracy & Elections

Who Cares About Cybersecurity?

Paul Rosenzweig
Monday, March 12, 2018, 12:23 PM

In the professional world of Lawfare (national security, homeland security, intelligence, privacy and civil liberties) nobody would doubt the salience of questions of cybersecurity. They seem to resonate across many dimesions and to pose some of the most vexing legal and policy questions. What to do, for example, about encryption is an issue that has generated far more heat than light and continues to divide analysts in ways that confound resolution.

Published by The Lawfare Institute
in Cooperation With
Brookings

In the professional world of Lawfare (national security, homeland security, intelligence, privacy and civil liberties) nobody would doubt the salience of questions of cybersecurity. They seem to resonate across many dimesions and to pose some of the most vexing legal and policy questions. What to do, for example, about encryption is an issue that has generated far more heat than light and continues to divide analysts in ways that confound resolution.

But if you asked the mythical “average” person what they thought about cybersecurity, it seems that there is much less concern. At least that is the reasonable inference one can draw from what people actually do to protect themselves. Perhaps that is the wrong prism through which to ask the question, but it seems reasonable to base a judgment on the premise that “actions speak louder than words.” Last month we asked public opinion questions concerning personal cybersecurity using . The short answer: Very few people make any effort at all to protect themselves—evincing at least facialy a disregard for cybersecurity concerns.

Here are the questions we asked:

  • Do you encrypt data on your phone or computer?
  • Do you ever use an anonymous browser like Tor?
  • Do you use a password locker or storehouse like LastPass or OnePass?
  • Please think of the password you use most often. How many letters or numbers or characters long is it?
  • Have you ever had personal information of yours stolen from a company you patronize, like Target or Home Depot?

Paul Rosenzweig is the founder of Red Branch Consulting PLLC, a homeland security consulting company and a Senior Advisor to The Chertoff Group. Mr. Rosenzweig formerly served as Deputy Assistant Secretary for Policy in the Department of Homeland Security. He is a Professorial Lecturer in Law at George Washington University, a Senior Fellow in the Tech, Law & Security program at American University, and a Board Member of the Journal of National Security Law and Policy.

Subscribe to Lawfare