Over a century ago, individuals had to protect themselves with a gun, whether at home or walking in the streets.  We thought we were getting civilized when our law enforcement agencies became able to handle this level of criminality to protect the citizenry of our state and local areas.  Now with the growth in activity of the cybercriminal who is an unseen and an unknown assailant, what are we to do?  Throughout history, citizens would, at times, take on the role of vigilante and conduct their own form of justice to stop the criminal element.  Is this what we can expect these days in light of the ever growing spate of attacks from cybercriminals?

In today’s world is the traditional role of law enforcement able to shift into this new era of cyber criminality to help corporations and individuals?  So far, it appears the FBI is positioning itself to take on the role of supporting corporate America to defend against cyber attacks including things like espionage, IP theft and sensitive data theft.  There are various laws that contribute to awareness of theft that directly affect the citizens of this country such as the breach notification laws.  Additionally, companies like Symantec are supporting people around the world by providing the best protection capabilities money can buy – the electronic weapons to protect the corporate and home computer. But, who is responsible for protecting the individual citizens from cybercriminals?

One immediate thought is to outfit our current local and state law enforcement with the necessary skills and technology to take on the cybercriminal, but does that make sense?  It may take a very long time for the state and local folks to get there.  Perhaps they could take a lesson from the federal folks by forming separate eCrime divisions that focus directly on supporting citizens (some states have started already).  This seems to have some effect at the federal level. But, like with anything else the citizens ask for, what will this eventually cost in added taxes?  How should this be funded going forward so citizens don’t feel the added burden of a bad economy, stagnant salaries and continued growth of taxes?

I titled this blog Cyber Defense vs. Cyber Vigilante in an attempt to relate this to the vigilantes of yesterday when law and order was not available in a meaningful way. If the problem of cyber attacks continues to grow out of control, will we begin seeing citizens trying to do something more to protect themselves?  It’s not clear at this point if the problem’s gotten bad enough that general citizens will attack back or form vigilante squads to roam the wilds of the Internet, especially since most citizens don’t have the technical knowledge let alone the time to strike back at cybercriminals.  I think we’ll continue to mandate some level of federal, state and local government involvement to take care of this problem regardless of tax implications.  But more importantly, the general population most likely doesn’t have the time or inclination to deal with this beyond making sure they’re running the latest security technology to defend themselves.

This is a three-part series where parts two and three will contrast and compare Cyber Defense vs. Cyber Vigilante. In the next part of this series, I will layout the key aspects of Cyber Defense…stay tuned.