A (digital) surgeon-general

Most people, it’s fair to say, know nothing about cyber-security.

As an example, consider the statistical analysis of British National Cyber-Security Center: it projects that as many as 23 million people worldwide use 123456 as an online password. It’s not as though consumers don’t know that cyber-security is a worry: the same analysis concludes that fully 42% of UK citizens expect to lose money to cyber theft. And yet, here we are.

If you’re reading this, you likely know to have difficult-to-crack passwords, and know what “2fa” means, and have perhaps deployed it yourself. You’ve been careful to put difficult-to-crack passwords on your bank account(s), and made it so that your phone won’t be open to anyone who can trace your greasy fingers’ path on the screen. Even that is not good enough.

Of course, your mobile phone has rung with mysterious spam calls that open with someone speaking Chinese: even if you don’t speak Chinese. These are, it turns out, carefully-constructed calls, encouraging elderly US-resident Chinese speakers to fret about the integrity of their bank accounts and … to give the log-in information to the helpful caller to debug the problem - who then siphons out the account’s contents.

What to do?

In the USA, we have, I believe, been down an analogous path before - with the establishment of the Office of the Surgeon General, which emerged in the 1870s to provide health advances first to Marines, and then to the general public. The office’s website defines the mission as follows: “The U.S. Surgeon General is the Nation’s Doctor, providing Americans with the best scientific information available on how to improve their health and reduce the risk of illness and injury.” 

While the Surgeon General has not always covered itself with glory (especially with its anemic pushback on the health effects of smoking), it has been steady in providing advice on health and hygiene, nutrition and injury to the USA.

Imagine if we had an analogous role, perhaps located inside the Office of Science and Technology Policy (an office established by Congress), with a digital surgeon general advising citizens and companies of the USA on digital hygiene. What a password should look like; how often it should change; what to do if you think you’re being hacked; what phishing is; … and to raise the nation’s expectations on cyber security awareness and preparedness.