Army Battling Information Security Issues With Bad Graphics, Bad Jokes, Stereotypes And Zero Engagement
from the if-the-'punchlines'-landed,-I'd-say-this-was-no-laughing-matter,-but dept
The US Army should be concerned about cyber security, especially given the recent situation in which a dangerous security flaw was swept under the rug by superiors who threatened to have the person highlighting the flaw jailed if he spoke to anyone else about it.
The flaw revolved around Common Access Cards (CAC), which are removed from the computer by the user after each session, automatically logging them out. Unfortunately, the log out process is slow and can be interrupted by a new user, who then can continue using the system under a different ID. The Army, after long ignoring the problem and threatening the reporting person with jail time, decided to address it by declaring Oct. 14-18 "Information Assurance/Cyber Security Week," because nothing fixes security flaws like themed events with mandatory handouts and instructional videos.
If the Army hopes this will provide a vast number of soldiers with much needed information, it's sorely mistaken. Tomorrow's the last day of "IA/CS Week" and, to date, the uploaded videos haven't attracted many views, as Justine Sharrock at Buzzfeed points out.
Well, Cyber Awareness Week has arrived, so we checked out the military's campaign. Here's the website which contains some recent comics and guidelines, as well as links to the Army's "On Cyber Patrol" videos.The Army's not going to make anyone's computer use any safer by assailing them with videos that, while containing some solid information, utilize stereotypes, bad jokes and some truly hideous graphic effects.
The video series, an Army CIO's information awareness initiative started in 2006, features hokey names, racial stereotypes, clip art era graphics, and dismal view rates — in some cases less than 100 after months online.
Here's one containing all three:
And here's one that uses a not-directly-named Chelsea Manning as its villain/refrain.
Whoever put together the webpage for this "event" must have been raised by elementary school teachers and bad webcomics. This is the picture that greets soldiers, most of them fully-grown adults with access to weapons and high-end technology, when searching for info related to the Army's cyber security event.
A picture like that only serves to set the tone that any viewers/readers/etc. will be talked down to about tech stuff they're already familiar with and, more horrifically, subjected to bad jokes and lousy graphics. On the plus side, the Army's videos are full of all three, so no one claim they weren't warned.
How this is meant to prevent problems like the one listed above is anyone's guess. All this seems to do is put a check mark somewhere one was previously missing and allow someone higher up to note that the Army is back "in compliance" with whatever it was that someone was griping about a few months back -- the incident(s) that led to this "Information Assurance/Cyber Security Week."
Nowhere is there any indication those responsible for this work are taking their job seriously. Sure, they may have put the hours in and considered it to be done well, but there's no effort being made to engage those who need the instruction most on anything more than a mind-numbingly remedial level. Faced with this, there's no reason to believe there will be any future improvement in either "Information Assurance" or "Cyber Security."