Several years ago when the Real-ID Act was making its way through congress I wrote both of my senators asking them to specifically vote against this measure… it passed unanimously because it was tied to an Iraq-war funding bill. I wondered how, in good conscience, the people we have elected to represent our interests could have possibly been so careless with our freedoms. It was a faith-shaking moment and I find myself now questioning the motivations of the government and wondering if they are doing nothing other than filling a vacuum that we have created by remaining apathetic about broader issues and volatile regarding emotional “hot-button” issues such as abortion, gun control, and gay-marriage.

So since information security professionals appear to be more plugged into these issues than the average person, what can we do to educate people in a more effective manner? Hopefully we can be more successful in this regard than I have seen or experienced us be in regards to security-awareness training efforts.

(I’m not, of course, advocating for terrorism or suggesting we take stupid risks, just that freedom is indeed worth taking a risk for and should not be given up lightly.)

2. We need to seriously think about the idea that we are partly responsible for terrorist incidents. Not that we are to blame, but that our actions overseas can set us up for problems – or make things better. This has been a forbidden area of discourse lately, but it shouldn’t be and it doesn’t mean one is unpatriotic.