Continuing our look into our special Heartbleed Anniversary report, we turn to Catherine Lotrionte, Director of the Georgetown University Cyber Project, and what she had to say in our special expert’s video.

With the report showing that very few consumers even remembered the events of Heartbleed, Lotrionte believes that a sizable awareness drive is needed to educate the public on the scale of anti-smoking campaigns of yesteryear: “It used to be socially acceptable to smoke anywhere, however over time we were educated on the potential health hazards of smoking by government and the media. (When it comes to online security) it’s crucial the government fulfil this educational role so habits change over time.”

As the data from our special report showed, Lotrionte believes the same lack of public understanding can be spoken of when it comes to passwords. “While we’ve been educated to know that social security and financial details are not something you put out there, we do not feel the same about our passwords”, despite the fact that our password are intrinsically linked to such important details.

When it comes to education, Lotrionte also points to the need for a further demographic shift in focus: “We need to reach to younger ages that are not currently getting enough education. Kids as young as first graders are online, however right now the government is targeting older people.”

For online security to improve, passwords must to be at the core of the argument, as Lotrionte states that “The statistics show that most of the work that can be done on security comes down to basic online hygiene. Certainly, passwords are key. It’s shocking to find out about how poor password security is even though they are the frontline of our defence.”

When asked what the biggest online security threats for corporations are, Lotrionte cited APTs (advance persistent threats), saying that companies will “need to understand when they’ve been compromised and how to respond through resiliency methods once they’ve been compromised. Once they’ve been intruded they must protect that data to the best of their ability. Companies will also have to be on top of government regulations, from liability issues to standards imposed.”

Want to hear more of what Lotrionte has to say? On Monday Professor Lotrionte hosted some of the world’s leading cybersecurity and privacy experts for her annual Cyber Engagement event at Georgetown University. And don’t forget to take another look at our special Heartbleed report and video.