The NCSA believes education is the key to protecting individual computers and networks.

"The biggest threat I see, in general, is that users don't understand the connection between what they do on a computer and how that affects the networks they use," said Michael Kaiser, the alliance's executive director. "We really believe the answer to cyber- security issues is sharing information. We don't believe one organization, nonprofit, school or parent can do it individually. It has to be done collectively."

However, only five states have mandated Internet security training for individuals, and fewer than one-third of all classrooms teach anything related to cyber-security, according to the NCSA. In addition, an estimated 60 percent of teachers admitted they don't feel prepared to teach cyber-security. To help remedy this education gap, the NCSA created a volunteer program that brings IT security professionals into classrooms to teach about cyber-security, ethics and safety.

A partnership between the FBI and private sector called InfraGard disseminates information and reporting among its members on cyber-crime and other major crime programs. Many private-sector members of InfraGard have improved internal education programs for their employees because individuals working for organizations are often the cause of security threats. The increasing use of portable technologies -- such as laptop computers, PDAs, BlackBerrys, phones and flash media -- containing sensitive information has made many organizations vulnerable to cyber-security threats.

"As industries become more global with outsourcing and you have computer files with product designs, such as CAD files, that are available electronically, it's very easy for those files to go where they shouldn't," said John Landwehr, a member of the San Francisco Bay Area InfraGard local board of directors.

Challenges and Requirements

Though educating employees is important, the idea of incorporating private citizens into cyber-security protocol is a challenging proposition, said Ronald Dick, president of the InfraGard national members alliance, because privacy issues must be addressed, enforcement would be difficult -- especially in other countries -- and service providers would also need to be included.

Dick, who is the former director of the FBI's National Infrastructure Protection Center, said there should be more stringent requirements on software developers and hardware manufacturers to increase Internet security. He's encouraged by Obama's recent attention to securing the country's critical Internet infrastructure, but said more work must be done to form effective collaboration between the public and private sectors.

"There is the realization that for our national security and the security of our information -- both from the public- and private-sector standpoints -- there has to be a partnership between the two sectors," Dick said. "It will not work without the two of them working together to better secure networks. There is this realization, but the question is: How do you execute it? There's a real searching on both sides on how do we make it work to protect the rights of citizens and the nation."