Get on-the-go access to the latest insights featured on our Trustworthy Computing blogs.
Botnets and other malware continue to threaten the computing environment online that our society relies upon for communication, commerce and collaboration. In the past several years, we along with industry partners have made great strides toward containing and even pushing back against security threats and collaboration is essential to driving this change in the IT ecosystem. We continue to believe a coordinated approach among industry participants is needed to help protect consumers, businesses and governments from cyber threats.
Today the U.S. Federal Communication Commission’s (FCC) Communications Security Reliability and Interoperability Council (CSRIC) voted to approve the Anti-Bot Code of Conduct for Internet Service Providers. The code represents an important commitment by the nation’s leading ISPs to help consumers prevent, detect and remediate bot infections. To participate in this Code, an ISP will engage in at least one activity in each of the following general areas:
The code importantly covers all phases of botnet response. Education and prevention are critical to getting ahead of the problem. When an infection does occur we want to be able to detect it quickly and accurately before further harm can be done. ISPs can then notify the affected consumer in a manner that maximizes effectiveness and resists fraud. Finally, consumers are connected with guidance and tools to remediate the infection and bolster defenses against future threats. I’d be remiss to point out that the contents of this code are heavily based in the outstanding efforts that several ISPs already perform to help protect their customers.
I’m excited to see the United States join the growing roster of countries including Australia, Germany and Japan who have instituted similar codes or programs to help protect consumers from botnets. Managing these risks can be a daunting task, but absolutely achievable with a strong vision, global collaboration and perseverance to do the right thing.
Kevin Sullivan Senior Security Strategist Trustworthy Computing