Internet Service Providers are in a unique position to improve national cybersecurity, and a new report recommends they play a critical role in strengthening the cybersecurity landscape in the US.
According to a report released Friday by the President’s Council of Advisors on Science and Technology (PCAST) called Immediate Opportunities for Strengthening the Nation’s Cybersecurity, the federal government should create “policies that describe the desired behavior by ISPs as best practices” including working with the National Institute of Standards and Technology to establish standards for voluntary measures for ISPs to alert users about security issues.
Since ISPs lack both a legal obligation to act and any protection against subsequent liability, ISPs rarely notify customers about compromised machines or provide options for fixing the problem, the report said. While “it would not make sense to take actions that break the business model of ISPs,” providers could offer security services as an additional revenue opportunity. The report’s recommendation is quite obvious, and is something that most providers already offer.
Non-profit organizations like StopBadware have sought to make the Internet safer for users by encouraging cooperation among web hosts, ISPs and others.
This is just one recommendation in improving the state of national cybersecurity in the US. Others include improving the capacity to respond and share real-time cyberthreat data with private entities, and introducing third-party processes rather than government-mandated, “static lists of security measures.”