At a keynote speech delivered at the RSA Security Conference, Scott Charney–Microsoft corporate vice president for Trustworthy Computing–reiterated a vision for the future of Internet security. Charney painted a picture of a collaborative approach to Internet and PC security modeled after the processes used to respond to global health epidemics.
Microsoft describes why the timing seems to be right for driving this vision forward, citing the increased use of mobile devices and cloud computing, the persistence of botnet threats, increased public awareness of online crimes, and growing public pressure for improved government cyber security policies. These factors combine to create a unique opportunity.
I spoke with Jeff Jones, director of Microsoft Trustworthy Computing, who explained that Microsoft is careful not to presume ownership of the solution, or even to suggest that there is a single solution. The collaborative vision for building a safer and healthier Internet is not about a specific product or service.
However, by proactively driving the conversation, Microsoft hopes to get the various parties and stakeholders cooperating for the common good. Without a team effort, different vendors or service providers may develop conflicting proprietary solutions that will muddy the issue and make it more complex for consumers and businesses to navigate, and more difficult for the Internet as a whole to benefit.
Granted, there will be hurdles and obstacles to overcome. When you are dealing with the global Internet, there are different laws impacting the use and control of the Internet, as well as social and cultural differences regarding what is acceptable on the Internet, and differences in the economic and technological ability to monitor for or block threats.
As Microsoft and Charney have pointed out, though, these factors are not all that different from the factors that impact global healthcare. There are different laws, different cultural expectations, and different economic and technologic limitations for medicine and healthcare that vary from country to country. But, that hasn’t stopped us from creating a global system for identifying and responding to epidemics or pandemics that could have a broader impact on the world as a whole.
In the case of a potential health pandemic, one of the first goals is to contain the spread of the disease. That means that an entire country may be effectively quarantined–like Mexico during the H1N1 Swine flu outbreak in 2009–although a relatively small percentage of the population is actually sick. Internet health can be addressed the same way–shutting down the network pipe in and out of a country identified as having a malware outbreak in order to quarantine the threat until a “vaccine” or “cure” can be found.
It’s just one approach. The bottom line, though, is that the world shares the Internet and everyone–from consumers, to Internet service providers, to hardware and software vendors, to companies of all sizes and governments at all levels–has a vested interest in working together to make sure threats are eradicated quickly, and the Internet stays as safe and healthy as possible.