Skip to content
Microsoft Secure

The Internet population is expected to double from over 2 billion users today to more than 4 billion by 2020. We are likely to see some considerable advancements in technology, use and approach during this time as the Internet continues to evolve to better meet peoples’ needs. This amount of growth and innovation is exhilarating, a bit disorienting, and to some, even scary. The need to come to grips with the opportunities and challenges posed by our increasingly connected world prompted some fresh thinking about how to apply existing models from the “real world” to improving the overall health and safety of the Internet.

Scott Charney’s paper “Collective Defense: Applying Public Health Models to the Internet” and the follow up report from EastWest Institute “The Internet Health Model for Cybersecurity” propose re-architecting the security foundations of the Internet through international coordination and collective action modeled closely to that of the public health system. These documents help to exemplify and focus some very important discussions and efforts on how individual consumers, governments and industry players such as service providers can better work together to improve device health and promote commonly accepted approaches for notification and remediation.

While device health is essential, it is also important to understand how application health can increase the speed of response to malicious software issues. The United States Department of Homeland Security sketched out what such an approach might look like in their paper “Enabling Distributed Security in Cyberspace.” One of the three building blocks identified was the use of automation to greatly enhance the ability to quickly detect and respond to new threats on the Internet. To that end, DHS, along with the US National Institute for Standards and Technology (NIST) published a “Cyber Ecosystem RFI” seeking input on the role that automation can play in delivering safer more trusted computing experiences for everyone. This is a great time to start the conversation about the opportunities as well as the limitations that automation can play. We plan to expand on our thinking in a forthcoming whitepaper, but wanted to touch on a few key points that we raised in our response to the RFI. We noted that to be effective, any automation framework must:

  • Be interoperable, extensible, and standards-based to be effective.
  • Be voluntary and respect user privacy, being built from the ground up with privacy in mind.
  • Be international in scope and built on international technical standards.
  • Include capabilities, controls, and processes for dealing with attempts to attack, misuse, or exploit the system, with special attention given to dealing with false positives.

This will be an interesting and important dialogue to have as we all work together to build safer, more trusted computing experiences while protecting user choice and privacy. Keep an eye on this space!