As Internet security threats continue to evolve, this overview outlines strategies that businesses can use to help decrease these threats.
The unprecedented connectivity of the Internet age
has led to enormous social and economic benefits, but
has also introduced numerous new challenges. In a fully
connected world, Internet security threats continue
to evolve, keeping ahead of the most advanced defenses.
Network-based security threats have led to widespread identity theft and financial fraud. Spam, viruses, and spyware cause significant problems for consumers and businesses. A security breach may irreparably damage a company's brand or reputation. In the United States, Internet security issues threaten to slow the national adoption of electronic medical records. In the European Union, consumer confidence regarding Internet security and data protection is a barrier to the more rapid expansion of e-commerce across member state borders.
Today’s information attacks are a profitable business enterprise and are often controlled by organized crime syndicates. A growing number of sophisticated cybercrime business models, including the emergence of criminal enterprises, are built around selling tools and services for launching network attacks, rather than simply selling information gained from attacks.
Internet security technology continues to advance, changing from passive, point product-based to active, end-to-end approaches to recognition, containment, and quarantine. In addition, Internet Service Providers (ISPs) are competing on security and consumer ISPs offer Internet security as part of their service.
Policy makers around the world are focused on the state of the information infrastructure. Policy makers want to ensure that users of networks employ the best technology and process practices to make networks as secure as possible. Governments and businesses continually update their strategies to prevent attacks, and public-private partnerships have been formed to develop voluntary, market-based approaches to security.
Cisco believes that governments can help decrease Internet security threats by:
- Raising consumer and industry awareness of the importance of network security
- Educating users about best practices
- Using best practices to secure their own systems
- Funding long-term research and development
- Aggressively enforcing the laws against cyber crime and prosecuting criminals that use or attempt to use the network for theft, fraud, extortion, or other crimes
- Increasing cooperation at an international level with other governments, law enforcement agencies, and the private sector on the socialization of best practices and international prosecution of cybercrime
Cisco does not believe that governments should regulate security. In general, regulation:
- Stifles innovation by picking and choosing specific technology, rather that letting market competition develop the best and most advanced solutions
- Does not advance quickly enough to keep pace with current industry needs and newly posed threats
- May actually decrease Internet security by creating specific points for systemic failure