Related Links

Top 5 Stories


RSA 2011: Sectors must collaborate to adopt global internet health model, says Microsoft’s Charney

15 February 2011

Today at RSA Conference 2011, Scott Charney, corporate vice president of Microsoft Trustworthy Computing, urged public and private sectors to adopt a proposal for a global internet health model.

In his keynote address about “Microsoft’s collective defense vision – a vision for getting security right on the internet”, Charney said that existing technology and organizational policies could be used to implement an aligned device health model that promotes trusted online experiences. “The goal of this model is to raise the basic level of hygiene and build an infrastructure to respond quickly when incidents occur”.

So, how can we adopt a public health model on the internet? “We need to mirror the steps that the health model takes. We educate people about the diseases (threats), we try and detect malware and botnets, we put anti-malware in place, we quarantine the infected, we use post-infection treatment and we track and control spread of malware and botnets”, he explained.

This model adopts a proactive not reactive model. “We will continue to look for the bad stuff, but also focus on finding and implementing goodness and promoting wellness in the health of machines”.

Charney announced that the recent trends in the industry — the increased use of mobile devices and cloud computing, the persistence of botnet threats, increased public awareness of online crimes, and growing public pressure for improved government cyber security policies – make it the right time for “industry and governments to adopt a solution that offers broad societal protections”.

Microsoft’s Charney suggested that far beyond needing a cybersecurity strategy, “we actually need four. The areas needing consideration are cybercrime, economic espionage, military espionage and cyberwarfare – which is the most complicated of all“, he said.

Charney demonstrated how existing technology might be applied to an online service to encourage “device health”. Notifying individuals of security problems or configuration issues in advance, he said, “provides a first step in transforming current computer security posture from reactive to preventative”.

“The world is changing and we need to work out how to adapt.” The next steps, Charney concluded, are “to continue focusing on trusted stacks, deploy robust identity systems and enhance collective defenses by applying the human health model to the internet”.


This article is featured in:
Cloud Computing  •  Internet and Network Security  •  Malware and Hardware Security


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×