Report Release: What Internet Security Can Gain From a Public Health Approach
NEW YORK, June 4, 2012 – The Internet puts people, systems, and networks in constant contact worldwide, and it needs a global, coordinated effort to protect digital systems from online threats-just like the public health community's efforts to defend our bodies from illness.
That's the argument of a new report released by a team of experts convened by the New York-based EastWest Institute (EWI) and sponsored by Microsoft Corporation. The report examines how the model of international public health can inform efforts to track and block malware and other malicious actors.
“For years, we have talked about computers being infected by viruses,” said EWI President John Mroz. “With this breakthrough report, we have the opportunity to treat the health of the entire Internet as a shared problem needing cooperative solutions.”
Cybersecurity problems like malware, botnets, and vulnerabilities need to be monitored and analyzed, the paper argues, just like the U.S. Centers for Disease Control and the World Health Organization monitor epidemic and study pathogens. Just as hand-washing and immunization can help prevent illness, education about threats to computer systems and measures to defend them have broad application.
“A public health model encompasses several interesting concepts that can be applied to Internet security,” said Scott Charney, vice president of Trustworthy Computing at Microsoft. “As use and reliance on the Internet continues to grow, improving Internet health requires all ecosystem members to take a global, collaborative approach to protecting people from potential dangers online.”
Contributors to the report included experts from numerous countries, representing universities, telecommunications companies, government computer emergency teams, and think tanks, among other groups.
The public health model isn't a perfect fit, the authors note. Computers have no naturally occurring immune system, for example, and human viruses don't attack on purpose. Still, the study finds that the systemic perspective of public health provides useful suggestions for how to promote Internet health.
This study of Internet health is part of a broader program of EWI-sponsored groups who gather to build concrete recommendations to solve prominent cybersecurity problems. Among others, the groups have produced already-released recommendations to increase the reliability of undersea cables and forthcoming research on international priority communications-systems that allow emergency services to operate when communication networks are overloaded, such as during a natural or national security disaster.
After successful meetings in Dallas in 2010 and London in 2011, the EastWest Institute's Worldwide Cybersecurity Initiative will hold its third Worldwide Cybersecurity Summit in New Delhi in October 2012.
Graham Webster, EastWest Institute, New York
firstname.lastname@example.org, +1 212 824 4145
Dragan Stojanovski, EastWest Institute, Brussels
email@example.com, +32 2 743 4620
About the EastWest Institute
The EastWest Institute is an international, non-partisan, not-for profit policy organization focused solely on confronting critical challenges that endanger peace. EWI was established in 1980 as a catalyst to build trust, develop leadership, and promote collaboration for positive change-affecting change by turning dialogue into meaningful results. The institute has offices in New York, Brussels and Moscow. For more information about the institute, please visit http://www.ewi.info.