United States Not Among Nations with Lowest Malware Intrusion Risk
Insurance Experts' Forum, September 15, 2011
According to a report in a recent issue of Processor, researchers at Microsoft have found that nations employing computer security teams and proactive ISPs possess consistently lower rates of malware infection.
Microsoft says that Austria, Germany, Finland and Japan all had consistently lower infection rates than the global average—and that rates have stayed consistent since 2007. What makes the difference? According to the Processor article, Microsoft attributes the lower rates to “strong public-private partnerships that enable proactive and response capabilities.” These countries also have computer emergency response teams and ISPs that take an active role in monitoring and managing infection threats and create “an IT culture where admins respond quickly to system infections.”
Notable for its absence from the list of those with lower malware infection rates is the United States. The implication seems to be that we don’t do what it takes to enable proactive response to threats, and I’m afraid I really can’t argue against that implication. Certainly, the Obama administration and others have made noise about establishing security safeguards for our nation, but I have yet to see anything substantive. As I have said in this forum, the federal government’s idea of trying to create a “safe Internet zone” for our nation is a doomed strategy because, in fact, there are no safe zones. If such a zone were created, it would simply become a very tempting target for attackers, who would instantly realize that a lot of very valuable information could be had by cracking the zone’s perimeter.
So what are we to do? Why can’t we achieve the same levels of security protection seen in the nations named by Microsoft? Actually, I believe we can, but like many things in our great country, the impetus has to come from the business world rather than the bureaucracy. Insurance and financial services is a great place to start doing the things that work elsewhere. Is there any reason why we can’t create industry-wide computer emergency response teams manned by volunteers from industry players? And what about our dedicated industry vendors? Would they be willing to play a role in helping to deflect the increasing number of threats to the sensitive data vital to our survival?
Perhaps this sounds a bit too much like “It’s a Wonderful Life” to the more jaded of my readers, but really, haven’t we learned from our current economic woes that the government is terribly inept at handling crisis situations? Personally, I have much more faith in our vendors, the ISPs themselves and our own corporate community than I do in a Congress that recently earned a depressing 10 percent approval rating.
If we want this done right, we will have to do it ourselves. The only question is whether or not we have the will to make it happen.
Ara C. Trembly (www.aratremblytechnology.com) is the founder of Ara Trembly, The Tech Consultant, and a longtime observer of technology in insurance and financial services.
Readers are encouraged to respond to Ara using the “Add Your Comments” box below. He can also be reached at firstname.lastname@example.org.
This blog was exclusively written for Insurance Networking News. It may not be reposted or reused without permission from Insurance Networking News.
The opinions of bloggers on www.insurancenetworking.com do not necessarily reflect those of Insurance Networking News.
Add Your Comments...
If you have already registered to Insurance Networking News, please use the form below to login. When completed you will immeditely be directed to post a comment.
You must be registered to post a comment. Click here to register.