The parallels between real-life viral epidemics and internet viruses is obvious. It’s the whole reason that fast-spreading malicious computer programs were called viruses in the first place.
It stands to reason then that stopping computer malware from spreading should mirror efforts to collectively protect people from public health risks, said Scott Charney, corporate vice president for trustworthy computing at Microsoft. He made the remarks in one of the opening keynotes at the RSA security conference in San Francisco this morning. That means companies, governments and other entities will have to collaborate to eliminate risks to everyone, rather than just look out for themselves.
Charney urged the government to create a bullet-proof identification system that creates online trust and preserves privacy. Companies should also keep making their defenses more secure. But greater effort should be put into the collective defense of the internet, Charney said.
Much like public health risk, the effort to deal with cyber risks should focus on reducing behavior that leads to attacks through education. You can inoculate yourself against disease by running antivirus programs. And once someone is infected, a whole apparatus should move into action to contain the threat and keep it from spreading. That effort should take place on a local, national and international level, Charney said.
“Most of our efforts today are reactive, but we need to be proactive,” Charney said. “We promote wellness and exercise to promote public health. We can promote wellness for the internet.”
For those who don’t do their part, there should be consequences. After all, if children aren’t vaccinated, they aren’t allowed in school.
“We need to make sure that people understand this is an integrated and shared domain that faces a lot of emerging threats,” he said.
It’s not a bad analogy. It would be nice to see progress being made on this front. Instead, the malware problem seems to be as big as ever, based on the latest reports.