While certain cyberattacks focus on specific organizations, the majority target the largest number of internet users possible. Such attacks are often relatively easy for cybercriminals to undertake and can cause serious harm.
The impact of
indiscriminate malicious activity online can be significant and carries an
estimated global price tag of $6 trillion in 2021.
The World Economic Forum Centre for Cybersecurity brought together a
group of leading ISPs and multilateral organizations to develop new ways to
protect and prevent these attacks from reaching consumers. Following a year of
development and testing, four actionable principles were identified as
successful in preventing malicious activities from getting “down the pipes” to
consumers, set out in the report: Cybercrime Prevention: Principles
for Internet Service Providers.
BT, Deutsche Telekom, Du Telecom, Europol, Global Cyber Alliance,
Internet Society, Korea Telecom, Proximus, Saudi Telcom, Singtel, Telstra, ITU
endorsed these principles, protecting up to 1 billion consumers in 180
countries in the process.
“Cybersecurity is becoming a public safety issue,” said Amy Jordan, Delivery Lead, Platform
for Shaping the Future of Cybersecurity and Digital Trust, World Economic
Forum. As more and more devices are connected and physical infrastructure
becomes increasingly connected, no one company can do it alone. The community
needs to come together, and these principles can accelerate and scale impact.”
In the report, each principle is considered from the perspective of the challenges it
is seeking to address, as well as providing demonstrable evidence from service
providers of the benefits of implementation. Further, more technical detail on
how each principle could be implemented is also provided in related
recommendations.
“This initiative represents a fantastic example of the World Economic
Forum’s ability to convene public and private sector stakeholders to share and
implement industry best practice that helps not only the organizations
involved, but the users of the internet at large,” said Kevin Brown, Managing Director, BT Security.
“EUROPOL wholeheartedly supports the adoption of these principles by
Internet Service Providers worldwide because they have the potential to
significantly limit the harm caused by malicious cybercrime actors,” said Catherine de Bolle, Executive Director
of EUROPOL.
“The World Economic Forum’s ISP Principles are a superb collection of
actionable measures that providers can use to reduce malicious activity
online,” said Joseph Lorenzo Hall,
Senior Vice President, Strong Internet, Internet Society.
“By adopting these best practice principles and working with governments
in a public-private partnership to create a supportive policy framework, we
will collectively boost trust in the digital economy and significantly reduce
cybercrime,” said Stefaan De Clerck,
Chairman, Proximus Board.
“As a nation, and as the digital enabling company, we are exposed to all
sorts of attacks, which forced us early on to heavily invest and build world
class cyber capabilities to become fully resilient. Guided by these four
principles we encourage other ISPs to leverage them in defining their
strategies and gain confidence by joining other global partners.” said Nasser Suliaman AlNasser, Saudi
Telecom Group (stc) CEO.
It is recommended that ISPs adopt the following key principles:
1. Protect consumers by default from widespread cyberattacks and act
collectively with peers to identify and respond to known threats.
2. Take action to raise awareness and understanding of threats and
support consumers in protecting themselves and their networks.
3. Work more closely with manufacturers and vendors of hardware,
software and infrastructure to increase minimum levels of security.
4. Take action to shore up the security of routing and signalling to
reinforce effective defence against attacks.
The World Economic Forum, will now use its Platform for Shaping the Future of
Cybersecurity and Digital Trust to drive
adoption of the Principles and seek to initiate a dialogue between public- and
private-sector stakeholders on how governments can incentivize uptake and
establish clearer policy frameworks and expectations. By working
collaboratively, ISPs will be better placed to protect their customers and
defend their own networks than if they work alone.