Microsoft: International cyber-pacts can reduce malware
A new report looks at the link between factors such as broadband adoption and Facebook use and malware attacks
IDG News Service - Countries that have signed on to international cybersecurity agreements tend to have fewer malware infections among their citizens, according to new research released by Microsoft and George Washington University.
Countries that have signed the 2001 Council of Europe Cybercrime treaty or the 2004 London Action Plan on spam tend to outperform other countries in a key cybersecurity measure, said the report, released Wednesday by Microsoft and George Washington University's Homeland Security Policy Institute.
While simply signing on to an international cybersecurity agreement may not have an impact on the metric, computers cleaned per mile, or CCM, the agreements often come with requirements for countries before they can sign on, said Paul Nicholas, senior director of global security strategy and diplomacy at Microsoft.
The requirements from the agreements include methods for international cooperation on cybercrime that "can evolve with the changing threat landscape," he said.
To sign on to the agreements, countries "had to go and build capabilities, they had to change laws," Nicholas added.
Beyond the international agreements, researchers found 34 factors that correlate with a stronger national cybersecurity posture. Among the factors that correlated with a lower CCM number were computers per capita, Facebook use, health expenditures per person, broadband penetration, and research and development spending.
However, Microsoft and George Washington found that countries with a defensive strategy for cybersecurity don't necessarily have low CCM rates. "The expression of military doctrines for cyberspace is a novel and ongoing development," the report said.
Countries with the lowest CCM, according to the report, included Australia, China, Japan, Sweden and France. The U.S., U.K., Russia, South Africa, Spain and Argentina had slightly higher CCM rates.
Among the countries with the highest CCM: Turkey, Egypt, Pakistan and Iraq.
Microsoft, in the report, noted that CCM isn't a perfect measure of cybersecurity posture in a country. And a low CCM number doesn't mean that a country is safe from cyberattacks, Nicholas said. "You're safer than you were, but you're not yet safe," he said. "Certainly, there are a lot of painful things happening in the world right now."
Authors of the report hope it will be helpful to policymakers in countries looking to increase their cybersecurity posture, Nicholas said. Policymakers and cybersecurity experts in many parts of the world are currently talking about new ways to cooperate internationally and improve national cybersecurity responses, and those are "very positive" discussions, he said.
Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is firstname.lastname@example.org.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts