I seem have dedicated a lot of Twelve Word Tuesday posts to the issue of getting ISPs to be more active in filtering malware out of the incoming bits they sell us (see here and here and here.) This week a lot more verbose versions came out, with Google calling for ISPs to cooperate in doing more to block “malvertising” and other malware delivery mechanisms.
Last week at the Gartner Security Summit in Sydney, I talked to several people about the Australian Internet Industry Associations draft “eSecurity Code” that would detail uniform processes for detecting malware and compromised machines, notifying the effecting parties, and disconnecting the sources of attacks.
There have been fits and starts by ISPs at this “clean pipe” approach but it requires them to make investments – not just in the technology to do the filtering and blocking, but in all the operations and support functions that will be needed around it. The biggest impediment to carriers making that investment has been lack of demand – corporate RFPs for Internet connectivity aren’t asking about such features, let alone requiring them. In fact, many enterprises seem perfectly happy to pay carriers and other managed security service providers extra for managed services to filter those bits after they have been delivered. Isn’t that silly?
Imagine if the auto industry paid its suppliers for defective parts and paid the suppliers to take the defective parts back! Don’t blame the suppliers – its a great business model. Blame the people paying for the bad bits twice.
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.