Site Sponsor:

mcafee_logo.gif
line

Now Available:

Featured Resource:

line

Realtime Communities

line

Newsletter

Email Address:


line

Monthly Archives

line

RSS

line

Ask the Expert

Have a question for our resident expert? Email your questions to Dan or post a comment to the blog.

« To Kill A Botnet | Main | Super Strength Threats & Resilient Malware »

Role of ISPs in Customers' Security

In a post last Friday on disrupting botnets I argued that ISPs should have a greater role. At the same time I noted this wasn't an ideal solution and when it comes to implementation, there will be elements many of us won't like. The role of ISPs in combating distributed denial of service (ddos) attacks came up in during a panel discussion at a security conference and it showed some clear difference of opinions.

A report in Kazinform on the InfoSecurity Europe conference quoted panelists with distinctively different views on the question of ISP's responsibilities. Roberto Preatoni of Zone-H and WabSabiLabi argued:

"Actually, I don't think the ISPs should have any role in security," ... "In my opinion, that's like asking the Royal Mail to be responsible for the quality of your post."

Jason Creasey of Information Security Forum challenged that view:


"I believe ISPs can play a phenomenal role in security, with a little bit of legal pressure," he claimed.

Creasey's view is more in line with what I argued last week. ISPs have responsibility but that, along with their liability, needs to be clarified and codified.
.

Tags:          
 Email This!  Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Dan Sullivan on May 5, 2008 8:46 AM |

TrackBack

TrackBack URL for this entry:
http://www.realtime-websecurity.com/type/mt-tb.cgi/722

Post a comment

(All comments are approved by site leader before appearing here. Thanks for commenting!)

Search

line

Most Active Posts

line

Library Resources

line
line

Recent Posts

line

Categories

line

Latest White Papers

line

Blog Roll

line

Dan Sullivan's Bio:

Dan Sullivan is a systems architect with 20 years of IT experience that includes engagements in enterprise security, application design, and systems architecture. His experience includes a broad range of industries, including financial services, manufacturing, government, retail, gas and oil production, power generation, and education. Dan’s security-related project work has ranged from requirements analysis for enterprise information security to designing and implementing security for database applications and enterprise portals. Dan has written about information security and other enterprise information management topics for Business Security Advisor, DM Review, Intelligent Enterprise, and E-Business Advisor. You can contact Dan at: dan_sullivan@realtimepublishers.net