Yes…there is such a thing as ‘good’ and ‘bad’ intermediaries…
•Even good ISPs tackle only a fraction of the bots in their network
•Evidence from recent study of the Dutch market suggests ISPs contact less than 10% of the customers that are infected at any point in time – this is after Dutch ISPs signed the Anti-Botnet Treaty
•This discrepancy is partially because ISPs do not widely collect data on infected machines in their networks
•This situation is similar or worse in many other countries
We developed the reputation metrics for the Dutch market independently, but in dialogue with the ISPs
•Government also asked us to not make the results public, but share them confidentially with the ISPs that were member of the ‘anti-botnet treaty’
In sum
•Reputation metrics can improve the functioning of ICT markets, reward “good” intermediaries and strengthen the incentives for cybersecurity
•Without the drawbacks of regulatory standards
•However, metrics need to become much more reliable and need to be extended to hosting, DNS, CAs, BGP, etc.
•Work towards including better data, better econometric methods and better collaboration with intermediaries
Much more:
http://iipvv.nl/sites/stw.demo.infi.nl/files/downloads/MvanEeten%20-%20ICT.OPEN%2022Oct2012.pdf
