NOTE: A set of PowerPoint slides explaining Collaborative Securityis available for use in presentations.
People are what ultimately hold the Internet together. The Internets development has been based on voluntary cooperation and collaboration. Cooperation and collaboration remain the essential factors for the Internets prosperity and potential.
Collaborative Security is an approach that is characterized by five key elements:
Achieving security objectives, while preserving these fundamental properties, rights and values is the real challenge of cybersecurity strategy. The design and implementation of security solutions should be undertaken with consideration as to the potential effect they might have these fundamentals.
Everyone has a collective responsibility for the security of the Internet: multistakeholder cross-border collaboration is an essential component.
Commercial competition, politics and personal motivation play a role in how well collaboration happens. But, as collaborative efforts have demonstrated, differences can be overcome to cooperate against a threat. Such voluntary as-needed working for the benefit of everyone collaboration is remarkable for its scalability and its ability to adapt to changing conditions and evolving threats, yielding unprecedented efficacy.
Informed by these reflections, we introduce the term Collaborative Security to describe our approach for tackling Internet security issues.
Collaborative Security is an approach that is characterized by five key elements. These are described below.
1. Preserving opportunities and building confidence
The Internet enables opportunities for human, social and economic development on a global scale. Those opportunities will only be realized if Internet participants have confidence  that they can use the Internet for secure, reliable, private communication all across the world.
A security paradigm for the Internet should be premised on fostering confidence and protecting opportunities for economic and social prosperity, as opposed to a model that is based simply on preventing perceived harm. Moreover, security solutions should advance that objective in design, and in practice. Otherwise, security solutions may go too far, thereby jeopardizing the very infrastructure that ties together the global economy, and provides the engine for its growth.
2. Collective Responsibility
The Internet is a global interconnected network of networks. It is, in effect, a global common resource and a highly interdependent system. Participation on the Internet means global interdependency.
In an interconnected interdependent system, no one participant can achieve absolute security. And, no security solution exists in isolation. There will always be threats, so it is useful to consider security in terms of residual risks that are considered acceptable in a specific context.
Internet security depends not only on how well participants manage security risks they face, but also, importantly, how they manage security risks that they may pose to others (whether through their action or inaction) the outward risks.
These factors mean that Internet participants have:
Furthermore, if Internet participants act independently and solely in their own self-interest, not only will the security of the Internet be impacted: the overall pool of social and economic potential that the Internet offers the global community will also diminish. Therefore, Internet participants need to see this as a long-term investment for the benefit of everyone.
Note: The scope of collective responsibility extends to the system as a whole: it is not the same as asking everyone to be responsible for their part of the ecosystem. Therefore, collective responsibility requires a common understanding of the problem, shared solutions, common benefits, and open communication channels .
Multistakeholder cross-border collaboration is an important component of collective responsibility. Its success depends on trustful relationships between nations, between citizens and their government, between operators, service providers, and across all stakeholders.
3. Security solutions should be fully integrated with rights and the open Internet
Security solutions should be fully integrated with the important objectives of preserving the fundamental properties of the Internet (open standards, voluntary collaboration, reusable building blocks, integrity, permission-free innovation and global reach (also known as the Internet Invariants ) and fundamental human rights, values and expectations (e.g. privacy, freedom of expression).
Any security solution is likely to have an effect on the Internets operation and development, as well as users rights and expectations. Such effects may be positive or negative. From our perspective, it is important to find solutions that support the Internet Invariants and fundamental rights and values.
4. Security solutions need to be grounded in experience, developed by consensus and evolutionary in outlook
Security solutions need to be flexible enough to evolve over time. We know that technology is going to change and threats will adapt to take advantage of new platforms and protocols. Therefore, solutions need to be responsive to new challenges.
Like a human body that may suffer from viruses, but gets stronger and more resilient as a result, new technologies, solutions and cooperative efforts that build on lessons-learned make the Internet more resilient to threats.
Experience shows us that, in a quickly evolving system such as the Internet, an open consensus-based participatory approach is the most robust, flexible and agile.
Partial solutions and staged deployment are important and should be taken seriously. A collection of incremental solutions may be more effective in practice than a grand design. Even if an approach does not solve the problem completely, it might help to contain it, or to change the economic equation significantly enough, so as to make the vulnerability much less attractive to malicious actors.
The focus needs to be put on defining the agreed problem and finding the solution. We also need to make space for the new, the innovative and the odd. We need to be prepared to test disruptive or non-traditional ideas.
In the end a process, which draws upon the interests and expertise of a broad set of stakeholders is likely to be the surest path to success.
5. Targeting the point of maximum impact: think globally, act locally
Security is not achieved by a single treaty or piece of legislation; it is not solved by a single technical fix, nor can it come about because one company, government or actor decides security is important.
Creating security and trust in the Internet requires different players (within their different responsibilities and roles) to take action, closest to where the issues are occurring.
Typically, for greater effectiveness and efficiency, solutions should be defined and implemented by the smallest, lowest or least centralized competent community  at the point in the system where they can have the most impact.
Such communities are frequently spontaneously formed in a bottom-up, self-organizing fashion around specific issues (e.g. spam, or routing security) or a locality (e.g. protection of critical national infrastructure or security of an Internet exchange).
As much as possible, solutions should be based on interoperable building-blocks e.g. industry-accepted standards, best practices and approaches.
We believe that this Collaborative Security approach for addressing Internet security issues is critical for ensuring the future of the open Internet as a driver for social and economic innovation. As a network of networks without centralized control, the security of the Internet cannot be maintained by any single entity or organization. It is important that these issues be addressed by all stakeholders in a spirit of collaboration and shared responsibility in ways that do not undermine the global architecture of the Internet or curtail human rights. The Internet is for everyone: lets work together to realize its full potential.
See Internet Invariants: What Really Matters http://www.internetsociety.org/internet-invariants-what-really-matters
In this context, an Internet participants confidence is formed, among other things, taking into account the degree of perceived security risk associated with using the Internet and whether that degree of risk is acceptable while protecting opportunities for economic and social prosperity. A better understanding of actual risks and how to reduce them to an acceptable level are two main factors that build confidence.
Please refer to Understanding Security and Resilience of the Internet http://www.internetsociety.org/sites/default/files/bp-securityandresilience-20130711.pdf
See Internet Invariants: What Really Matters http://www.internetsociety.org/internet-invariants-what-really-matters
In politics, such approach is called a Subsidiarity principle: Solutions should be defined and implemented by smallest, lowest or least centralized competent authority. We feel that the word community better matches the sense of bottom-up development. http://en.wikipedia.org/wiki/Subsidiarity
Read more about specific examples: Introducing Collaborative Security, our approach to Internet security issues by Internet Society CITO Olaf Kolkmann
Collaborative Security: An approach to tackling Internet …
- Comodo Antivirus - Best Virus Removal Software 2018 - January 13th, 2018
- ZoneAlarm Antivirus Software | Virus Protection & Firewall - January 13th, 2018
- What Is the Meaning of Internet Security? | Techwalla.com - January 12th, 2018
- Download Avast Internet Security 17.7.2314 - FileHippo.com - January 12th, 2018
- Vipre Antivirus VIPRE Internet Security - January 12th, 2018
- AVG Internet Security 2018 License Key With Crack Full Version - January 8th, 2018
- CA Internet Security Suite Plus - Download - December 27th, 2017
- Norton Internet Security - Download - December 20th, 2017
- Best Internet Security 2017 - Total Security Software for ... - December 20th, 2017
- Get the Best Internet Security Software of 2016! - December 20th, 2017
- Internet Security Administrator: Job Description and Requirements - December 19th, 2017
- Top 10 Cheap Antivirus and Internet Security Protection for ... - December 19th, 2017
- Download AVG Internet Security Unlimited - FileHippo.com - December 19th, 2017
- Norton Internet Security - softpedia.com - December 19th, 2017
- Internet Security - Cisco - December 19th, 2017
- Best Antivirus Software, Internet Security & Malware Removal - December 19th, 2017
- internet security | eBay - October 26th, 2017
- Avast Internet Security Download - softpedia.com - October 20th, 2017
- Internet Security Software | Trend Micro - October 3rd, 2017
- Lenovo Faces No Significant Penalty for Security-Destroying Superfish Debacle - ExtremeTech - September 7th, 2017
- 25% Upside Seen In Palo Alto, Argus Research Upgrades To Buy - Benzinga - September 5th, 2017
- How to: Your essential guide to internet security - PC Authority - September 5th, 2017
- Internet security startup founded by former CIA analyst raises $40 million - San Francisco Business Times - September 2nd, 2017
- CyberRehab's mission? To clean up the internet, one ASN block at a time - The Register - September 2nd, 2017
- Kaspersky Lab launched updated versions of Kaspersky Internet ... - Software Testing News - September 1st, 2017
- Cloud-based CAE HPC Partnership Focuses on Speed and Security of Data Transfer - ENGINEERING.com - September 1st, 2017
- China's cybersecurity law grants government 'unprecedented' control over foreign tech - The Register - September 1st, 2017
- Symantec CEO Sees Broad-Based Internet Security Threats - Bloomberg - August 31st, 2017
- Expert warns sexting is seen as normal by many young people - Evening Echo Cork - August 31st, 2017
- Internet Explorer - Wikipedia - August 30th, 2017
- Your essential guide to internet security - IT PRO - August 30th, 2017
- DUO to increase student internet security - The Crimson While - August 30th, 2017
- Online threats lead to real-world harm, say security experts - CNBC - August 30th, 2017
- Net neutered: When ISPs like Comcast crash the cloud - ZDNet - August 30th, 2017
- Upgrade your internet security with Private Internet Access VPN ... - Popular Science - August 28th, 2017
- Internet 101 Survey results show disconnect between confidence and Internet user knowledge - TechSpot - August 28th, 2017
- Leak of >1700 valid passwords could make the IoT mess much worse - Ars Technica - August 27th, 2017
- How to Choose the Best Internet Security Software? | Bdaily - Bdaily - August 25th, 2017
- China overtakes Belgium on world innovation index - TechNode (blog) - August 25th, 2017
- Zephyr Cove internet security company enters into Paten Standstill Agreement - Northern Nevada Business Weekly - August 25th, 2017
- Internet key to farm security, farmer Bruce Crafter says at Farm Security and Farmers Health Expo in Bendigo - Bendigo Advertiser - August 25th, 2017
- Q2 2017 Akamai State Of The Internet / Security Report Analyzes Re-Emergence Of PBot Malware; Domain Generation ... - PR Newswire (press release) - August 25th, 2017
- OneLogin is Changing How We Think About Internet Security - HiTechChronicle - August 25th, 2017
- Q2 2017 Akamai State Of The Internet / Security Report Analyzes Re-Emergence Of PBot Malware; Domain Generation ... - GuruFocus.com - August 23rd, 2017
- Getting serious about research ethics: Security and Internet Measurement - Freedom to Tinker - August 23rd, 2017
- Dozens of pro-Trump rallies retreat to internet, insist it's not due to poor attendance - Mashable - August 22nd, 2017
- Ransomware Victims Pay Much More Than Just the Ransom - eWeek - August 22nd, 2017
- A Very Dumb Mistake Costs Cryptocurrency Investors Big Time - WIRED - August 22nd, 2017
- WomensLaw.org | Internet Security - August 20th, 2017
- Facebook Awards $100K for Spear Phishing Security Research - eWeek - August 19th, 2017
- Resilience, Emergencies and the Internet: Security In-Formation - Peace Research Institute Oslo (PRIO) (press release) - August 18th, 2017
- LIBTELCO Hosts First Cyber Security Confab - Liberian Daily Observer - August 18th, 2017
- Free or hate speech? Silicon Valley searches for proper line - CBS News - August 18th, 2017
- The Yin-Yang of Cybersecurity Legislation The Internet of Things Cybersecurity Act - CSO Online - August 16th, 2017
- Women build capacity in internet security - Ghana News Agency - August 14th, 2017
- Can US lawmakers fix IoT security for good? - Network World - August 14th, 2017
- 3 Problems Related to Internet Security and Online Safety - Bdaily - August 14th, 2017
- Internet security at home avoid being an online victim - North Coast Courier - August 11th, 2017
- Healthcare Industry May Not Be Prepared For Internet of Things - JD Supra (press release) - August 11th, 2017
- Kaspersky Lab Launches Internet Security Campaign in Asia Pacific - Guiding Tech - August 10th, 2017
- Bitdefender Internet Security 2016 - PCMag India - August 6th, 2017
- Mozilla bets its Rust language will make your internet safer - CNET - August 3rd, 2017
- Kaspersky Internet Security 2018 18.104.22.1685 - Tech Advisor - August 3rd, 2017
- Top 5 Internet Security Practices to Staying Safe Online - The Merkle - August 1st, 2017
- Every day is Internet Security Day | Opinion | thenewsherald.com - Southgate News Herald - August 1st, 2017
- Security This Week: The Very Best Hacks From Black Hat and Defcon - WIRED - August 1st, 2017
- 'Internet of things' hackers raise cloud of fear - E&E News - August 1st, 2017
- Facebook Donates $1M in New Funds for Internet Security at Black Hat - eWeek - August 1st, 2017
- ARRIS Launches First Gateway with ARRIS Secure Home Internet by McAfee; Exclusively at Best Buy - PR Newswire (press release) - July 12th, 2017
- Bitdefender unveils 2018 edition of Total Security, Internet Security ... - Windows Report - July 12th, 2017
- Women in IT Security: Eight Women to Watch - SC Magazine - July 11th, 2017
- The Internet of Identities (IoI) - CSO Online - July 11th, 2017
- Trump Says He Pressed Putin, While Casting More Doubt On Election Meddling - NPR - July 9th, 2017
- Internet freedom must be protected but also respected - Independent Online - July 9th, 2017
- The internet, security and privacy - TechTarget (blog) - July 7th, 2017
- Save 20 Percent on AVG Internet Security Unlimited, AVG Ultimate - PCMag - July 7th, 2017
- Bitdefender Internet Security 2017 One of the most efficient security suites - GameSinners (press release) (blog) - July 5th, 2017
- The Whole Internet Is Managed By 14 People; Each One Is A Security Keyholder - Fossbytes - July 5th, 2017
- In our opinion: Individuals and governments should do more to recognize and combat cyber attacks - Deseret News - July 5th, 2017
- See Which Mac Antivirus Protects Best (and Worst) - Laptop Mag - July 5th, 2017