Aussie internet security groups draft cybercrime code

Global information security and local industry representatives have held discussions in Sydney to draft a cybercrime code of practice.

          Global information security and local industry representatives have held discussions in Sydney to draft a cybercrime code of practice.

          During the three days of meetings, the OECD (Organisation of Economic Cooperation and Development) group on global information security met with Australia's Internet Industry Association (IIA) and the US Internet Industry Association (USIIA) to discuss the role of security within the industry.

          The IIA and the USIIA, together with OECD delegates, shaped a Draft Joint Statement of Principles to outline the direction that the industry needs to take.

          The first guideline is to promote the partnership of governments and industry in dealing with security issues.

          "The solution to global crime and terror is no longer the province of governments alone," says IIA chief executive Peter Coroneos.

          Another issue dealt with was the awareness and responsibility of the industry as a whole, from enterprise level, to end users and small to medium enterprises.

          "A large part of the security problem is not just the responsibility of enterprises involved in the network, but also of end users. End users are often the weak link in the chain," Coroneos says. "A connection at home with no firewall means they cannot only be a target, but also a potential launching point for an attack against companies. They can become a weapon in the armory of a cyberterrorist."

          "As more and more industries become connected to the internet, they become more vulnerable. The threat is not just facing the internet, but everything that hangs off the network."

          Justin Milne, chairman of the Cybercrime Virtual Task Force, says the task force has also drafted a code of conduct, to "grease the wheels" and advance the cooperation between law enforcement agencies and the industry, especially ISPs.

          According to Milne, the code of conduct will provide a protocol so that when there is an incident, there will be legislation in place and law enforcement agencies and ISPs will be clear on what needs to be done. The aim of the protocol is to bring uniformity to the process and ensure everyone is legislatively protected.

          Milne expects the code to be endorsed in about six months.

Join the newsletter!

Error: Please check your email address.

Tags cybercrime

More about IIAInternet Industry AssociationOECD

Show Comments
[]