Blog · 28 Jan 2020

Cybercrime prevention principles: Making the internet safer for businesses and consumers

In partnership with the World Economic Forum, we’ve published a report to tackle the growing threat of indiscriminate cyberattacks and outlined four key principles to protect businesses and consumers.

Kevin Brown
Managing Director, BT Security

Today’s cybercrime emergency

Cybercrime is an issue that threatens everyone, from national online infrastructure to the individual consumer. The financial impact of cybercrime on both businesses and individuals has risen by 72 per cent in the past five years and this trend shows little sign of slowing.

While many cyberattacks are targeted at individual organisations, by far the most prolific form of cyber threats are indiscriminate attacks, targeting the largest number of consumers possible and set to cost an estimated $6 trillion by 2021.

Because these attacks are so prolific, it’s impossible for any one entity to tackle them alone. That’s why, in order to combat these attacks and ensure ongoing trust in online services, organisations need to work together and collaborate on effective cyber prevention strategies.

From our critical position, we see global traffic crossing the internet and have the ability to enact meaningful change in tackling cybercrime. Therefore, when the World Economic Forum Platform for Shaping the Future of Cybersecurity and Digital Trust decided to address the current cybersecurity emergency, we were a clear choice for the dedicated expert taskforce. Our task was to devise a set of best practice principles which all types of organisation can put into practice to prevent cybercrime.

The result is the Cybercrime Prevention Principles for Internet Service Providers. The report is a concrete step towards defining cybersecurity best practice and provides straightforward steps ISPs, and other organisations involved in providing online communications, can take to secure themselves, their customers and the shared online space. 

Combating malicious activity through four key principles

There’s a huge range of actors across the online ecosystem who can take action against indiscriminate cybercrime. ISPs in particular are ideally placed to tackle these threats head on and arguably have a responsibility to take action against malicious online activity. But in order to do so effectively it’s vital they work together.

The paper outlines four actionable principles that highlight strategic actions ISPs can take. They will help to safeguard the health of the national online ecosystem, reduce the cost of fighting cybercrime and ensure ongoing trust in online services.

  • Principle 1: Protect consumers by default from widespread cyberattacks and act collectively with peers to identify and respond to known threats.
  • Principle 2: Take action to raise awareness and understanding of threats and support consumers in protecting themselves and their networks.
  • Principle 3: Work more closely with manufacturers and vendors of hardware, software and infrastructure to raise minimum levels of security.
  • Principle 4: Take action to shore up the security of routing and signalling to reinforce effective defence against attacks.

Strengthening the weakest link

These principles are just the beginning of the positive steps needed to “clean up” the internet. From this platform, the next step is for governments and regulators to work together to enact policies that not only incentivise this type of responsible behaviour, but also promote greater cybersecurity measures more generally. This will encourage greater information sharing, more IoT security collaboration and a commitment to peer analysis — something all ISPs and related entities can benefit from. After all, our security posture is only as strong as our weakest link. 

Find more insights and practical steps in the paper

Cybercrime Prevention Principles for Internet Service Providers contains detailed information on the practical steps involved within each principle. Alongside these are informative case studies and expert insights, all of which outline the benefits and pitfalls organisations should be aware of.

Have a read and find out more about how the internet ecosystem can be made safer for everyone.