New Online and Mobile Best Practices Clarify Business and Governmental Security Tactics


Oecdbp
Baltimore, Oct. 24, 2012 – A cooperative international report available today outlines

Internet and mobile best practices aimed at curtailing malware, phishing, spyware, bots
and other Internet threats, and provides a thorough review of current and emerging
threats. “Best Practices to Address Online and Mobile Threats” is a comprehensive
assessment of Internet security as it stands today and explains in non-technical language
the proactive steps that can help mitigate risks, according to the report’s two major
contributors, the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) and the
London Action Plan (LAP).

The report is also one of the first global efforts to encourage governments to deploy best
practices, which are more often associated with businesses. It focuses on four major
areas of concern: malware and botnets, social engineering and phishing, IP and DNS
exploits, and mobile threats. To encourage government participation, it has been
presented to the 34-member country OECD (Organisation for Economic Co-Development) for
review.

“Best Practices to Address Online and Mobile Threats” draws on the tactics that have
proven effective over the past decade to reduce online risks, then augments these with
forward-thinking recommendations for emerging vulnerabilities, such as mobile text spam
and Web abuse. The comprehensive report is available here:



Download Best_Practices_to_Address_Online_and_Mobile_Threats_(Oct_2012)

The report is also available via the London Action Plan site and by way of the Messaging
Anti-Abuse Working Group site.

“As a globally cooperative effort, the report brought together an unprecedented team of
experts who outlined safe computing tactics in uncomplicated, accessible language for
end-users, large and small businesses, and governments. This is also one of the first
efforts to update industry recommendations recognizing that public agencies are important
online enterprises, and just as companies need to implement best practices, so do
governments,” Alex Bobotek, M3AAWG co-chairman said.

CAUCE President John Levine noted "We were honored to work with Industry Canada, M3AAWG,
and the other organizations. Online security is such a massive problem that working
partnerships among governments, business, and non-profits such as CAUCE is the only
logical way forward to deal with these issues."

The international community collaboratively stepped up to generate the report in a
public-private partnership led by André Leduc, Manager of the National Anti-Spam Coordinating
Body at Industry Canada. Industry experts from M3AAWG, LAP and other
organizations, such as CAUCE, contributed to it.
CAUCE President John Levine, and Executive Director Neil Schwartzman were part of the
Paris delegation that presented the report to the OECD committee on consumer protection,
it was also reviewed by the Working Party on Information Security and Privacy (WPISP).
Online threats are evolving as Internet and mobile technologies play a more vital role in
many business models, attracting cybercriminals who target users on popular platforms such
as laptops, tablets, smartphones and other handheld devices. As the Internet economy
grows, implementing the best practices detailed in the report will help reduce illegal
activities such as spam, phishing, malware and spyware distribution, botnet deployment,
the redirection of Internet traffic to malicious websites and denial of service attacks.