Internet Service Providers (ISPs) like Comcast, Charter or Century Link could dramatically affect their customers’ security if they chose to, but how should they use this great power responsibly? In a recent Dark Reading article, WatchGuard Technologies CTO Corey Nachreiner writes about the role ISPs should play in cybersecurity.
Here’s an excerpt from the article that explains Corey’s main argument:
As far as preventative security controls go, I think ISPs can offer optional security services, but ultimately should leave it to their customers to decide whether to protect themselves or not. However, there is one thing all ISPs should do to protect everyone today: block IP address spoofing.
ISPs carry a lot of weight in overall state security because they act as a doorway to the Internet and could implement security controls on all their traffic before it reaches the end user. But ISPs must strike a balance between ensuring their customers are safe, avoiding censorship and allowing them to set their own security controls.
Read the full article on Dark Reading, and more from Corey on the U.S. Senate’s vote to remove a broadband provider rule that prevents ISPs from selling personal identifiable information (PII) to advertisers without consent here.
ISPs should also make efforts to block attacks that originate from their subscribers. They have the best vantage point to see and therefore block such traffic.