icode Review Taskforce
Draft Review for Public Comment:
The icode has now been in operation since December 2010. The IIA icode Taskforce has completed a review of the code and is now seeking public comment.
The icode is a voluntary industry code that is used by service providers to help fight cybercrime by defining integtarted steps of early indentification, notification and direction of end users to information and remediation tools for devices thought to be infected by malicious software (Malware).
More than 30 ISP’s covering 90% of Australian Internet users are currently participating in icode.
As part of this review the IIA icode Taskforce has considered a number of changes, including some recommendations from the government, that take into account the continued evolution of technologies such as the need for the code to reflect all Internet connected devices and not just computers.
A Draft copy of the proposed changes to Version 1.0 of the icode (in mark up) can be found here
A Draft copy Version 2.0 (clean copy) inclusive of the proposed changes to Version 1.0 can be found here
Comments on the Draft Version 2.0 should be forwarded to: email@example.com
Public Comment period closes at 5:00 PM (AEST) on Thursday 20 June 2013
The Internet Industry Association (IIA) in conjunction with the Minister for Broadband, Communications and the Digital Economy, Senator Stephen Conroy and the Federal Attorney-General, Robert McClelland, launched a new voluntary code of practice on 6 June 2010 for Australian Internet Service Providers (ISPs) to improve cybersecurity for all consumers.
Known as the icode, the code recognises that both ISPs and consumers can and must share responsibility for minimising the risks inherent in using the internet.
The code provides a consistent approach for Australian ISPs to help inform, educate and protect their customers in relation to cybersecurity.
By following the code ISPs contribute to reducing the number of compromised devices in Australia and enhance the overall security of the Australian and international internet.
The code delivers a standard set of best practices for ISPs to follow to preserve the integrity of their networks and customers internet connected devices.
The icode contains four main elements:
- A notification/management system for compromised devices
- A standardised information resource for end users
- A comprehensive resource for ISPs to access the latest threat information
- A reporting mechanism in cases of extreme threat back to CERT Australia to facilitate a national high level view of attack status.
The icode builds on the Australian Communications and Media Authority (ACMA) Australian Internet Security Initiative (AISI) as well as other sources of security intelligence which showed that malware-infested computers were a growing risk that required coordinated industry, consumer and government responses.
The icode is available for download here.