The online security and safety of our customers is a priority. For Comcast's Xfinity Internet customers, Constant Guard™ provides the tools to prevent, detect, respond to and manage security threats. To be effective in this fight, we need cooperation across the entire Internet ecosystem. That's why Comcast is an active participant on the advisory committee created by the FCC — the Communications Security, Reliability, and Interoperability Council, known as CSRIC — bringing together industry participants to share ideas, discuss solutions and develop best practices. One of the best aspects of CSRIC is its emphasis on timely, industry-led, consensus-based solutions, rather than government mandates. Everyone needs to take ownership in making the Internet safe and secure.
Comcast is the first ISP in North America to have fully implemented Domain Name System Security Extensions (DNSSEC), which is now automatically included as part of Constant Guard™. The CSRIC working group addressing DNSSEC recommends measures that we hope will encourage other major ISPs to implement DNSSEC, and to encourage domain owners like commerce and banking-related sites to begin signing their domain names with DNSSEC. The working group also recommends that software developers, such as those creating operating-systems, web-browsers, and other Internet-focused applications, study how and when to incorporate DNSSEC validation functions into their software.
The CSRIC working group on botnet remediation developed the U.S. Anti-Bot Code of Conduct for ISPs to address the threat of bots and botnets in residential broadband networks through voluntary participation. A bot is a malicious form of software that could use your computer to send spam, host a phishing site or steal your identity by monitoring your keystrokes. The Code recognizes that the entire Internet ecosystem has important roles to play in addressing the botnet threat and ISPs depend on support from the other players like security companies and operating system vendors. The Code encourages ISPs to support end-user education to prevent bot infections, to detect end user bot infections, notify users of bot infections, provide bot remediation tools and support for customers. The Code also provides a means for ISPs to collaborate and share information regarding their efforts to address bots and botnets.
The area of routing security is also the subject of study for CSRIC working groups. Improving the integrity of the global routing system has been a hope for quite some time. While there is work still to be done, Comcast joins other large network operators in our commitment to make sure data about resources is more reliable and accurate as a necessary precursor to any other enhancements which may be contemplated.
We'll continue to develop innovative solutions and participate in groups like CSRIC that encourage the development of real-world solutions, best practices, and codes of conducts. There is no "one size fits all" model for addressing cybersecurity risks. It takes broad participation for the best results. The flexibility for us to design and develop the best security solutions for our network architecture and customer environment is a core element of a successful cybersecurity policy. This flexibility helps ensure we can continue to focus on security and innovation, rather than regulation. Comcast is delighted to be part of CSRIC and other industry organizations working to make the global Internet even better.