Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo


Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

Clearly, Internet security isn’t as good as it should be, given that every week seems to bring news of a data breach at a large organization. But is the situation actually getting worse, or is it staying the same? Or could it even be getting better?

That’s the question researchers at Cisco Systems tried to answer when they began quantifying the state of computer security in 2009. By looking at several factors, including the size and number of worldwide “botnets” that conscript innocent people’s computers into drones that send malware and spam, the researchers have assigned a rating to the overall state of online safety. Cisco’s ARMS Index (that’s an acronym for “adversary market resource share”) runs from 1 past 9, with 1 being the Edenic bliss of the ARPANet and anything over 9 representing digital dystopia. When the index debuted in December 2009, Cisco rated the world’s security a 7.2, reflecting the researchers’ findings that corporate networks were experiencing “persistent infections.” But by December 2010, it was 6.8, meaning that the same networks were being less frequently hit. And by some measures, the index could improve again this year, according to Patrick Peterson, a security analyst for Cisco who is one of the researchers behind the report. He recently spoke to TR’s deputy editor, Brian Bergstein.

TR: It doesn’t seem like the Internet is becoming a safer place, and yet you saw enough positive trends to lower the number last year. Why?

Peterson: This was actually quite interesting, because we had two wildly divergent trends. One of them was that last year was the best year ever for slaying botnets. There were a number of botnets disrupted and taken offline. We actually saw the aggregate size decrease tremendously. At the same time, infected systems were able to do much greater things to much greater targets. There were a large number of well-publicized infections such as Stuxnet. Another one was the Aurora attack, which was a coördinated attack on Gmail users and was aimed at putting malware in to steal a lot of intellectual property. We’ve seen that trend continue [this year] with the Epsilon breach, the Sony breach, the IMF breach.

In light of incidents like those, how is the index looking for this year?

I would say we are continuing to trend down in terms of what the ARMS index measures, but at a slower pace. At the end of the year my crystal ball is about a 6.6.

0 comments about this story. Start the discussion »

Credit: Cisco Systems

Tagged: Business, Business Impact, Securing Data, Cisco

Reprints and Permissions | Send feedback to the editor

From the Archives


Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me