International Botnet and IoT Security Guide


CSDE’s International Botnet and IoT Security Guide is among the world’s leading initiatives to dramatically reduce destructive botnet attacks. Since 2018, we have brought together communications and technology sector leadership on an annual basis to identify practices and capabilities for combating threats related to botnets, such as malware propagation, denial-of-service attacks, and the spread of corrosive disinformation.

This year’s version of the guide includes specific recommendations for Internet of Things (IoT) device security, based on CSDE’s landmark paper – the C2 Consensus – endorsed by leading organizations representing thousands of companies. CSDE was cited no less than nine times in the U.S. government’s Botnet Roadmap, which was released on the same day as CSDE’s inaugural guide. CSDE’s work on botnets was also recognized for promoting multi-stakeholder collaboration by the Internet Governance Forum of the United Nations in their paper on Cybersecurity Agreements.

A number of highly regarded cybersecurity publications have covered our work favorably. For example, our work was referenced by the Brookings Institution and a CSO article commends the CSDE for developing “a very comprehensive guide to defending enterprises against botnets”. To the extent our recommended practices are adopted widely throughout the ecosystem, the threat of botnets can be significantly diminished.

Why We Created the Guide:

The threat that botnets and other automated, distributed attacks pose to the internet and communications ecosystem has increased dramatically over time; more systems are vulnerable today than in any previous period of the internet’s history.

Malicious actors, including some nation states, use botnets and distributed attacks for a variety of nefarious purposes, including to overwhelm network resources; perpetrate scams and identity theft; steal sensitive personal information and intellectual property; spread infectious malware; defraud advertisers and other businesses; and even hold computer systems hostage for ransom. Like-minded governments throughout the world have called upon industry to take more aggressive action as part of a collective defense strategy.

CSDE members collaborate in this global effort to mitigate botnet attacks and other distributed attacks by implementing and promoting proven cost-effective solutions. However, the long-term security and resilience of the internet and communications ecosystem requires a global and holistic approach that involves the adoption of baseline security practices by stakeholders in many different countries, industries, and segments of the ecosystem. CSDE will actively engage with global government and industry partners to enhance the transactional integrity of the underlying digital economy.