"The idea is the early identification of zombie activity on networks, then notification, then remediation," he says. "We are trying to reduce the pool from which hacker groups can draw on.
"The case for internationalising the iCode is now quite good. New Zealand is saying it understands where its vulnerabilities are but it has no strategy to ameliorate them. Ultimately, we hope if we can make a significant reduction in the number of zombie computers around the world then we can make a big dent on hackers' preferred method of attack."
RMIT's Gregory also argues the case for the widespread adoption of a system to curb spam and malware infected email which would seek to assign SSL certificates to email servers allowing emails to be tracked back to their source.
"If the server is being used for spam or malicious emails an infringement notice can be given to the organisation which owns it. If it keeps coming then the email server can have the SSL certificate revoked," he says.
"What you are trying to do is register and control the devices on the network. About 80 per cent of [zombie PCs] are created through bad email and bad Web pages, so it's better to attack the root cause of the problem rather than whacking the problem on end users and mums and dads at home.
"That's an example of how the government could act [to improve security] but the trouble is getting government to act."
Sign up for CIO Asia eNewsletters.