Internet service providers and end-users must share responsibility for online security, says technology consultancy Detica.
"A combined effort will make our cyber resilience much more robust," said Mark Dampster, head of business development at Detica StreamShield.
ISPs should do more to protect users, while users should take do more to ensure their own internet security, he said at the end of National Identity Fraud Prevention Week.
According to Detica, ISPs need to fix systemic faults and weaknesses and provide a secure environment for consumers.
This should include screening e-mails and removing spam and malware before they reach users, and monitoring browsing in real time to prevent users from visiting malicious websites.
End-users should do more than simply keeping anti-virus software and system patches up-to-date, by having a more secure approach to social networking and password protection.
For instance, passwords need to be changed regularly, not used across different websites, and kept safe offline, said Dampster.
"By recognising that cyberspace is shared territory where we all have responsibilities for security, we can ensure the internet is as safe as possible," he said.