It has been logically proven to me that some elements of cyber security of any internet user is solely on shoulder of ISP but that has been the last thing we ever cared perhaps because we tend to complicate simple things!
ISP is supposed to be the only owner, or main layer to internet user cyber security when it comes to global threats, isolated or even targeted threats. This is a fact that all the traffic must pass through ISP before reaching to or originating from user. ISP can and they probably are filtering everything, they can decide if internet is neutralized or balanced, then how/why they do not care about global threats to internet users?!
Threats like phishing seem very isolated at the first glance but technically they are traceable, and ISPs can easily kill them at the origination long before they turn to a global concern. Also threats like all the nasty contents of dark web, software piracy or illegal distribution (upload and download) of any digital content.
ISP is technically able to not only just filter but mitigate many cyber-insecurities and they have everything “already” in place, but for some reason we skip this most important link and start building perimeter security from scratch! In terms of filtering and any mitigation, I do not mean simply blocking a port or protocol from a source or to a destination; I am talking about intelligently see the patterns and gather baselines and identify root causes… ISP is capable of even remediation of many types of cyber threats, either towards businesses or home users, but again, for some unknown reason to me, we decide to create a new separate entity and call it e.g. managed security service provider, security operation center as a service…and ignore the power of ISP as the sole owner and responsible party to cyber security.