The Internet Industry Association (IIA) has disagreed with policy think tank, the Kokoda Foundation, which said that portions of its voluntary iCode (otherwise known as the zombie code) should be mandated.
The code ensures that subscriber internet providers deal with their users who are known to operate computers that are infected with malware.
It is hoped the code, which builds on what was already standard practice for the biggest telcos, will reduce the instances of malware infections in Australia.
More than 90 per cent of internet users are covered under the iCode, but defence veteran Dr Gary Waters, who was an author of a recent Kokoda Foundation report into Australia's cybersecurity, said that it must be regulated to ensure all Australians are covered.
"It is a light touch too light. It is not satisfactory to say 90 per cent of users are covered. If the same logic was applied to roads on roads, then only 90 per cent of drivers would have their licence," Waters said.
He said the iCode is very positive, but elements of it should be mandated by government.
The IIA, however, said moves to force providers to take responsibility for infected customer machines would backfire.
"Legislation never achieves 100 per cent compliance," chief executive Peter Coroneos said.
"You lose flexibility, because legislation can never adapt. It has been carefully crafted so it's palatable to industry and makes clear where their advantages of signing up are to participants."
Coroneous said Waters' driver's licence is more akin to requiring car manufacturers to be responsible for drivers.
The iCode went live in December and is "looking positive", according to Coroneos, with providers already informing users of machine infections.
The fourth largest provider, Internode, signed up before Christmas after being absent when the code first went live.