Hacking Tracking and the Response to this should be documented somewhere on the web and made available to the public. So while the usage of various measures to retain a secure enviroment can be documented, the attacks that have failed or have made headway have not been. We only find out that a crash has happened and the means used to make it happen after it has happened.
So if there was a means of testing an array of applications or systems for security then designers might move to match the rigors of the standards. It does not have to be a large section but a highly defined sector of the internet. Browsers might work. If Browsers had to meet a standard to fight Phishing and an organization could rate the browsers based on this standard then Browser producers would seek this approval.
Beyond browsers, other areas could find the same foothold. Of course hackers would see the flaws in any standard eventually, but it would remove Microsoft from the field of players and by dislodging them, some goal would be achieved. Whittling away at their market share hurts them and improves the overall product offering available to people.