ICANN Plan for Enhancing Internet Security, Stability and Resiliency.

Slides:



Advertisements
Similar presentations
ICANN Report Presented by: Dr Paul Twomey CEO and President LACNIC, Montevideo 31 March 2004.
Advertisements

1 ICANNs Contractual Compliance Program David Giza, Senior Director, Contractual Compliance Stacy Burnette, Director, Contractual Compliance ICANN Policy.
CcTLD Agreement Update ICANN Public Forum Melbourne, Australia 12 March, 2001 Andrew McLaughlin ICANN Policy Guy.
GNSO goals Bruce Tonkin Chair, GNSO Council Sao Paulo, 4 Dec 2006.
ICANN Strategic planning process Draft key priorities for the July 2006 – June 2009 Plan for community comment November 2005.
DNS Security and Stability Analysis Working Group (DSSA)
And the Briefing for the ICANN Board Bucharest, Romania June 2002.
The Role of Governments Caribbean Telecommunications Union Ministerial Seminar May 29, 2012 Heather Dryden Chair - Governmental Advisory Committee, ICANN.
Update on ccTLD Agreements Montevideo 9 September, 2001 Andrew McLaughlin.
ICANN/ccTLD Agreements: Why and How Andrew McLaughlin Monday, January 21, 2002 TWNIC.
Managed Funds Association’s Sound Practices for Hedge Fund Managers 2009 Edition.
Cairo 2 November Agenda  Guidebook overview  Supporting and explanatory materials  Guidebook Module detail  Probable timelines 2.
Glen de Saint Géry ICANN GNSO Secretariat for Theresa Swinehart Counsel for International Legal Affairs Domain Day Milan.
New gTLD Basics. 2  Overview about domain names, gTLD timeline and the New gTLD Program  Why is ICANN doing this; potential impact of this initiative.
The topics addressed in this briefing include:
Transition of U.S. Commerce Department’s National Telecommunications and Information Administration (NTIA) Stewardship of the IANA Functions to the Global.
Introduction to ICANN’s new gTLD program. A practical example: the Dot Deloitte case. Jan Corstens, Partner, Deloitte WIPO Moscow, 9 Dec 2011.
Competency Models Impact on Talent Management
ICANN and the Internet Ecosystem. 2  A network of interactions among organisms, and between organisms and their environment.  The Internet is an ecosystem.
Internal Auditing and Outsourcing
CcTLD-ICANN Agreement GCC Regional Meeting Dubai, UAE 17 June, 2001 Andrew McLaughlin ICANN.
2011 – 2014 ICANN Strategic Plan Development Stakeholder Review 4 November 2010.
Revised Draft Strategic Plan 4 December 2010.
Transition of U.S. Commerce Department’s National Telecommunications and Information Administration (NTIA) Stewardship of the IANA Functions to the Global.
Justice Information Network Strategic Plan Development Justice Information Network Board March 18, 2008 Mo West, JIN Program Manager.
FY15 Operating Plan Framework Conference call Community/Staff March 12 th 2014.
Greg Rattray ICANN Chief Internet Security Advisor
© Grant Thornton UK LLP. All rights reserved. Review of Partnership Working Vale of Glamorgan Council Final Report- July 2008.
Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.
Supporting a Healthy, Stable, Resilient Internet.
Outcomes of the 16 th Regional Disaster Managers Meeting held from 9 th – 11 th August 2010 Presentation to the Pacific Humanitarian Team Monday 6 th December.
Security, Stability & Resiliency of the DNS Review Team (SSR) Interaction with the Community.
Organize to improve Data Quality Data Quality?. © 2012 GS1 To fully exploit and utilize the data available, a strategic approach to data governance at.
INTOSAI Public Debt Working Group Updating of the Strategic Plan Richard Domingue Office of the Auditor General of Canada June 14, 2010.
ICANN LAC Regional Strategy Final Results URUGUAY February 7-8, 2013.
CcNSO Finance Working Group: Survey on ICANN Contributions and Services Byron Holland March 11,
© 2013 Cengage Learning. All Rights Reserved. 1 Part Four: Implementing Business Ethics in a Global Economy Chapter 9: Managing and Controlling Ethics.
CcTLD/ICANN Contract for Services (Draft Agreements) A Comparison.
Enhancing ICANN Accountability. | 2 CCWG-Accountability Scope  During discussions around the IANA functions stewardship transition the community raised.
Corporate Governance in the Caribbean Environment “The Caribbean Corporate Governance Forum” Trevor E Blake General Manager – ECSE.
ICANN COMMUNITY STRATEGIC PLANNING DISCUSSION Brussels, June
Update from ICANN staff on SSR Activities Greg Rattray Tuesday 21 st 2010.
1 ICANN update Save Vocea APSTAR retreat, Taipei, TW 24 February 2008.
Organizations, Institutions, the Domain Name and addressing system, Internet Governance… D-day 2005 Milan, Italy 24 November 2005 Theresa Swinehart GM,
1 ICANN & Global Partnerships Baher Esmat Manager, Regional Relations Middle East ccTLD Training, Amman Nov, 2007.
New gTLD Basics. 2  Overview about domain names, gTLD timeline and the New gTLD Program  Why is ICANN doing this; potential impact of this initiative.
1 ICANN... update Pablo Hinojosa Manager, Regional Relations Global and Strategic Partnerships 2007 Caribbean Internet Forum St. Lucia, 5 November 2007.
June 2009 Kevin Wilson Chief Financial Officer FY10 Operating Plan and Budget.
1 1 The GNSO Role in Internet Governance Presented by: Chuck Gomes Date: 13 May 2010.
Conficker Update John Crain. What is Conficker? An Internet worm  Malicious code that is self-replicating and distributed over a network A blended threat.
DSSA-WG Progress Update Singapore – June Charter: Background At their meetings during the ICANN Brussels meeting the At-Large Advisory Committee.
Security, Stability & Resiliency of the DNS Review Team Wednesday, 8 December 2010.
IDN UPDATE Tina Dam ICANN Chief gTLD Registry Liaison Public Forum, Wellington 30 March 2006.
ICANN Strategic Initiatives for Security, Stability and Resiliency - DNS CERT Posted for Public Comment at 1.
Requirements 1 NTIA Support and enhance the multistakeholder model Maintain the security, stability and resiliency of the Internet DNS Meet the needs.
Fostering Multi-Stakeholder Internet Governance Models in the Region Bill Graham, Director, ICANN Board.
Global Geospatial Information Management (GGIM) A UN-DESA Initiative in collaboration with Cartographic Section, DFS Stefan Schweinfest UNSD.
Update on Consumer Choice, Competition and Innovation (CCI) WG Rosemary Sinclair.
Joint GAC ccNSO Meeting ICANN Singapore 22 June 2011.
Background The Sustainable Development Goals (SDGs), which the UN Members States jointly committed to in September 2015, provide an ambitious and long-term.
Global Partnerships ISOC ccTLD Workshop Guyana Feb 16, 2007.
Financial Services Sector Coordinating Council (FSSCC) 2011 KEY FSSCC INITIATIVES 2011 Key FSSCC Initiatives Project Name: Project Description: All-Hazards.
IANA Stewardship Transition & Enhancing ICANN Accountability Panel and Audience discussion | WSIS Forum | 5 May 2016.
1 27Apr08 Some thoughts on Internet Governance and expansion of the Domain Name space Paul Twomey President and CEO 9 August 2008 Panel on Internet Governance.
Strategic Plan: Goals, Objectives & Success Measures Administrative Forum, South Campus June 17,
ICANN and International Cooperation on Internet Security Sept 2011.
IANA FUNCTIONS STEWARDSHIP TRANSITION
ICANN’s Policy Development Activities
Statistics Governance and Quality Assurance: the Experience of FAO
Role of State Audit Bureau of Kuwait in promoting and audit of IT Security  
Presentation transcript:

ICANN Plan for Enhancing Internet Security, Stability and Resiliency

Principles Guiding Drafting Plan intended as an initial foundation focused on ICANN role definition and framework for delineating programs, activities and resources – Not tabling new initiatives; programs and activities already part of ICANN strategic & operational plans – Why? – Need community buy-in on starting point Most recent drafting focused on streamlining document flow to guide reader through content

Plan Purpose (Section 1) Delineate ICANN role Overview existing programs and activities Detail planned activities and resource commitments in FY 10 – Integrated into ICANN strategic and operational planning

Challenges and Opportunity (Section 2) Growing misuse of the Internet – Often leverages the unique identifier systems ICANN has long-standing commitment toensure stable and secure operation of the Internet's unique identifier systems Plan provides the community a roadmap for ICANN efforts

ICANNs Role (Section 3) ICANN focuses on its core missions related to the Internets unique identifier system ICANN does not play a role as a policeman in operationally combating criminal behavior ICANN does not have a role regarding use of the Internet for cyber-espionage and cyber war ICANN does not have a role in what constitutes illicit content on the Internet ICANN will continue to participate in activities with the broader Internet community to combat abuse of the unique identifier systems that enable malicious activity

ICANN Contributors (Section 4) Activities engage most elements ICANN Staff – Security staff serves as orchestrator Supporting Organizations and Advisory Committees – SSAC and RSSAC identified explicitly

ICANN Programs (Section 5) ICANN is directly responsible for IANA operations as the highest priority ICANN is an enabler for the DNS and addressing community efforts to strengthen the security, stability and resiliency including supporting protocols to authenticate Internet names and numbers ICANN is an enabler and facilitator of the security, stability and resilience activities conducted by DNS registry and registrars ICANN is directly responsible for the secure, stable and resilient operation of its own assets and services ICANN is a key participant in broader forums and activities related to the security, stability and resiliency of the Internets unique identifier systems

Major Program Elements 5.1 Core DNS/Addressing Security, Stability and Resiliency – IANA Operations – Root Server Operations 5.2 TLD Registries and Registrars – gTLD Registries – new gTLDs and IDNs – gTLD Registrars – Contractual Compliance – Protecting gTLD Registrants – ccTLDs – IANA Technical Requirements – Collaborative Response to Malicious Abuse of DNS – Enabling Overall DNS Security and Resiliency

Major Program Elements (cont.) 5.3 Engaging with Number Resource Organization (NRO) & Regional Internet Registries (RIRs) 5.4 ICANN Corporate Security and Continuity Operations – Security Programs – Business Continuity Program 5.5 Activities of ICANN Support Organizations and Advisory Committees 5.6 Global Engagement to Enhance Security, Stability and Resiliency – Global Partners and Activities – Regional Partners and Activities – Working with Governments

ICANN FY10 Plans: Key Initiatives (Section 6) IANA Operations: Key initiatives include improving root zone management through automation; improved authentication of communications with TLD managers; and supporting DNS Security Extensions (DNSSec) implementation DNS Root Server Operations: Continuing to seek mutual recognition of roles and responsibilities and initiate a voluntary effort to conduct contingency planning and exercises gTLD Registries: Establish processes for applicant evaluation and operation of new gTLD and IDN applicants to ensure technically secure operations & ensure protection of registrants. ICANN will mature the gTLD registry continuity plan and test the data escrow system ccTLD Registries: ICANN will focus its collaboration on maturing the joint Attack and Contingency Response Planning program established in conjunction with the ccNSO and the regional TLD associations and working more closely with ISOC on technical capacity building

ICANN FY10 Plans: Key Initiatives (cont.) (Section 6) Contractual Compliance: ICANN will increase the scope of contractual enforcement activities to include initiating audits part of implementing the March 09 RAA amendments and identify potential involvement of contracted parties in malicious activity for compliance action Response to Malicious Abuse of Domain Name System: ICANN will build on its collaborative efforts to enable understanding of activity involving malicious conduct enabled by the use of the DNS and facilitating information sharing to respond 6.4 Internal ICANN Security and Continuity Operations: ICANN will ensure its security programs are conducted within overall corporate risk management, crisis management, and business continuity programs. A major focus will be the establishment of a sound foundation of documented plans and supporting procedures 6.5 Ensure Global Engagement and Cooperation: ICANN will further extend strong partnerships and engage in global dialogues to foster understanding of the security, stability, and resiliency challenges and improve response capabilities

Objectives -Improve and implement IT/Facilities/ Personnel Security Programs - Establish Formal Plans - Institute Security Training -Implement Traveler and Meetings Security & Contingency Plans Deliverables (milestones) -Conduct Security Training Programs (part of ICANN on-boarding by Sep 09) -Improved IT & Physical Access Control Systems implemented (IT authentication on key systems – Fall 09) -Exercise Traveler and Meetings Security (one drill per trimester) -Security Program outside audit (April 10) Key Stakeholders -ICANN Security & Resiliency Team -ICANN IT/IANA/DNS Ops -ICANN Human Resources -ICANN Global Meetings Team -Other ICANN Staff Resources Human – 2 FTEs (includes IT support for security) Financial – $1.1 M including FTEs, physical & IT access controls, professional services for conducting training and audits Example Slide: Corporate Security Program (Security, IT, others across staff)