SlideShare a Scribd company logo

Information Exchange Collaboration across Technical/Operational/Policy Boundaries

APNIC
APNIC

Information Exchange Collaboration across Technical/Operational/Policy Boundaries, by Merike Kaeo. A presentation given at APNIC 42's FIRST TC Security Session (2) session on Wednesday, 5 October 2016.

Internet
1 of 23
© Copyright 2016 Farsight Security, Inc. All Right Reserved. FARSIGHT SECURITY M e r i k e K a e o , C T O m e r i k e @ f s i . i o Information Exchange Collaboration Across Technical/Operational/Policy Boundaries
DISCUSSION POINTS •  Introduction and Background •  Barriers to Sharing •  Communities of Trust •  Global Efforts To Bring About Action •  Evolving Standards and Frameworks •  Being Part of the Solution
BACKGROUND – MERIKE KÄO •  Work History –  National Institutes of Health (Network Engineer, 1988-1993) –  Cisco Systems (Network Architect, 1993-2000) –  Double Shot Security (Founder, 2000-2012) –  IID (CISO, 2013-2014) –  Farsight Security (CTO, 2014 – present) •  Industry Recognition/Participation –  Authored “Designing Network Security” –  Active Contributor to IETF Standards –  SSAC member (ICANN) –  IP6 Forum fellow since 2007 –  Member of FCC CSRIC III (Botnet remediation) –  Member of EU NIS WG2
BARRIERS TO SHARING Technical Creating the resilient infrastructure for data sharing that can support a variety of data types and formats. Policy Creating the appropriate legal structure(s) to foster comprehensive data sharing without cumbersome legal liabilities. Governance Business rules by which members of a network share, what they share, and with whom they share.
A PERIOD OF RAPID CHANGE •  Intelligent, interconnected devices are continuing to be connected to the global Internet •  Data is accumulating faster than it can be organized or effectively protected •  The complexity of the Internet ecosystem creates a rich environment exploitable by activists, criminals, and nation states •  Data will continue be stolen or modified using subtle, persistent, directed attacks
CRIMINALS HAVE NO BARRIERS •  Websites advertise Botnets and malware for hire •  Vulnerabilities and Exploits are traded on open market •  There are no enforced rules for NOT sharing •  Social media is making sharing more efficient Choose Custom Botnet -  Number of Hosts -  Geographic Region -  Bandwidth -  Duration -  etc
BREAKING THE BARRIERS OF SHARING •  Legal •  Technical – Interoperability – End to end automation •  Procedural •  Trust Issues •  Insufficient Interest
COMMUNITIES OF TRUST IETF ISOI BlackHat SchmooCon ENISA APNIC RIPEAfriNIC LacNIC Underground Economy DCC Defcon RSA ICANN ISOC Secure ARIN NIST ITU Secret Squirrel APWG MAAWG StopBadware ACDC MACCSA *-ISAC FIRST Confluence
AND THERE’S MORE… •  Industry Sectors Aerospace, Automotive, Aviation, Chemical Industry, Construction, Consumer Products, Education, Energy, Environment, Financial (Banking, Exchanges, Insurance, Payments), Food, Health, Heating&Ventilation, Machine Safety, Materials, Nanotechnology, Oil&Gas, Pharmaceutical, Research Facilities, Services, Smart Metering, Space,Transport (Road, Rail, Shipping), etc. •  National Initiatives UN, NATO, EU, Africa, National CERTs, etc.
GLOBAL EFFORTS FOR ACTION •  DNS-OARC: DNS System Security •  FIRST: Vulnerability management •  ISACs: Specialized Interest Groups •  M3AAWG / APWG: Anti SPAM, Phishing and Crime •  NSP-SEC: Big Backbone Providers and IP Based Remediation •  OPSEC-Trust: Situational Awareness
MODELS, METHODS AND MECHANISMS •  Models of Exchange –  Voluntary exchange vs Mandatory disclosure •  Methods of Exchange –  Trust-based –  Formalized –  Security clearance-based –  Ad-hoc •  Mechanisms of Exchange –  Person to person –  Machine to machine
THE UNKNOWN – HOW CAN IT HARM YOU? •  Estonia Example (2007) –  Creating trust •  TC-FIRST •  Global Operation Security Teams –  Cross functional meetings –  Known roles due to e-voting (2005) –  Government facilitated communication and tactics –  Openness with information sharing was critical
DO YOU HAVE A CIRT? •  You Should Have a Computer Incident response Team –  Who is part of this? –  What are their responsibilities? •  Important – Define a single individual to be in charge (also have a backup for that individual) •  Know who you need to contact –  Legal / regulatory responsibility –  Upstream ISPs who may help filter on DDoS attacks –  Impacted individuals
CONTINUE TO INCREASE SHARING •  Initial Step – Build Trust Thru Networking •  Start by sharing for specific use cases that don’t impact privacy and personally identifiable information (PII) –  SSH Brute Force Attacks –  DNS/SMTP/NTP Amplification Attacks –  Passive DNS Information •  Investigate how to share data that may impact privacy/PII and what can be anonymized but still be useful –  SPAM / Phishing details
THOUGHTS ON PASSIVE DNS •  DNS is used by ALL electronic communications •  pDNS still new to many people despite existing since 2004 •  PII issues depend on where you do your observations •  Valuable data that is shared to get information on malware campaigns
EVOLVING STANDARDS & FRAMEWORKS •  FIRST Initiatives –  Traffic Light Protocol (TLP) SIG –  Information Exchange Policy (IEP) SIG –  Information Sharing SIG •  OASIS –  Cybox/STIX/TAXII •  Other Ongoing Work –  NIST / ENISA –  IETF
TLP – OLD VS EVOLVING
WHAT CREATES POLICY COMPLEXITY ? •  Variations in global privacy laws and legal liability –  Many sharing initiatives based on bi-lateral agreements •  Variations in policy interpretations – Who do you share with ? – How do you protect data ? – What are you allowed to do with the data?
INFORMATION EXCHANGE POLICY (IEP) •  Work started over 2 years ago •  FIRST was natural place to get global participation •  Initial v1.0 Framework done –  https://www.first.org/global/sigs/iep –  Information Sharing SIG utilizing it –  Unifying with OASIS STIX •  Work ongoing –  Other operational sharing groups asking for clarifications
IEP SPECIFICS
IEP and STIX •  IEP Appendix A –  STIX JSON representation of an IEP implementation •  Close collaboration with OASIS –  STIX 2.0 documentation has reference to IEP –  IEP work ongoing to include IEP within STIX
BEING PART OF THE SOLUTION •  Participate in policy work •  Work with national CIRT teams •  Help formulate privacy laws that protect citizens personal privacy but don’t hinder protecting critical electronic communications •  Share what you can and help cross-functional education
© Copyright 2016 Farsight Security, Inc. All Right Reserved. QUESTIONS ? FARSIGHT SECURITY

Recommended

Policy SIG Report
Policy SIG ReportPolicy SIG Report
Policy SIG ReportAPNIC
 
NRO Update
NRO UpdateNRO Update
NRO UpdateAPNIC
 
TWNIC OPM 2015: Network Operator Groups
TWNIC OPM 2015: Network Operator GroupsTWNIC OPM 2015: Network Operator Groups
TWNIC OPM 2015: Network Operator GroupsAPNIC
 
APNIC Secretariat Report
APNIC Secretariat ReportAPNIC Secretariat Report
APNIC Secretariat ReportAPNIC
 
IPv6 Readiness Measurement BoF Report
IPv6 Readiness Measurement BoF ReportIPv6 Readiness Measurement BoF Report
IPv6 Readiness Measurement BoF ReportAPNIC
 
Resource Public Key Infrastructure presentation, Mynog5
Resource Public Key Infrastructure presentation, Mynog5Resource Public Key Infrastructure presentation, Mynog5
Resource Public Key Infrastructure presentation, Mynog5APNIC
 
Cyber Security Week 2015: Get involved and contribute
Cyber Security Week 2015: Get involved and contributeCyber Security Week 2015: Get involved and contribute
Cyber Security Week 2015: Get involved and contributeAPNIC
 
APNIC Policy Webinar
APNIC Policy Webinar APNIC Policy Webinar
APNIC Policy Webinar Siena Perry
 

Recommended

Policy SIG Report
Policy SIG ReportPolicy SIG Report
Policy SIG ReportAPNIC
 
NRO Update
NRO UpdateNRO Update
NRO UpdateAPNIC
 
TWNIC OPM 2015: Network Operator Groups
TWNIC OPM 2015: Network Operator GroupsTWNIC OPM 2015: Network Operator Groups
TWNIC OPM 2015: Network Operator GroupsAPNIC
 
APNIC Secretariat Report
APNIC Secretariat ReportAPNIC Secretariat Report
APNIC Secretariat ReportAPNIC
 
IPv6 Readiness Measurement BoF Report
IPv6 Readiness Measurement BoF ReportIPv6 Readiness Measurement BoF Report
IPv6 Readiness Measurement BoF ReportAPNIC
 
Resource Public Key Infrastructure presentation, Mynog5
Resource Public Key Infrastructure presentation, Mynog5Resource Public Key Infrastructure presentation, Mynog5
Resource Public Key Infrastructure presentation, Mynog5APNIC
 
Cyber Security Week 2015: Get involved and contribute
Cyber Security Week 2015: Get involved and contributeCyber Security Week 2015: Get involved and contribute
Cyber Security Week 2015: Get involved and contributeAPNIC
 
APNIC Policy Webinar
APNIC Policy Webinar APNIC Policy Webinar
APNIC Policy Webinar Siena Perry
 
APNIC Update - MMNOG 2017
APNIC Update - MMNOG 2017APNIC Update - MMNOG 2017
APNIC Update - MMNOG 2017APNIC
 
Cybersecurity response in the Pacific
Cybersecurity response in the PacificCybersecurity response in the Pacific
Cybersecurity response in the PacificAPNIC
 
IGFA 2017: Introduction to APNIC and Regional Internet Registries
IGFA 2017: Introduction to APNIC and Regional Internet RegistriesIGFA 2017: Introduction to APNIC and Regional Internet Registries
IGFA 2017: Introduction to APNIC and Regional Internet RegistriesAPNIC
 
Government Policy and IPv6 Adoption
Government Policy and IPv6 AdoptionGovernment Policy and IPv6 Adoption
Government Policy and IPv6 AdoptionAPNIC
 
APNIC Update: Infotel 2014
APNIC Update: Infotel 2014APNIC Update: Infotel 2014
APNIC Update: Infotel 2014APNIC
 
CNCERT Conference 2017: Capacity development in the Asia Pacific
CNCERT Conference 2017: Capacity development in the Asia PacificCNCERT Conference 2017: Capacity development in the Asia Pacific
CNCERT Conference 2017: Capacity development in the Asia PacificAPNIC
 
Internet number resources - what's new?
Internet number resources - what's new?Internet number resources - what's new?
Internet number resources - what's new?APNIC
 
IP addressing policies, What does this mean? - APT Policy and Regulation Forum
IP addressing policies, What does this mean? - APT Policy and Regulation ForumIP addressing policies, What does this mean? - APT Policy and Regulation Forum
IP addressing policies, What does this mean? - APT Policy and Regulation ForumAPNIC
 
IANA Stewardship Transition Consultation - APNIC 38
IANA Stewardship Transition Consultation - APNIC 38IANA Stewardship Transition Consultation - APNIC 38
IANA Stewardship Transition Consultation - APNIC 38APNIC
 
APNIC Update- PITA Member Meeting, Honolulu, 2015
APNIC Update- PITA Member Meeting, Honolulu, 2015APNIC Update- PITA Member Meeting, Honolulu, 2015
APNIC Update- PITA Member Meeting, Honolulu, 2015APNIC
 
NTT-CERT Activities by Yoshiki Sugiura [APRICOT 2015]
NTT-CERT Activities by Yoshiki Sugiura [APRICOT 2015]NTT-CERT Activities by Yoshiki Sugiura [APRICOT 2015]
NTT-CERT Activities by Yoshiki Sugiura [APRICOT 2015]APNIC
 
IANA Transition Update, August 2016
IANA Transition Update, August 2016IANA Transition Update, August 2016
IANA Transition Update, August 2016APNIC
 
Enhancing security incident response capabilities in the AP
Enhancing security incident response capabilities in the AP Enhancing security incident response capabilities in the AP
Enhancing security incident response capabilities in the AP APNIC
 
APNIC Update, APEC TEL 54
APNIC Update, APEC TEL 54APNIC Update, APEC TEL 54
APNIC Update, APEC TEL 54APNIC
 
An introduction to APNIC
An introduction to APNICAn introduction to APNIC
An introduction to APNICAPNIC
 
Apnic update-btnog1-sc
Apnic update-btnog1-scApnic update-btnog1-sc
Apnic update-btnog1-scAPNIC
 
EC proposal: Formation of a Cooperation SIG, by Akinori Maemura [APNIC 38 / B...
EC proposal: Formation of a Cooperation SIG, by Akinori Maemura [APNIC 38 / B...EC proposal: Formation of a Cooperation SIG, by Akinori Maemura [APNIC 38 / B...
EC proposal: Formation of a Cooperation SIG, by Akinori Maemura [APNIC 38 / B...APNIC
 
IOT, It's the Internet...only bigger
IOT, It's the Internet...only biggerIOT, It's the Internet...only bigger
IOT, It's the Internet...only biggerAPNIC
 
AFRINIC 26/AIS 2017: APNIC Update
AFRINIC 26/AIS 2017: APNIC UpdateAFRINIC 26/AIS 2017: APNIC Update
AFRINIC 26/AIS 2017: APNIC UpdateAPNIC
 
IPv6 in Vietnam + APNIC Update
IPv6 in Vietnam + APNIC UpdateIPv6 in Vietnam + APNIC Update
IPv6 in Vietnam + APNIC UpdateAPNIC
 
Information systems engineering
Information systems engineeringInformation systems engineering
Information systems engineeringEssaysREasy
 
Information and Knowledge Services: finding Structure in Complexity
Information and Knowledge Services: finding Structure in ComplexityInformation and Knowledge Services: finding Structure in Complexity
Information and Knowledge Services: finding Structure in ComplexityAlbert Simard
 

More Related Content

What's hot

APNIC Update - MMNOG 2017
APNIC Update - MMNOG 2017APNIC Update - MMNOG 2017
APNIC Update - MMNOG 2017APNIC
 
Cybersecurity response in the Pacific
Cybersecurity response in the PacificCybersecurity response in the Pacific
Cybersecurity response in the PacificAPNIC
 
IGFA 2017: Introduction to APNIC and Regional Internet Registries
IGFA 2017: Introduction to APNIC and Regional Internet RegistriesIGFA 2017: Introduction to APNIC and Regional Internet Registries
IGFA 2017: Introduction to APNIC and Regional Internet RegistriesAPNIC
 
Government Policy and IPv6 Adoption
Government Policy and IPv6 AdoptionGovernment Policy and IPv6 Adoption
Government Policy and IPv6 AdoptionAPNIC
 
APNIC Update: Infotel 2014
APNIC Update: Infotel 2014APNIC Update: Infotel 2014
APNIC Update: Infotel 2014APNIC
 
CNCERT Conference 2017: Capacity development in the Asia Pacific
CNCERT Conference 2017: Capacity development in the Asia PacificCNCERT Conference 2017: Capacity development in the Asia Pacific
CNCERT Conference 2017: Capacity development in the Asia PacificAPNIC
 
Internet number resources - what's new?
Internet number resources - what's new?Internet number resources - what's new?
Internet number resources - what's new?APNIC
 
IP addressing policies, What does this mean? - APT Policy and Regulation Forum
IP addressing policies, What does this mean? - APT Policy and Regulation ForumIP addressing policies, What does this mean? - APT Policy and Regulation Forum
IP addressing policies, What does this mean? - APT Policy and Regulation ForumAPNIC
 
IANA Stewardship Transition Consultation - APNIC 38
IANA Stewardship Transition Consultation - APNIC 38IANA Stewardship Transition Consultation - APNIC 38
IANA Stewardship Transition Consultation - APNIC 38APNIC
 
APNIC Update- PITA Member Meeting, Honolulu, 2015
APNIC Update- PITA Member Meeting, Honolulu, 2015APNIC Update- PITA Member Meeting, Honolulu, 2015
APNIC Update- PITA Member Meeting, Honolulu, 2015APNIC
 
NTT-CERT Activities by Yoshiki Sugiura [APRICOT 2015]
NTT-CERT Activities by Yoshiki Sugiura [APRICOT 2015]NTT-CERT Activities by Yoshiki Sugiura [APRICOT 2015]
NTT-CERT Activities by Yoshiki Sugiura [APRICOT 2015]APNIC
 
IANA Transition Update, August 2016
IANA Transition Update, August 2016IANA Transition Update, August 2016
IANA Transition Update, August 2016APNIC
 
Enhancing security incident response capabilities in the AP
Enhancing security incident response capabilities in the AP Enhancing security incident response capabilities in the AP
Enhancing security incident response capabilities in the AP APNIC
 
APNIC Update, APEC TEL 54
APNIC Update, APEC TEL 54APNIC Update, APEC TEL 54
APNIC Update, APEC TEL 54APNIC
 
An introduction to APNIC
An introduction to APNICAn introduction to APNIC
An introduction to APNICAPNIC
 
Apnic update-btnog1-sc
Apnic update-btnog1-scApnic update-btnog1-sc
Apnic update-btnog1-scAPNIC
 
EC proposal: Formation of a Cooperation SIG, by Akinori Maemura [APNIC 38 / B...
EC proposal: Formation of a Cooperation SIG, by Akinori Maemura [APNIC 38 / B...EC proposal: Formation of a Cooperation SIG, by Akinori Maemura [APNIC 38 / B...
EC proposal: Formation of a Cooperation SIG, by Akinori Maemura [APNIC 38 / B...APNIC
 
IOT, It's the Internet...only bigger
IOT, It's the Internet...only biggerIOT, It's the Internet...only bigger
IOT, It's the Internet...only biggerAPNIC
 
AFRINIC 26/AIS 2017: APNIC Update
AFRINIC 26/AIS 2017: APNIC UpdateAFRINIC 26/AIS 2017: APNIC Update
AFRINIC 26/AIS 2017: APNIC UpdateAPNIC
 
IPv6 in Vietnam + APNIC Update
IPv6 in Vietnam + APNIC UpdateIPv6 in Vietnam + APNIC Update
IPv6 in Vietnam + APNIC UpdateAPNIC
 

What's hot (20)

APNIC Update - MMNOG 2017
APNIC Update - MMNOG 2017APNIC Update - MMNOG 2017
APNIC Update - MMNOG 2017
 
Cybersecurity response in the Pacific
Cybersecurity response in the PacificCybersecurity response in the Pacific
Cybersecurity response in the Pacific
 
IGFA 2017: Introduction to APNIC and Regional Internet Registries
IGFA 2017: Introduction to APNIC and Regional Internet RegistriesIGFA 2017: Introduction to APNIC and Regional Internet Registries
IGFA 2017: Introduction to APNIC and Regional Internet Registries
 
Government Policy and IPv6 Adoption
Government Policy and IPv6 AdoptionGovernment Policy and IPv6 Adoption
Government Policy and IPv6 Adoption
 
APNIC Update: Infotel 2014
APNIC Update: Infotel 2014APNIC Update: Infotel 2014
APNIC Update: Infotel 2014
 
CNCERT Conference 2017: Capacity development in the Asia Pacific
CNCERT Conference 2017: Capacity development in the Asia PacificCNCERT Conference 2017: Capacity development in the Asia Pacific
CNCERT Conference 2017: Capacity development in the Asia Pacific
 
Internet number resources - what's new?
Internet number resources - what's new?Internet number resources - what's new?
Internet number resources - what's new?
 
IP addressing policies, What does this mean? - APT Policy and Regulation Forum
IP addressing policies, What does this mean? - APT Policy and Regulation ForumIP addressing policies, What does this mean? - APT Policy and Regulation Forum
IP addressing policies, What does this mean? - APT Policy and Regulation Forum
 
IANA Stewardship Transition Consultation - APNIC 38
IANA Stewardship Transition Consultation - APNIC 38IANA Stewardship Transition Consultation - APNIC 38
IANA Stewardship Transition Consultation - APNIC 38
 
APNIC Update- PITA Member Meeting, Honolulu, 2015
APNIC Update- PITA Member Meeting, Honolulu, 2015APNIC Update- PITA Member Meeting, Honolulu, 2015
APNIC Update- PITA Member Meeting, Honolulu, 2015
 
NTT-CERT Activities by Yoshiki Sugiura [APRICOT 2015]
NTT-CERT Activities by Yoshiki Sugiura [APRICOT 2015]NTT-CERT Activities by Yoshiki Sugiura [APRICOT 2015]
NTT-CERT Activities by Yoshiki Sugiura [APRICOT 2015]
 
IANA Transition Update, August 2016
IANA Transition Update, August 2016IANA Transition Update, August 2016
IANA Transition Update, August 2016
 
Enhancing security incident response capabilities in the AP
Enhancing security incident response capabilities in the AP Enhancing security incident response capabilities in the AP
Enhancing security incident response capabilities in the AP
 
APNIC Update, APEC TEL 54
APNIC Update, APEC TEL 54APNIC Update, APEC TEL 54
APNIC Update, APEC TEL 54
 
An introduction to APNIC
An introduction to APNICAn introduction to APNIC
An introduction to APNIC
 
Apnic update-btnog1-sc
Apnic update-btnog1-scApnic update-btnog1-sc
Apnic update-btnog1-sc
 
EC proposal: Formation of a Cooperation SIG, by Akinori Maemura [APNIC 38 / B...
EC proposal: Formation of a Cooperation SIG, by Akinori Maemura [APNIC 38 / B...EC proposal: Formation of a Cooperation SIG, by Akinori Maemura [APNIC 38 / B...
EC proposal: Formation of a Cooperation SIG, by Akinori Maemura [APNIC 38 / B...
 
IOT, It's the Internet...only bigger
IOT, It's the Internet...only biggerIOT, It's the Internet...only bigger
IOT, It's the Internet...only bigger
 
AFRINIC 26/AIS 2017: APNIC Update
AFRINIC 26/AIS 2017: APNIC UpdateAFRINIC 26/AIS 2017: APNIC Update
AFRINIC 26/AIS 2017: APNIC Update
 
IPv6 in Vietnam + APNIC Update
IPv6 in Vietnam + APNIC UpdateIPv6 in Vietnam + APNIC Update
IPv6 in Vietnam + APNIC Update
 

Viewers also liked

Information systems engineering
Information systems engineeringInformation systems engineering
Information systems engineeringEssaysREasy
 
Information and Knowledge Services: finding Structure in Complexity
Information and Knowledge Services: finding Structure in ComplexityInformation and Knowledge Services: finding Structure in Complexity
Information and Knowledge Services: finding Structure in ComplexityAlbert Simard
 
Information Technology & Its Role in the Modern Organization
Information Technology & Its Role in the Modern OrganizationInformation Technology & Its Role in the Modern Organization
Information Technology & Its Role in the Modern OrganizationIT-Toolkits.org
 
Information system a system view
Information system a system viewInformation system a system view
Information system a system viewJack Zheng
 
Strategies for Effective Hardware and Software Asset Management
Strategies for Effective Hardware and Software Asset ManagementStrategies for Effective Hardware and Software Asset Management
Strategies for Effective Hardware and Software Asset ManagementCA Technologies
 
Introduction to information systems and the role of information systems in bu...
Introduction to information systems and the role of information systems in bu...Introduction to information systems and the role of information systems in bu...
Introduction to information systems and the role of information systems in bu...Ultraspectra
 
Knowledge based systems
Knowledge based systemsKnowledge based systems
Knowledge based systemsYowan Rdotexe
 
Information System Concepts & Types of Information Systems
Information System Concepts & Types of Information SystemsInformation System Concepts & Types of Information Systems
Information System Concepts & Types of Information SystemsVR Talsaniya
 
Introduction to information technology lecture 1
Introduction to information technology lecture 1Introduction to information technology lecture 1
Introduction to information technology lecture 1adpafit
 

Viewers also liked (10)

Information systems engineering
Information systems engineeringInformation systems engineering
Information systems engineering
 
Information and Knowledge Services: finding Structure in Complexity
Information and Knowledge Services: finding Structure in ComplexityInformation and Knowledge Services: finding Structure in Complexity
Information and Knowledge Services: finding Structure in Complexity
 
Information Technology & Its Role in the Modern Organization
Information Technology & Its Role in the Modern OrganizationInformation Technology & Its Role in the Modern Organization
Information Technology & Its Role in the Modern Organization
 
Information system a system view
Information system a system viewInformation system a system view
Information system a system view
 
Strategies for Effective Hardware and Software Asset Management
Strategies for Effective Hardware and Software Asset ManagementStrategies for Effective Hardware and Software Asset Management
Strategies for Effective Hardware and Software Asset Management
 
Introduction to information systems and the role of information systems in bu...
Introduction to information systems and the role of information systems in bu...Introduction to information systems and the role of information systems in bu...
Introduction to information systems and the role of information systems in bu...
 
Mis notes
Mis notesMis notes
Mis notes
 
Knowledge based systems
Knowledge based systemsKnowledge based systems
Knowledge based systems
 
Information System Concepts & Types of Information Systems
Information System Concepts & Types of Information SystemsInformation System Concepts & Types of Information Systems
Information System Concepts & Types of Information Systems
 
Introduction to information technology lecture 1
Introduction to information technology lecture 1Introduction to information technology lecture 1
Introduction to information technology lecture 1
 

Similar to Information Exchange Collaboration across Technical/Operational/Policy Boundaries

Embedded Security and the IoT – Challenges, Trends and Solutions
Embedded Security and the IoT – Challenges, Trends and SolutionsEmbedded Security and the IoT – Challenges, Trends and Solutions
Embedded Security and the IoT – Challenges, Trends and SolutionsReal-Time Innovations (RTI)
 
e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018
e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018 e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018
e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018 e-SIDES.eu
 
Data Distribution Service Security and the Industrial Internet of Things
Data Distribution Service Security and the Industrial Internet of ThingsData Distribution Service Security and the Industrial Internet of Things
Data Distribution Service Security and the Industrial Internet of ThingsReal-Time Innovations (RTI)
 
IoT spending to surpass $800 billion in 2017, led by hardware
IoT spending to surpass $800 billion in 2017, led by hardwareIoT spending to surpass $800 billion in 2017, led by hardware
IoT spending to surpass $800 billion in 2017, led by hardwarepaul young cpa, cga
 
IOT - internet of Things - August 2017
IOT - internet of Things - August 2017IOT - internet of Things - August 2017
IOT - internet of Things - August 2017paul young cpa, cga
 
Don’t Just Trust Cloud Providers - How To Audit Cloud Providers
Don’t Just Trust Cloud Providers - How To Audit Cloud ProvidersDon’t Just Trust Cloud Providers - How To Audit Cloud Providers
Don’t Just Trust Cloud Providers - How To Audit Cloud ProvidersMichael Davis
 
2015 NENA - SECURING 9-1-1 INFRASTRUCTURE IN THE NG9-1-1 WORLD
2015 NENA - SECURING 9-1-1 INFRASTRUCTURE IN THE NG9-1-1 WORLD2015 NENA - SECURING 9-1-1 INFRASTRUCTURE IN THE NG9-1-1 WORLD
2015 NENA - SECURING 9-1-1 INFRASTRUCTURE IN THE NG9-1-1 WORLDJack Kessler
 
The Inside Story: Leveraging the IIC's Industrial Internet Security Framework
The Inside Story: Leveraging the IIC's Industrial Internet Security FrameworkThe Inside Story: Leveraging the IIC's Industrial Internet Security Framework
The Inside Story: Leveraging the IIC's Industrial Internet Security FrameworkReal-Time Innovations (RTI)
 
Cyber security general perspective a
Cyber security general perspective aCyber security general perspective a
Cyber security general perspective amarukanda
 
Introduction to roof computing by Nishant Krishna
Introduction to roof computing by Nishant KrishnaIntroduction to roof computing by Nishant Krishna
Introduction to roof computing by Nishant KrishnaCodeOps Technologies LLP
 
IoT—Let’s Code Like It’s 1999!
IoT—Let’s Code Like It’s 1999!IoT—Let’s Code Like It’s 1999!
IoT—Let’s Code Like It’s 1999!TechWell
 
Indian perspective of cyber security
Indian perspective of cyber securityIndian perspective of cyber security
Indian perspective of cyber securityAurobindo Nayak
 
Overall System Architecture of Big Data of Wind Power Based on IoT_20161...
Overall System Architecture of Big Data of Wind Power Based on IoT_20161...Overall System Architecture of Big Data of Wind Power Based on IoT_20161...
Overall System Architecture of Big Data of Wind Power Based on IoT_20161...元 黄
 

Similar to Information Exchange Collaboration across Technical/Operational/Policy Boundaries (20)

Embedded Security and the IoT – Challenges, Trends and Solutions
Embedded Security and the IoT – Challenges, Trends and SolutionsEmbedded Security and the IoT – Challenges, Trends and Solutions
Embedded Security and the IoT – Challenges, Trends and Solutions
 
e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018
e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018 e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018
e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018
 
20161101 sdo support for cyber sa 3
20161101 sdo support for cyber sa 320161101 sdo support for cyber sa 3
20161101 sdo support for cyber sa 3
 
Ief information day 2017
Ief information day 2017Ief information day 2017
Ief information day 2017
 
Data Distribution Service Security and the Industrial Internet of Things
Data Distribution Service Security and the Industrial Internet of ThingsData Distribution Service Security and the Industrial Internet of Things
Data Distribution Service Security and the Industrial Internet of Things
 
IoT spending to surpass $800 billion in 2017, led by hardware
IoT spending to surpass $800 billion in 2017, led by hardwareIoT spending to surpass $800 billion in 2017, led by hardware
IoT spending to surpass $800 billion in 2017, led by hardware
 
IOT - internet of Things - August 2017
IOT - internet of Things - August 2017IOT - internet of Things - August 2017
IOT - internet of Things - August 2017
 
Don’t Just Trust Cloud Providers - How To Audit Cloud Providers
Don’t Just Trust Cloud Providers - How To Audit Cloud ProvidersDon’t Just Trust Cloud Providers - How To Audit Cloud Providers
Don’t Just Trust Cloud Providers - How To Audit Cloud Providers
 
2015 NENA - SECURING 9-1-1 INFRASTRUCTURE IN THE NG9-1-1 WORLD
2015 NENA - SECURING 9-1-1 INFRASTRUCTURE IN THE NG9-1-1 WORLD2015 NENA - SECURING 9-1-1 INFRASTRUCTURE IN THE NG9-1-1 WORLD
2015 NENA - SECURING 9-1-1 INFRASTRUCTURE IN THE NG9-1-1 WORLD
 
The Inside Story: Leveraging the IIC's Industrial Internet Security Framework
The Inside Story: Leveraging the IIC's Industrial Internet Security FrameworkThe Inside Story: Leveraging the IIC's Industrial Internet Security Framework
The Inside Story: Leveraging the IIC's Industrial Internet Security Framework
 
Cyber security general perspective a
Cyber security general perspective aCyber security general perspective a
Cyber security general perspective a
 
Introduction to roof computing by Nishant Krishna
Introduction to roof computing by Nishant KrishnaIntroduction to roof computing by Nishant Krishna
Introduction to roof computing by Nishant Krishna
 
IoT—Let’s Code Like It’s 1999!
IoT—Let’s Code Like It’s 1999!IoT—Let’s Code Like It’s 1999!
IoT—Let’s Code Like It’s 1999!
 
The public sector and integrated operations
The public sector and integrated operationsThe public sector and integrated operations
The public sector and integrated operations
 
201403xx ief reference architecture (gtf)
201403xx ief reference architecture (gtf)201403xx ief reference architecture (gtf)
201403xx ief reference architecture (gtf)
 
Network security
Network securityNetwork security
Network security
 
2-25-2014 Part 1 - NRECA Kickoff Meeting v2
2-25-2014 Part 1 - NRECA Kickoff Meeting v22-25-2014 Part 1 - NRECA Kickoff Meeting v2
2-25-2014 Part 1 - NRECA Kickoff Meeting v2
 
Nreca kickoff meeting
Nreca kickoff meetingNreca kickoff meeting
Nreca kickoff meeting
 
Indian perspective of cyber security
Indian perspective of cyber securityIndian perspective of cyber security
Indian perspective of cyber security
 
Overall System Architecture of Big Data of Wind Power Based on IoT_20161...
Overall System Architecture of Big Data of Wind Power Based on IoT_20161...Overall System Architecture of Big Data of Wind Power Based on IoT_20161...
Overall System Architecture of Big Data of Wind Power Based on IoT_20161...
 

More from APNIC

DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024APNIC
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...APNIC
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024APNIC
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGAPNIC
 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119APNIC
 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119APNIC
 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119APNIC
 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119APNIC
 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119APNIC
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...APNIC
 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonAPNIC
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonAPNIC
 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPNIC
 
Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6APNIC
 
AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!APNIC
 
CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023APNIC
 
AFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAPNIC
 
AFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment StatusAFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment StatusAPNIC
 
AFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressingAFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressingAPNIC
 

More from APNIC (20)

DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119
 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff Huston
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
 
Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6
 
AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!
 
CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023
 
AFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet development
 
AFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment StatusAFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment Status
 
AFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressingAFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressing
 

Recently uploaded

Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts servicevipmodelshub1
 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...tanu pandey
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxellan12
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...Diya Sharma
 
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...SofiyaSharma5
 
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebJames Anderson
 
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girladitipandeya
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsThierry TROUIN ☁
 
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Radiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsRadiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsstephieert
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya Shirtrahman018755
 
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceDelhi Call girls
 
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With RoomVIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Roomdivyansh0kumar0
 
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Delhi Call girls
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Roomdivyansh0kumar0
 

Recently uploaded (20)

Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
 
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
 
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
 
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
 
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with Flows
 
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Radiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsRadiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girls
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
 
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
 
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
 
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
 
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With RoomVIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
 
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
 

Information Exchange Collaboration across Technical/Operational/Policy Boundaries

  • 1. © Copyright 2016 Farsight Security, Inc. All Right Reserved. FARSIGHT SECURITY M e r i k e K a e o , C T O m e r i k e @ f s i . i o Information Exchange Collaboration Across Technical/Operational/Policy Boundaries
  • 2. DISCUSSION POINTS •  Introduction and Background •  Barriers to Sharing •  Communities of Trust •  Global Efforts To Bring About Action •  Evolving Standards and Frameworks •  Being Part of the Solution
  • 3. BACKGROUND – MERIKE KÄO •  Work History –  National Institutes of Health (Network Engineer, 1988-1993) –  Cisco Systems (Network Architect, 1993-2000) –  Double Shot Security (Founder, 2000-2012) –  IID (CISO, 2013-2014) –  Farsight Security (CTO, 2014 – present) •  Industry Recognition/Participation –  Authored “Designing Network Security” –  Active Contributor to IETF Standards –  SSAC member (ICANN) –  IP6 Forum fellow since 2007 –  Member of FCC CSRIC III (Botnet remediation) –  Member of EU NIS WG2
  • 4. BARRIERS TO SHARING Technical Creating the resilient infrastructure for data sharing that can support a variety of data types and formats. Policy Creating the appropriate legal structure(s) to foster comprehensive data sharing without cumbersome legal liabilities. Governance Business rules by which members of a network share, what they share, and with whom they share.
  • 5. A PERIOD OF RAPID CHANGE •  Intelligent, interconnected devices are continuing to be connected to the global Internet •  Data is accumulating faster than it can be organized or effectively protected •  The complexity of the Internet ecosystem creates a rich environment exploitable by activists, criminals, and nation states •  Data will continue be stolen or modified using subtle, persistent, directed attacks
  • 6. CRIMINALS HAVE NO BARRIERS •  Websites advertise Botnets and malware for hire •  Vulnerabilities and Exploits are traded on open market •  There are no enforced rules for NOT sharing •  Social media is making sharing more efficient Choose Custom Botnet -  Number of Hosts -  Geographic Region -  Bandwidth -  Duration -  etc
  • 7. BREAKING THE BARRIERS OF SHARING •  Legal •  Technical – Interoperability – End to end automation •  Procedural •  Trust Issues •  Insufficient Interest
  • 9. AND THERE’S MORE… •  Industry Sectors Aerospace, Automotive, Aviation, Chemical Industry, Construction, Consumer Products, Education, Energy, Environment, Financial (Banking, Exchanges, Insurance, Payments), Food, Health, Heating&Ventilation, Machine Safety, Materials, Nanotechnology, Oil&Gas, Pharmaceutical, Research Facilities, Services, Smart Metering, Space,Transport (Road, Rail, Shipping), etc. •  National Initiatives UN, NATO, EU, Africa, National CERTs, etc.
  • 10. GLOBAL EFFORTS FOR ACTION •  DNS-OARC: DNS System Security •  FIRST: Vulnerability management •  ISACs: Specialized Interest Groups •  M3AAWG / APWG: Anti SPAM, Phishing and Crime •  NSP-SEC: Big Backbone Providers and IP Based Remediation •  OPSEC-Trust: Situational Awareness
  • 11. MODELS, METHODS AND MECHANISMS •  Models of Exchange –  Voluntary exchange vs Mandatory disclosure •  Methods of Exchange –  Trust-based –  Formalized –  Security clearance-based –  Ad-hoc •  Mechanisms of Exchange –  Person to person –  Machine to machine
  • 12. THE UNKNOWN – HOW CAN IT HARM YOU? •  Estonia Example (2007) –  Creating trust •  TC-FIRST •  Global Operation Security Teams –  Cross functional meetings –  Known roles due to e-voting (2005) –  Government facilitated communication and tactics –  Openness with information sharing was critical
  • 13. DO YOU HAVE A CIRT? •  You Should Have a Computer Incident response Team –  Who is part of this? –  What are their responsibilities? •  Important – Define a single individual to be in charge (also have a backup for that individual) •  Know who you need to contact –  Legal / regulatory responsibility –  Upstream ISPs who may help filter on DDoS attacks –  Impacted individuals
  • 14. CONTINUE TO INCREASE SHARING •  Initial Step – Build Trust Thru Networking •  Start by sharing for specific use cases that don’t impact privacy and personally identifiable information (PII) –  SSH Brute Force Attacks –  DNS/SMTP/NTP Amplification Attacks –  Passive DNS Information •  Investigate how to share data that may impact privacy/PII and what can be anonymized but still be useful –  SPAM / Phishing details
  • 15. THOUGHTS ON PASSIVE DNS •  DNS is used by ALL electronic communications •  pDNS still new to many people despite existing since 2004 •  PII issues depend on where you do your observations •  Valuable data that is shared to get information on malware campaigns
  • 16. EVOLVING STANDARDS & FRAMEWORKS •  FIRST Initiatives –  Traffic Light Protocol (TLP) SIG –  Information Exchange Policy (IEP) SIG –  Information Sharing SIG •  OASIS –  Cybox/STIX/TAXII •  Other Ongoing Work –  NIST / ENISA –  IETF
  • 17. TLP – OLD VS EVOLVING
  • 18. WHAT CREATES POLICY COMPLEXITY ? •  Variations in global privacy laws and legal liability –  Many sharing initiatives based on bi-lateral agreements •  Variations in policy interpretations – Who do you share with ? – How do you protect data ? – What are you allowed to do with the data?
  • 19. INFORMATION EXCHANGE POLICY (IEP) •  Work started over 2 years ago •  FIRST was natural place to get global participation •  Initial v1.0 Framework done –  https://www.first.org/global/sigs/iep –  Information Sharing SIG utilizing it –  Unifying with OASIS STIX •  Work ongoing –  Other operational sharing groups asking for clarifications
  • 21. IEP and STIX •  IEP Appendix A –  STIX JSON representation of an IEP implementation •  Close collaboration with OASIS –  STIX 2.0 documentation has reference to IEP –  IEP work ongoing to include IEP within STIX
  • 22. BEING PART OF THE SOLUTION •  Participate in policy work •  Work with national CIRT teams •  Help formulate privacy laws that protect citizens personal privacy but don’t hinder protecting critical electronic communications •  Share what you can and help cross-functional education
  • 23. © Copyright 2016 Farsight Security, Inc. All Right Reserved. QUESTIONS ? FARSIGHT SECURITY