[Bp_certs] Launch - IGF Best Practices - CERTS

Robert Guerra rguerra at privaterra.org
Wed Jul 2 08:05:47 EDT 2014 

Constance,

Let me echo the comments by Karen and other about setting up this much needed group. 

Several of us at the Citizen Lab have been commenting on the challenges and opportunities facing the CERT community. Specifically we see a strategic need to improve the level of evidence based policy to document threats and including civil society organizations and academic researchers.

In developing best practices, i’d be interested in ways on how “enhanced co-operation” could be developed to better engage and document the very sophisticated threats facing  Civil Society organizations in at-risk and/or conflict environments.

regards

Robert
—

Robert Guerra
Phone: +1 416-893-0377 
Twitter: twitter.com/netfreedom 
Email: rguerra at privaterra.org

On Jul 1, 2014, at 7:00 PM, Karen Mulberry <mulberry at isoc.org> wrote:

> Constance,
> 
> Thank you for getting the group organized.
> 
> I think the best approach to get us started might be to start a discussion on the definition of the issue under the “Establishing and supporting Computer Emergency Response Teams (CERTS) for internet security”
> 
> We need to identify what it is that we will be framing in a draft outcome report for the IGF meeting in September.
> 
> Here are some thoughts on CERTs to start the exchange:
> 
> - The formation of national and regional CERTS provide an early warning system to company’s and users on monitoring and reporting the detection of security vulnerabilities and intrusion attempts.
> - The details shared through the CERT by trusted providers assist investigators, forensics and law enforcement in dealing with cyber crime and in supporting network security responses to threats encountered on the Internet
> 
> The issue as I see it is that without the secure and trusted information exchanged though the CERT, the exchange of encountered data threats, early warning notices and support for the risks encountered will not be there for networks, ISPs and law enforcement to work together to deal with the threat to the Internet and its users.
> 
> I would welcome more expert insight on the issue of CERTs and how the problem statement should be framed for the work going forward in this group.
> 
> Karen Mulberry
> Policy Advisor
> Internet Society
> mulberry at isoc.org
> tel: +1.303.668.8855
> www.isoc.org
> 
> On Jun 30, 2014, at 1:58 PM, Constance Bommelaer <bommelaer at isoc.org> wrote:
> 
> 
> Dear colleagues,
> 
> Thank you for joining the preparatory process of the IGF Best Practices Forum on "Establishing and Supporting CERTS for Internet security ". 
> 
> I would like to start by introducing the Lead Experts of this process, Christine Hoepers (General Manager of the Brazilian CERT), Maarten Van Horenbeeck (Chair of FIRST) and Adli Wahid (member of the FIRST SC).
> 
> The Lead Experts, supported by independent consultants, will engage with the community in a view to exchanging on existing practices and discussing ways to further collaborate. A discussion of unintended consequences, both positive and negative, of mistakes that were made and of lessons learned will further enrich an understanding of what has been accomplished. The means employed to achieve a solution are as important as a learning experience as the actual ends achieved (see attachment). 
> Between now and beginning of September, the communities will work through mailing lists and online virtual meetings.The discussion will be documented by independent experts and feed into five 90 minute sessions in Istanbul, that will in turn report into a Best Practices wrap up session.  A summary booklet/handout on each Best Practice discussions/sessions is also one of the intended outcomes to be published after the IGF 2014 meeting.
> 
> Immediate asks to all participants:
> Respond to the questions attached in the common template for Best Practices Forums. 
> Send contributions on existing Best Practices, either from the public or the private sector, to start documenting the discussion. 
> Invite other colleague experts to join this list: http://www.intgovforum.org/cms/open-call-to-join-igf-best-practices-forums-preparatory-process 
> 
> Next Steps: 
> Lead Experts will conduct the discussions on this list.
> They will also work with the IGF Secretariat to set-up regular webinars including all participants. 
> 
> Best regards,
> 
> -- 
> Constance Bommelaer
> Senior Director, Global Policy Partnerships
> The Internet Society
> www.isoc.org 
> 
> 
> 
> <BPF-Reporting-Template.docx>_______________________________________________
> Bp_certs mailing list
> Bp_certs at intgovforum.org
> http://mail.intgovforum.org/mailman/listinfo/bp_certs_intgovforum.org
> 
> _______________________________________________
> Bp_certs mailing list
> Bp_certs at intgovforum.org
> http://mail.intgovforum.org/mailman/listinfo/bp_certs_intgovforum.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://intgovforum.org/pipermail/bp_certs_intgovforum.org/attachments/20140702/f8027ba9/attachment.htm>

More information about the Bp_certs mailing list