Work Items | - Scope of ICANN’s SSR responsibilities: action zone, influence zone, coordination zone.
- Effectiveness of ICANN’s SSR framework, SSR Plan and its implementation.
- Physical security requirements in place and enforcement of minimum security specification for DNSSEC key storage Facility.
- Level of compliance requirement for registrars agreements
- SLAM and performance indicators
- ICANN’s role in helping to mitigate DDoS 1. Operational 2. Other (Lroot, zone ICANN is resp for, domain name contractual obligations/compliance, security training)
- Measures and metrics (incorporate in all topics and subteams)
- What are, and how can the community measure the relevant DNS abuses - The evidence base: DNS health index and abuse data. What the evidence tells us; access to information (risks and benefits) - ICANN's internal security, stability and resiliency operations:
- Allocation of resources and priority within the organisation (includes budget and staffing) - Outreach and public information role (training, vulnerability disclosure, system attack mitigation etc) - Risk management, compliance with relevant frameworks. - White-hat operations
- What are the white-hat operations that are taken in ICANN space that may need exceptional handling (gratis for registering sink-holes, etc.) (can this be included in improving security of unique identifiers/threat mitigation?) - The sub team will be responsible for reviewing the completeness and effectiveness of ICANNs internal security processes and the effectiveness of the ICANN security framework.
- Due to ICANN’s orientation to ISO/IEC 27001 (and ISO 22301? - BCMS) I would recommend to provide a gap-analysis to the normative requirements of the management part and Annex A of the ISO standard based on the SoA (Scope).
- Perform interviews and review descriptions and evidence of: * ISMS / BCMS Scope * Information security policy * Information risk assessment and risk treatment processes * Information security objectives * Information security roles and responsibilities * ISMS internal audit program and results of conducted audits * Operational planning and control documents * Evidence of top management reviews of the ISMS (Note: Gap assessment only)
- Various others from the Annex A like rules for acceptable use of assets, access control policy, operating procedures, confidentiality or non-disclosure agreements, secure system engineering principles, information security policy for supplier relationships, etc. (Note: Gap assessment only)
- Categorize and prioritize the outcome of the analysis
- Develop a short-, medium- and long-term schedule to implement different controls in accordance to the requirements
- Define a set of metrics to measure the effectiveness of the implementation (Note: Items 12 – 16 linked)
- Analyze policies and procedures that are essential to ICANN identifier systems activities
- Analyze ICANN internal procedures essential for SSR of the organization and global operations
- Business continuity planning
- Security Framework
- Incident response planning
- Coordinated Vulnerability Disclosure Process
- Assess ICANNs ability to respond to strategic threats to the unique identifiers it coordinates.'
- Vetting process for EBERO operators.
- ICANN processes around vetting registry operators - Nick Shorey observer
- Corporate Data Security and/or Business Systems
- What is the scope of ICANN’s threat modeling?
- How effective it is ICANN risk management?
- If I how ICANNs security efforts related to the DNS?
- How ICANN measures the effectiveness as security efforts?
- What are ICANN’s security efforts? (x2)
- Review ICANN security procedures.
- How are we distinguishing operational stability and security from measures that stem from compliance issues?
- What does “interoperable security processes” mean?
- What is the current state of ICANN and disaster and operational recovery planning?
- What is the appropriate security contingency planning framework?
- What is ICANN doing in the area of interoperable security STDs to monitor? (ITHI)
|