SlideShare a Scribd company logo

The NZITF, a 'trust group’ of volunteers in a country with no National C, by Barry Brailey [APNIC 38 / Network Abuse BoF]

APNIC
APNIC

The NZITF, a 'trust group’ of volunteers in a country with no National C, by Barry Brailey. A presentation given at APNIC 38 during the Network Abuse BoF session.

Internet
1 of 24
New Zealand Internet Task Force Improving the cyber security posture of New Zealand Barry Brailey NZITF Chair
Programme • Introduc7on • Background • The Birth of a Trust Group • Ongoing work • Q&A
Who Am I? • Manager, Security Policy -­‐ .nz DNC • Chair – NZITF
What is the NZITF? The New Zealand Internet Task Force is a non-­‐ profit with the mission of improving the cyber security posture of New Zealand It is a collabora@ve effort based on mutual trust of it’s members
New Zealand (Middle Earth)
NZ is excellent for many reasons!
NZ Gov’t Cyber Security…… • 2002 -­‐ Centre for Cri7cal Infrastructure Protec7on • 2011 – Cyber Security Strategy (fairly brief) • 2012 – Na7onal Cyber Security Centre
The Security Landscape • The rise of ‘Worms and Trojans’ (Blaster, Welchia etc) • NASA & other ‘hacks’ • Estonia A^acks • Georgia A^acks • Ghostnet (Cyber espionage) • Conficker • Rise of the ‘Botnets’ • Stuxnet
The Birth of a Trust Group • Following BTF7, Conficker Working Group and Cyber Storm II in 2008 the NZ Botnet Task Force was formed • Renamed NZITF early 2009 as the focus evolved and membership expanded
Growing Up • Formally Incorporated in 2011 • Membership fee structure introduced • First adver7sed public event
NZITF Board • .nz DNC, Barry Brailey (Chair) • Security Consultant, Laura Bell (Vice-­‐Chair) • Bank of New Zealand, Chester Holmes (Secretary) • Independent Consultant, Dean Pemberton (Treasurer) • Dept. Internal Affairs, Toni Demetriou • NCSC, Mike Seddon • PwC, Adrian van Hest
The Way We Work • Members are nominated and vouched on • Traffic Light Protocol • Mee7ngs & Training • Working Groups • Mail list, Portal and Wiki • Fortnightly “Ops Call”
What has the NZITF done? • Coordina7ng technical training • Targeted Threat Workshop • Security Architecture training • Wireless Security Training course • Team Cymru Botnet Forensics • Honeynet Project and Shadowsever Botnet Defense/Offence courses • CSIRT introduc7on • Open Source Intelligence • Windows Reverse Engineering
NZITF Ini@a@ves • Some NZITF working groups: • CREST NZ • Cyber Exercising Framework • Botnet/Malware Data • Coordinated Disclosure Guidelines
Vulnerability Disclosure Example • Researcher finds potential flaw on MoJ website" • Researcher informs opposition MP" • Opposition give about 24hours notice and go to media" • Justice Minister responds:" “The ministry and I do not deal with hackers and we do not deal with burglars.”! Hon JUDITH COLLINS" "
Highlighted an issue in NZ • Report a security vulnerability to a New Zealand website - probably have a 50% chance of being reported to the Police" • The other 50% - spend a large amount of time trying to explain why it’s an issue" • Hence, while vulnerabilities are being found every day - they are never being reported or fixed
We had to do be^er! • NZITF WG draled ‘Coordinated Disclosure Guidelines’ • Released for public consulta7on last year • Consulted at OWASP and Kiwicon in NZ • Final version will be released shortly • Hope that it will help improve ‘maturity’ amongst website owners and businesses • NZRS has already adopted a great example
Recent ‘Opera7onal’ Changes • Heartbleed Response • Lack of Gov’t or defini7ve advice • Used our members and their media people • Fortnightly ‘OpsCalls’ – encouraging greater info sharing • Timely co-­‐ord and response to emerging threats • Prep work – group of volunteer “Coordinated Disclosure Handlers”
DNS Amplifica7on -­‐ Open Resolvers • Spark (NZ’s Largest ISP) affected across whole customer network • NZITF Follow up on ‘Open Resolvers in NZ’ ongoing -­‐ Shadowserver repor7ng very useful
Q&A info@nzio.org.nz barry@dnc.org.nz
Improving the cyber security posture of New Zealand
CREST NZ • The NZITF set up working group to establish CREST NZ Council of Registered Ethical Security Testers • No professional voice or representa7on for the penetra7on tes7ng industry • Lack of educa7on and training courses • Skill set shortage in New Zealand • Growing interna7onal cer7fica7on • CREST Australia is now up and running
Cyber Exercising Framework • Exercising tests and improves the levels of preparedness for a significant cyber incident • Develop a framework and schedule for conduc7ng cyber exercises: • Communica7ons Checks • Scenario Discussions • Table Top Exercises (TTX) • Na7onal and Interna7onal Full Play Exercises
Botnet/Malware Data • Assess current NZ infec7on rates • Iden7fy data sources of botnet infec7ons & compromised New Zealand websites • Recommend poten7al mi7ga7ons that could be effec7ve in New Zealand and the stakeholders for each • Iden7fy possible technical and policy based mi7ga7ons

Recommended

NWCSC March 2022 event.pptx
NWCSC March 2022 event.pptxNWCSC March 2022 event.pptx
NWCSC March 2022 event.pptxCyber Security Partners
 
ION Hangzhou - Opening Remarks
ION Hangzhou - Opening RemarksION Hangzhou - Opening Remarks
ION Hangzhou - Opening RemarksDeploy360 Programme (Internet Society)
 
ION Malta - DANE: The Future of TLS
ION Malta - DANE: The Future of TLSION Malta - DANE: The Future of TLS
ION Malta - DANE: The Future of TLSDeploy360 Programme (Internet Society)
 
Cybersecurity by the numbers
Cybersecurity by the numbersCybersecurity by the numbers
Cybersecurity by the numbersAPNIC
 
ION Malta - Introduction to DNSSEC
ION Malta - Introduction to DNSSECION Malta - Introduction to DNSSEC
ION Malta - Introduction to DNSSECDeploy360 Programme (Internet Society)
 
APNIC update PNG IXP Inauguration
APNIC update PNG IXP InaugurationAPNIC update PNG IXP Inauguration
APNIC update PNG IXP InaugurationAPNIC
 
Advantages of privacy by design in IoE
Advantages of privacy by design in IoEAdvantages of privacy by design in IoE
Advantages of privacy by design in IoEMarc Vael
 
Cyber Security Regional Forum: APNIC's cybersecurity work in the Pacific
Cyber Security Regional Forum: APNIC's cybersecurity work in the PacificCyber Security Regional Forum: APNIC's cybersecurity work in the Pacific
Cyber Security Regional Forum: APNIC's cybersecurity work in the PacificAPNIC
 

Recommended

NWCSC March 2022 event.pptx
NWCSC March 2022 event.pptxNWCSC March 2022 event.pptx
NWCSC March 2022 event.pptxCyber Security Partners
 
ION Hangzhou - Opening Remarks
ION Hangzhou - Opening RemarksION Hangzhou - Opening Remarks
ION Hangzhou - Opening RemarksDeploy360 Programme (Internet Society)
 
ION Malta - DANE: The Future of TLS
ION Malta - DANE: The Future of TLSION Malta - DANE: The Future of TLS
ION Malta - DANE: The Future of TLSDeploy360 Programme (Internet Society)
 
Cybersecurity by the numbers
Cybersecurity by the numbersCybersecurity by the numbers
Cybersecurity by the numbersAPNIC
 
ION Malta - Introduction to DNSSEC
ION Malta - Introduction to DNSSECION Malta - Introduction to DNSSEC
ION Malta - Introduction to DNSSECDeploy360 Programme (Internet Society)
 
APNIC update PNG IXP Inauguration
APNIC update PNG IXP InaugurationAPNIC update PNG IXP Inauguration
APNIC update PNG IXP InaugurationAPNIC
 
Advantages of privacy by design in IoE
Advantages of privacy by design in IoEAdvantages of privacy by design in IoE
Advantages of privacy by design in IoEMarc Vael
 
Cyber Security Regional Forum: APNIC's cybersecurity work in the Pacific
Cyber Security Regional Forum: APNIC's cybersecurity work in the PacificCyber Security Regional Forum: APNIC's cybersecurity work in the Pacific
Cyber Security Regional Forum: APNIC's cybersecurity work in the PacificAPNIC
 
ION Hangzhou - Keynote: Collaborative Security and an Open Internet
ION Hangzhou - Keynote: Collaborative Security and an Open InternetION Hangzhou - Keynote: Collaborative Security and an Open Internet
ION Hangzhou - Keynote: Collaborative Security and an Open InternetDeploy360 Programme (Internet Society)
 
ION Malta - MANRS Introduction
ION Malta - MANRS IntroductionION Malta - MANRS Introduction
ION Malta - MANRS IntroductionDeploy360 Programme (Internet Society)
 
ION Malta - IPv6 Case Study: Finland
ION Malta - IPv6 Case Study: FinlandION Malta - IPv6 Case Study: Finland
ION Malta - IPv6 Case Study: FinlandDeploy360 Programme (Internet Society)
 
ION Malta - IETF Update
ION Malta - IETF UpdateION Malta - IETF Update
ION Malta - IETF UpdateDeploy360 Programme (Internet Society)
 
ION Malta - Opening Slides
ION Malta - Opening SlidesION Malta - Opening Slides
ION Malta - Opening SlidesDeploy360 Programme (Internet Society)
 
PRFP-10: Cyber threats and security in the Pacific
PRFP-10: Cyber threats and security in the PacificPRFP-10: Cyber threats and security in the Pacific
PRFP-10: Cyber threats and security in the PacificAPNIC
 
ION Cape Town - Opening Remarks
ION Cape Town - Opening RemarksION Cape Town - Opening Remarks
ION Cape Town - Opening RemarksDeploy360 Programme (Internet Society)
 
Janet network DDoS experiences - Networkshop44
Janet network DDoS experiences - Networkshop44Janet network DDoS experiences - Networkshop44
Janet network DDoS experiences - Networkshop44Jisc
 
ION Hangzhou - Closing Remarks
ION Hangzhou - Closing RemarksION Hangzhou - Closing Remarks
ION Hangzhou - Closing RemarksDeploy360 Programme (Internet Society)
 
Campus Consortium EdTalks - Changing Trends in Higher-Ed With Stronger Cyber-...
Campus Consortium EdTalks - Changing Trends in Higher-Ed With Stronger Cyber-...Campus Consortium EdTalks - Changing Trends in Higher-Ed With Stronger Cyber-...
Campus Consortium EdTalks - Changing Trends in Higher-Ed With Stronger Cyber-...Campus Consortium
 
DHPA Techday 2015 - Marc Gauw - Trusted Networks Initiative
DHPA Techday 2015 - Marc Gauw - Trusted Networks InitiativeDHPA Techday 2015 - Marc Gauw - Trusted Networks Initiative
DHPA Techday 2015 - Marc Gauw - Trusted Networks InitiativeSplend
 
ION Cape Town - Collective Responsibility for Routing Security and MANRS
ION Cape Town - Collective Responsibility for Routing Security and MANRSION Cape Town - Collective Responsibility for Routing Security and MANRS
ION Cape Town - Collective Responsibility for Routing Security and MANRSDeploy360 Programme (Internet Society)
 
ION Bangladesh - IETF Update
ION Bangladesh - IETF UpdateION Bangladesh - IETF Update
ION Bangladesh - IETF UpdateDeploy360 Programme (Internet Society)
 
Dwyer "Privacy by Design: Can It Work?"
Dwyer "Privacy by Design: Can It Work?"Dwyer "Privacy by Design: Can It Work?"
Dwyer "Privacy by Design: Can It Work?"Cathy Dwyer
 
ION Durban - MANRS Introduction
ION Durban - MANRS IntroductionION Durban - MANRS Introduction
ION Durban - MANRS IntroductionDeploy360 Programme (Internet Society)
 
Internet of Things - how secure is it?
Internet of Things - how secure is it?Internet of Things - how secure is it?
Internet of Things - how secure is it?IISPEastMids
 
"We're all in this together" - educating users on the importance of cyber sec...
"We're all in this together" - educating users on the importance of cyber sec..."We're all in this together" - educating users on the importance of cyber sec...
"We're all in this together" - educating users on the importance of cyber sec...Jisc
 
MISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloudMISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloudMISA Ontario Cloud SIG
 
Why Your Approach To Data Governance Needs a Major Update
Why Your Approach To Data Governance Needs a Major UpdateWhy Your Approach To Data Governance Needs a Major Update
Why Your Approach To Data Governance Needs a Major UpdateDelphix
 
Nvis, inc. 01 01-2021
Nvis, inc. 01 01-2021Nvis, inc. 01 01-2021
Nvis, inc. 01 01-2021PhilSmith165
 
El signo linguistico
El signo linguisticoEl signo linguistico
El signo linguisticovalerialaprincesita
 
Bullying
BullyingBullying
BullyingCANDELAM
 

More Related Content

What's hot

PRFP-10: Cyber threats and security in the Pacific
PRFP-10: Cyber threats and security in the PacificPRFP-10: Cyber threats and security in the Pacific
PRFP-10: Cyber threats and security in the PacificAPNIC
 
Janet network DDoS experiences - Networkshop44
Janet network DDoS experiences - Networkshop44Janet network DDoS experiences - Networkshop44
Janet network DDoS experiences - Networkshop44Jisc
 
Campus Consortium EdTalks - Changing Trends in Higher-Ed With Stronger Cyber-...
Campus Consortium EdTalks - Changing Trends in Higher-Ed With Stronger Cyber-...Campus Consortium EdTalks - Changing Trends in Higher-Ed With Stronger Cyber-...
Campus Consortium EdTalks - Changing Trends in Higher-Ed With Stronger Cyber-...Campus Consortium
 
DHPA Techday 2015 - Marc Gauw - Trusted Networks Initiative
DHPA Techday 2015 - Marc Gauw - Trusted Networks InitiativeDHPA Techday 2015 - Marc Gauw - Trusted Networks Initiative
DHPA Techday 2015 - Marc Gauw - Trusted Networks InitiativeSplend
 
ION Cape Town - Collective Responsibility for Routing Security and MANRS
ION Cape Town - Collective Responsibility for Routing Security and MANRSION Cape Town - Collective Responsibility for Routing Security and MANRS
ION Cape Town - Collective Responsibility for Routing Security and MANRSDeploy360 Programme (Internet Society)
 
Dwyer "Privacy by Design: Can It Work?"
Dwyer "Privacy by Design: Can It Work?"Dwyer "Privacy by Design: Can It Work?"
Dwyer "Privacy by Design: Can It Work?"Cathy Dwyer
 
Internet of Things - how secure is it?
Internet of Things - how secure is it?Internet of Things - how secure is it?
Internet of Things - how secure is it?IISPEastMids
 
"We're all in this together" - educating users on the importance of cyber sec...
"We're all in this together" - educating users on the importance of cyber sec..."We're all in this together" - educating users on the importance of cyber sec...
"We're all in this together" - educating users on the importance of cyber sec...Jisc
 
MISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloudMISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloudMISA Ontario Cloud SIG
 
Why Your Approach To Data Governance Needs a Major Update
Why Your Approach To Data Governance Needs a Major UpdateWhy Your Approach To Data Governance Needs a Major Update
Why Your Approach To Data Governance Needs a Major UpdateDelphix
 
Nvis, inc. 01 01-2021
Nvis, inc. 01 01-2021Nvis, inc. 01 01-2021
Nvis, inc. 01 01-2021PhilSmith165
 

What's hot (20)

ION Hangzhou - Keynote: Collaborative Security and an Open Internet
ION Hangzhou - Keynote: Collaborative Security and an Open InternetION Hangzhou - Keynote: Collaborative Security and an Open Internet
ION Hangzhou - Keynote: Collaborative Security and an Open Internet
 
ION Malta - MANRS Introduction
ION Malta - MANRS IntroductionION Malta - MANRS Introduction
ION Malta - MANRS Introduction
 
ION Malta - IPv6 Case Study: Finland
ION Malta - IPv6 Case Study: FinlandION Malta - IPv6 Case Study: Finland
ION Malta - IPv6 Case Study: Finland
 
ION Malta - IETF Update
ION Malta - IETF UpdateION Malta - IETF Update
ION Malta - IETF Update
 
ION Malta - Opening Slides
ION Malta - Opening SlidesION Malta - Opening Slides
ION Malta - Opening Slides
 
PRFP-10: Cyber threats and security in the Pacific
PRFP-10: Cyber threats and security in the PacificPRFP-10: Cyber threats and security in the Pacific
PRFP-10: Cyber threats and security in the Pacific
 
ION Cape Town - Opening Remarks
ION Cape Town - Opening RemarksION Cape Town - Opening Remarks
ION Cape Town - Opening Remarks
 
Janet network DDoS experiences - Networkshop44
Janet network DDoS experiences - Networkshop44Janet network DDoS experiences - Networkshop44
Janet network DDoS experiences - Networkshop44
 
ION Hangzhou - Closing Remarks
ION Hangzhou - Closing RemarksION Hangzhou - Closing Remarks
ION Hangzhou - Closing Remarks
 
Campus Consortium EdTalks - Changing Trends in Higher-Ed With Stronger Cyber-...
Campus Consortium EdTalks - Changing Trends in Higher-Ed With Stronger Cyber-...Campus Consortium EdTalks - Changing Trends in Higher-Ed With Stronger Cyber-...
Campus Consortium EdTalks - Changing Trends in Higher-Ed With Stronger Cyber-...
 
DHPA Techday 2015 - Marc Gauw - Trusted Networks Initiative
DHPA Techday 2015 - Marc Gauw - Trusted Networks InitiativeDHPA Techday 2015 - Marc Gauw - Trusted Networks Initiative
DHPA Techday 2015 - Marc Gauw - Trusted Networks Initiative
 
ION Cape Town - Collective Responsibility for Routing Security and MANRS
ION Cape Town - Collective Responsibility for Routing Security and MANRSION Cape Town - Collective Responsibility for Routing Security and MANRS
ION Cape Town - Collective Responsibility for Routing Security and MANRS
 
ION Bangladesh - IETF Update
ION Bangladesh - IETF UpdateION Bangladesh - IETF Update
ION Bangladesh - IETF Update
 
Dwyer "Privacy by Design: Can It Work?"
Dwyer "Privacy by Design: Can It Work?"Dwyer "Privacy by Design: Can It Work?"
Dwyer "Privacy by Design: Can It Work?"
 
ION Durban - MANRS Introduction
ION Durban - MANRS IntroductionION Durban - MANRS Introduction
ION Durban - MANRS Introduction
 
Internet of Things - how secure is it?
Internet of Things - how secure is it?Internet of Things - how secure is it?
Internet of Things - how secure is it?
 
"We're all in this together" - educating users on the importance of cyber sec...
"We're all in this together" - educating users on the importance of cyber sec..."We're all in this together" - educating users on the importance of cyber sec...
"We're all in this together" - educating users on the importance of cyber sec...
 
MISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloudMISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloud
 
Why Your Approach To Data Governance Needs a Major Update
Why Your Approach To Data Governance Needs a Major UpdateWhy Your Approach To Data Governance Needs a Major Update
Why Your Approach To Data Governance Needs a Major Update
 
Nvis, inc. 01 01-2021
Nvis, inc. 01 01-2021Nvis, inc. 01 01-2021
Nvis, inc. 01 01-2021
 

Viewers also liked

P Integrador Mercabaratillo Envigado
P Integrador Mercabaratillo EnvigadoP Integrador Mercabaratillo Envigado
P Integrador Mercabaratillo Envigadoguest7ae3569
 
Haz Que Cuente
Haz Que CuenteHaz Que Cuente
Haz Que CuenteAvancemos
 
Semiotica parte 1
Semiotica parte 1Semiotica parte 1
Semiotica parte 1Silvia Vera
 

Viewers also liked (8)

El signo linguistico
El signo linguisticoEl signo linguistico
El signo linguistico
 
Bullying
BullyingBullying
Bullying
 
Internet - para comprender las TICs
Internet - para comprender las TICsInternet - para comprender las TICs
Internet - para comprender las TICs
 
P Integrador Mercabaratillo Envigado
P Integrador Mercabaratillo EnvigadoP Integrador Mercabaratillo Envigado
P Integrador Mercabaratillo Envigado
 
Haz Que Cuente
Haz Que CuenteHaz Que Cuente
Haz Que Cuente
 
Semiotica parte 1
Semiotica parte 1Semiotica parte 1
Semiotica parte 1
 
Fuentes 2010 e
Fuentes 2010 eFuentes 2010 e
Fuentes 2010 e
 
A arte
A arteA arte
A arte
 

Similar to The NZITF, a 'trust group’ of volunteers in a country with no National C, by Barry Brailey [APNIC 38 / Network Abuse BoF]

Cyber security landscape
Cyber security landscapeCyber security landscape
Cyber security landscapeJisc
 
NZITF & The first 48hours of Heartbleed, by Barry Brailey [APNIC 38]
NZITF & The first 48hours of Heartbleed, by Barry Brailey [APNIC 38]NZITF & The first 48hours of Heartbleed, by Barry Brailey [APNIC 38]
NZITF & The first 48hours of Heartbleed, by Barry Brailey [APNIC 38]APNIC
 
Guy Alfassi - CSA Conference Highlights
Guy Alfassi - CSA Conference HighlightsGuy Alfassi - CSA Conference Highlights
Guy Alfassi - CSA Conference HighlightsCSAIsrael
 
The Impact of the General Data Protection Regulation - 10th May 2016
The Impact of the General Data Protection Regulation - 10th May 2016The Impact of the General Data Protection Regulation - 10th May 2016
The Impact of the General Data Protection Regulation - 10th May 2016IISPEastMids
 
South West Cyber Security Cluster Introduction
South West Cyber Security Cluster IntroductionSouth West Cyber Security Cluster Introduction
South West Cyber Security Cluster IntroductionPeter Jones
 
Insider threat event presentation
Insider threat event presentationInsider threat event presentation
Insider threat event presentationIISPEastMids
 
Emerging & Enabling Technologies event, 19 September 17 - presentation by Gav...
Emerging & Enabling Technologies event, 19 September 17 - presentation by Gav...Emerging & Enabling Technologies event, 19 September 17 - presentation by Gav...
Emerging & Enabling Technologies event, 19 September 17 - presentation by Gav...Invest Northern Ireland
 
Security and governance in the cloud
Security and governance in the cloudSecurity and governance in the cloud
Security and governance in the cloudJulian Knight
 
ICANN 50: ICANN Security Stability and Resiliency Outreach
ICANN 50: ICANN Security Stability and Resiliency OutreachICANN 50: ICANN Security Stability and Resiliency Outreach
ICANN 50: ICANN Security Stability and Resiliency OutreachICANN
 
Phil Richards, Jisc the co-design approach and furture developments
Phil Richards, Jisc the co-design approach and furture developmentsPhil Richards, Jisc the co-design approach and furture developments
Phil Richards, Jisc the co-design approach and furture developmentsJISC Regional Support Centre
 
Building the things network in norfolk and suffolk
Building the things network in norfolk and suffolkBuilding the things network in norfolk and suffolk
Building the things network in norfolk and suffolkRobin Harris
 
01 internet peering-workshop-agenda
01 internet peering-workshop-agenda01 internet peering-workshop-agenda
01 internet peering-workshop-agendaWilliam Norton
 
APAN 44: Security outreach at APNIC
APAN 44: Security outreach at APNICAPAN 44: Security outreach at APNIC
APAN 44: Security outreach at APNICAPNIC
 

Similar to The NZITF, a 'trust group’ of volunteers in a country with no National C, by Barry Brailey [APNIC 38 / Network Abuse BoF] (20)

ION Durban - Opening Slides
ION Durban - Opening SlidesION Durban - Opening Slides
ION Durban - Opening Slides
 
Cyber security landscape
Cyber security landscapeCyber security landscape
Cyber security landscape
 
NZITF & The first 48hours of Heartbleed, by Barry Brailey [APNIC 38]
NZITF & The first 48hours of Heartbleed, by Barry Brailey [APNIC 38]NZITF & The first 48hours of Heartbleed, by Barry Brailey [APNIC 38]
NZITF & The first 48hours of Heartbleed, by Barry Brailey [APNIC 38]
 
ION Costa Rica Opening Slides
ION Costa Rica Opening SlidesION Costa Rica Opening Slides
ION Costa Rica Opening Slides
 
Guy Alfassi - CSA Conference Highlights
Guy Alfassi - CSA Conference HighlightsGuy Alfassi - CSA Conference Highlights
Guy Alfassi - CSA Conference Highlights
 
ION Trinidad and Tobago - Opening Slides
ION Trinidad and Tobago - Opening SlidesION Trinidad and Tobago - Opening Slides
ION Trinidad and Tobago - Opening Slides
 
The Impact of the General Data Protection Regulation - 10th May 2016
The Impact of the General Data Protection Regulation - 10th May 2016The Impact of the General Data Protection Regulation - 10th May 2016
The Impact of the General Data Protection Regulation - 10th May 2016
 
South West Cyber Security Cluster Introduction
South West Cyber Security Cluster IntroductionSouth West Cyber Security Cluster Introduction
South West Cyber Security Cluster Introduction
 
Insider threat event presentation
Insider threat event presentationInsider threat event presentation
Insider threat event presentation
 
Emerging & Enabling Technologies event, 19 September 17 - presentation by Gav...
Emerging & Enabling Technologies event, 19 September 17 - presentation by Gav...Emerging & Enabling Technologies event, 19 September 17 - presentation by Gav...
Emerging & Enabling Technologies event, 19 September 17 - presentation by Gav...
 
Security and governance in the cloud
Security and governance in the cloudSecurity and governance in the cloud
Security and governance in the cloud
 
ION Sri Lanka - Opening Slides
ION Sri Lanka - Opening SlidesION Sri Lanka - Opening Slides
ION Sri Lanka - Opening Slides
 
ION Tokyo: Opening Slides, Chris Grundemann
ION Tokyo: Opening Slides, Chris GrundemannION Tokyo: Opening Slides, Chris Grundemann
ION Tokyo: Opening Slides, Chris Grundemann
 
ICANN 50: ICANN Security Stability and Resiliency Outreach
ICANN 50: ICANN Security Stability and Resiliency OutreachICANN 50: ICANN Security Stability and Resiliency Outreach
ICANN 50: ICANN Security Stability and Resiliency Outreach
 
Phil Richards, Jisc the co-design approach and furture developments
Phil Richards, Jisc the co-design approach and furture developmentsPhil Richards, Jisc the co-design approach and furture developments
Phil Richards, Jisc the co-design approach and furture developments
 
Building the things network in norfolk and suffolk
Building the things network in norfolk and suffolkBuilding the things network in norfolk and suffolk
Building the things network in norfolk and suffolk
 
Rachel Resume
Rachel ResumeRachel Resume
Rachel Resume
 
ION Santiago: Opening Slides
ION Santiago: Opening SlidesION Santiago: Opening Slides
ION Santiago: Opening Slides
 
01 internet peering-workshop-agenda
01 internet peering-workshop-agenda01 internet peering-workshop-agenda
01 internet peering-workshop-agenda
 
APAN 44: Security outreach at APNIC
APAN 44: Security outreach at APNICAPAN 44: Security outreach at APNIC
APAN 44: Security outreach at APNIC
 

More from APNIC

IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119APNIC
 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119APNIC
 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119APNIC
 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119APNIC
 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119APNIC
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...APNIC
 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonAPNIC
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonAPNIC
 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPNIC
 
Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6APNIC
 
AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!APNIC
 
CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023APNIC
 
AFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAPNIC
 
AFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment StatusAFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment StatusAPNIC
 
AFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressingAFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressingAPNIC
 
AFSIG 2023: APNIC - Registry & Development
AFSIG 2023: APNIC - Registry & DevelopmentAFSIG 2023: APNIC - Registry & Development
AFSIG 2023: APNIC - Registry & DevelopmentAPNIC
 
Afghanistan IGF 2023: The ABCs and importance of cybersecurity
Afghanistan IGF 2023: The ABCs and importance of cybersecurityAfghanistan IGF 2023: The ABCs and importance of cybersecurity
Afghanistan IGF 2023: The ABCs and importance of cybersecurityAPNIC
 
IDNIC OPM 2023: IPv6 deployment planning and security considerations
IDNIC OPM 2023: IPv6 deployment planning and security considerationsIDNIC OPM 2023: IPv6 deployment planning and security considerations
IDNIC OPM 2023: IPv6 deployment planning and security considerationsAPNIC
 
IDNIC OPM 2023 - Internet Number Registry System
IDNIC OPM 2023 - Internet Number Registry SystemIDNIC OPM 2023 - Internet Number Registry System
IDNIC OPM 2023 - Internet Number Registry SystemAPNIC
 

More from APNIC (20)

IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119
 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff Huston
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
 
Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6
 
AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!
 
CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023
 
AFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet development
 
AFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment StatusAFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment Status
 
AFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressingAFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressing
 
AFSIG 2023: APNIC - Registry & Development
AFSIG 2023: APNIC - Registry & DevelopmentAFSIG 2023: APNIC - Registry & Development
AFSIG 2023: APNIC - Registry & Development
 
Afghanistan IGF 2023: The ABCs and importance of cybersecurity
Afghanistan IGF 2023: The ABCs and importance of cybersecurityAfghanistan IGF 2023: The ABCs and importance of cybersecurity
Afghanistan IGF 2023: The ABCs and importance of cybersecurity
 
IDNIC OPM 2023: IPv6 deployment planning and security considerations
IDNIC OPM 2023: IPv6 deployment planning and security considerationsIDNIC OPM 2023: IPv6 deployment planning and security considerations
IDNIC OPM 2023: IPv6 deployment planning and security considerations
 
IDNIC OPM 2023 - Internet Number Registry System
IDNIC OPM 2023 - Internet Number Registry SystemIDNIC OPM 2023 - Internet Number Registry System
IDNIC OPM 2023 - Internet Number Registry System
 

Recently uploaded

SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predieusebiomeyer
 
Q4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxQ4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxeditsforyah
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)Christopher H Felton
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Dana Luther
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationLinaWolf1
 
Elevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New OrleansElevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New Orleanscorenetworkseo
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一Fs
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一Fs
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作ys8omjxb
 
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书rnrncn29
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Excelmac1
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Sonam Pathan
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMgdsc13
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhimiss dipika
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012rehmti665
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Sonam Pathan
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Paul Calvano
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMartaLoveguard
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一z xss
 

Recently uploaded (20)

SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predi
 
Q4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxQ4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptx
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 Documentation
 
Elevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New OrleansElevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New Orleans
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
 
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITM
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhi
 
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptx
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
 

The NZITF, a 'trust group’ of volunteers in a country with no National C, by Barry Brailey [APNIC 38 / Network Abuse BoF]

  • 1. New Zealand Internet Task Force Improving the cyber security posture of New Zealand Barry Brailey NZITF Chair
  • 2. Programme • Introduc7on • Background • The Birth of a Trust Group • Ongoing work • Q&A
  • 3. Who Am I? • Manager, Security Policy -­‐ .nz DNC • Chair – NZITF
  • 4. What is the NZITF? The New Zealand Internet Task Force is a non-­‐ profit with the mission of improving the cyber security posture of New Zealand It is a collabora@ve effort based on mutual trust of it’s members
  • 6. NZ is excellent for many reasons!
  • 7. NZ Gov’t Cyber Security…… • 2002 -­‐ Centre for Cri7cal Infrastructure Protec7on • 2011 – Cyber Security Strategy (fairly brief) • 2012 – Na7onal Cyber Security Centre
  • 8. The Security Landscape • The rise of ‘Worms and Trojans’ (Blaster, Welchia etc) • NASA & other ‘hacks’ • Estonia A^acks • Georgia A^acks • Ghostnet (Cyber espionage) • Conficker • Rise of the ‘Botnets’ • Stuxnet
  • 9. The Birth of a Trust Group • Following BTF7, Conficker Working Group and Cyber Storm II in 2008 the NZ Botnet Task Force was formed • Renamed NZITF early 2009 as the focus evolved and membership expanded
  • 10. Growing Up • Formally Incorporated in 2011 • Membership fee structure introduced • First adver7sed public event
  • 11. NZITF Board • .nz DNC, Barry Brailey (Chair) • Security Consultant, Laura Bell (Vice-­‐Chair) • Bank of New Zealand, Chester Holmes (Secretary) • Independent Consultant, Dean Pemberton (Treasurer) • Dept. Internal Affairs, Toni Demetriou • NCSC, Mike Seddon • PwC, Adrian van Hest
  • 12. The Way We Work • Members are nominated and vouched on • Traffic Light Protocol • Mee7ngs & Training • Working Groups • Mail list, Portal and Wiki • Fortnightly “Ops Call”
  • 13. What has the NZITF done? • Coordina7ng technical training • Targeted Threat Workshop • Security Architecture training • Wireless Security Training course • Team Cymru Botnet Forensics • Honeynet Project and Shadowsever Botnet Defense/Offence courses • CSIRT introduc7on • Open Source Intelligence • Windows Reverse Engineering
  • 14. NZITF Ini@a@ves • Some NZITF working groups: • CREST NZ • Cyber Exercising Framework • Botnet/Malware Data • Coordinated Disclosure Guidelines
  • 15. Vulnerability Disclosure Example • Researcher finds potential flaw on MoJ website" • Researcher informs opposition MP" • Opposition give about 24hours notice and go to media" • Justice Minister responds:" “The ministry and I do not deal with hackers and we do not deal with burglars.”! Hon JUDITH COLLINS" "
  • 16. Highlighted an issue in NZ • Report a security vulnerability to a New Zealand website - probably have a 50% chance of being reported to the Police" • The other 50% - spend a large amount of time trying to explain why it’s an issue" • Hence, while vulnerabilities are being found every day - they are never being reported or fixed
  • 17. We had to do be^er! • NZITF WG draled ‘Coordinated Disclosure Guidelines’ • Released for public consulta7on last year • Consulted at OWASP and Kiwicon in NZ • Final version will be released shortly • Hope that it will help improve ‘maturity’ amongst website owners and businesses • NZRS has already adopted a great example
  • 18. Recent ‘Opera7onal’ Changes • Heartbleed Response • Lack of Gov’t or defini7ve advice • Used our members and their media people • Fortnightly ‘OpsCalls’ – encouraging greater info sharing • Timely co-­‐ord and response to emerging threats • Prep work – group of volunteer “Coordinated Disclosure Handlers”
  • 19. DNS Amplifica7on -­‐ Open Resolvers • Spark (NZ’s Largest ISP) affected across whole customer network • NZITF Follow up on ‘Open Resolvers in NZ’ ongoing -­‐ Shadowserver repor7ng very useful
  • 21. Improving the cyber security posture of New Zealand
  • 22. CREST NZ • The NZITF set up working group to establish CREST NZ Council of Registered Ethical Security Testers • No professional voice or representa7on for the penetra7on tes7ng industry • Lack of educa7on and training courses • Skill set shortage in New Zealand • Growing interna7onal cer7fica7on • CREST Australia is now up and running
  • 23. Cyber Exercising Framework • Exercising tests and improves the levels of preparedness for a significant cyber incident • Develop a framework and schedule for conduc7ng cyber exercises: • Communica7ons Checks • Scenario Discussions • Table Top Exercises (TTX) • Na7onal and Interna7onal Full Play Exercises
  • 24. Botnet/Malware Data • Assess current NZ infec7on rates • Iden7fy data sources of botnet infec7ons & compromised New Zealand websites • Recommend poten7al mi7ga7ons that could be effec7ve in New Zealand and the stakeholders for each • Iden7fy possible technical and policy based mi7ga7ons