top level domain incident response recovery checklist
play

Top Level Domain Incident Response Recovery Checklist - PowerPoint PPT Presentation

Jan 02, 2023 •113 likes •209 views

Top Level Domain Incident Response Recovery Checklist Dave Piscitello VP Security and ICT Coordina7on ICANN Collabora7ve Effort ICANN

  1. Top ¡Level ¡Domain ¡Incident ¡ Response ¡“Recovery” ¡Checklist ¡ ¡ ¡ Dave ¡Piscitello ¡ VP ¡Security ¡and ¡ICT ¡Coordina7on ¡ ICANN ¡

  2. Collabora7ve ¡ ¡ Effort ¡ • ICANN ¡security ¡ team ¡ • MarkMonitor ¡ • The ¡affected ¡ registry ¡ opera7ons ¡staff ¡ • NSRC ¡ • Farsight ¡ hEps://www.flickr.com/photos/slagheap/ ¡

  3. Disclaimers ¡ • High ¡level: ¡ ¡ We ¡Are ¡ ¡ Not ¡ ¡ – not ¡exhaus7ve ¡ AEorneys ¡ • Not ¡legal ¡advice ¡ ¡ • Not ¡a ¡policy ¡document ¡ but we know 
 our tech…

  4. Guidelines ¡ • List ¡of ¡ac7ons ¡a ¡registry ¡operator ¡should ¡ consider ¡if ¡an ¡authorita7ve ¡name ¡service ¡is ¡ compromised ¡ ¡ Immediate ¡ Interim ¡ Long ¡term ¡

  5. What ¡we ¡ cover ¡ • Inves7ga7ons ¡Basics ¡ – Preserving ¡the ¡scene ¡ – Basic ¡forensics ¡ – Repor7ng ¡criminal ¡acts ¡ ¡ hEps://www.flickr.com/photos/projectexplora7on/ ¡

  6. Restoring ¡ Service ¡ • Building ¡from ¡scratch ¡ ¡ while ¡“hardening” ¡ ¡ during ¡this ¡process ¡ • Recovery ¡or ¡restora7on ¡ ¡ hEps://www.flickr.com/photos/buildingblog/ ¡ of ¡other ¡affected ¡services ¡ • Event ¡monitoring ¡ considera7ons ¡ • Intrusion ¡detec7on ¡and ¡ mi7ga7on ¡considera7ons ¡ hEps://www.flickr.com/photos/mosmanlibrary/ ¡

  7. Improvement ¡ Mistakes ¡ have ¡the ¡ ¡ power ¡to ¡ turn ¡you ¡ into ¡ ¡ something ¡ beEer ¡than ¡ before ¡

  8. Call ¡for ¡ Backup ¡ • ICANN ¡ISSSR ¡may ¡ ¡ be ¡able ¡to ¡assist ¡you ¡ directly ¡ ¡ • Or ¡we ¡can ¡invite ¡ ¡ hEps://www.flickr.com/photos/donkeyhotey/ ¡ trusted ¡experts ¡ • Assistance ¡may ¡already ¡be ¡in ¡place ¡ – OpSec ¡community ¡already ¡monitors ¡most ¡of ¡DNS ¡ infrastructure ¡

Recommend

Above My Pay Grade: Incident Response at the National Level Jason Healey Atlantic Council

Above My Pay Grade: Incident Response at the National Level Jason Healey Atlantic Council

Above My Pay Grade: Incident Response at the National Level Jason Healey Atlantic Council Traditional Incident Response But at the national level, incident response is a different game Implications for Misunderstandings between geeks and

541 views • 27 slides
Incident Response & Evidence Incident Response & Evidence Incident Response &

Incident Response & Evidence Incident Response & Evidence Incident Response &

Incident Response & Evidence Incident Response & Evidence Incident Response & Evidence Incident Response & Evidence Management Management Management Management CIPS Brandon Chapter November 28 2002 Dr. Marc Rogers PhD,

629 views • 27 slides
GE Incident Response Insight Awareness Advantage Sean Mason Director, Incident Response

GE Incident Response Insight Awareness Advantage Sean Mason Director, Incident Response

GE Incident Response Insight Awareness Advantage Sean Mason Director, Incident Response Investing in new talent & capabilities Incident response Cyber intelligence Digital forensics Security architecture Identity management

609 views • 42 slides
Incident Response to Social Engineering Attacks: Domain Hijacking Ramses Martinez Director of

Incident Response to Social Engineering Attacks: Domain Hijacking Ramses Martinez Director of

Incident Response to Social Engineering Attacks: Domain Hijacking Ramses Martinez Director of Information Security Date: June 22, 2010 Background More and more attacks are exploiting business logic using social engineering attacks. Low

425 views • 15 slides
Incident Response: Goals of Incident Management Steps to Preparation Risk Assessment

Incident Response: Goals of Incident Management Steps to Preparation Risk Assessment

6/19/2015 Incidents Are Not Necessarily Emergencies Incident Laboratory Incidences and An event thats likely to have adverse consequences Emergency Response Programs Emergency Unanticipated circumstances resulting in

564 views • 5 slides
Introduction to Incident Response Renana Friedlich, National Incident Response Leader March 2016

Introduction to Incident Response Renana Friedlich, National Incident Response Leader March 2016

Introduction to Incident Response Renana Friedlich, National Incident Response Leader March 2016 Agenda Evaluation of Cybersecurity risks The attackers playbook Case study What can you do today Page 2 Evaluation of

622 views • 12 slides
BIRT BIRT Liaisons Incident Response Incident Follow-Up Q&A 1 2 PURPOSE OF

BIRT BIRT Liaisons Incident Response Incident Follow-Up Q&A 1 2 PURPOSE OF

5/20/2014 COURSE OUTLINE Purpose Building Incident Response Team Expectations BIRT BIRT Liaisons Incident Response Incident Follow-Up Q&A 1 2 PURPOSE OF BIRT PURPOSE OF BIRT Prepare units to respond to a

342 views • 4 slides
Incident Response and Information Sharing A Practical Approach Rapha el Vinot - TLP:GREEN May

Incident Response and Information Sharing A Practical Approach Rapha el Vinot - TLP:GREEN May

Incident Response and Information Sharing A Practical Approach Rapha el Vinot - TLP:GREEN May 22, 2015 The Computer Incident Response Center Luxembourg (CIRCL) is a government-driven initiative designed to provide a systematic response

407 views • 13 slides
Agile Incident Response: Operating through Ongoing Confrontation Kevin Mandia Who Am I?

Agile Incident Response: Operating through Ongoing Confrontation Kevin Mandia Who Am I?

Agile Incident Response: Operating through Ongoing Confrontation Kevin Mandia Who Am I? Professorial Lecturer Carnegie Mellon University 95-856 Incident Response Master of Information System Management The George Washington

1.29k views • 60 slides
BALTIC SEA MARITIME INCIDENT RESPONSE GROUP PROJECT BALTIC SEA MARITIME INCIDENT RESPONSE GROUP

BALTIC SEA MARITIME INCIDENT RESPONSE GROUP PROJECT BALTIC SEA MARITIME INCIDENT RESPONSE GROUP

BALTIC SEA MARITIME INCIDENT RESPONSE GROUP PROJECT BALTIC SEA MARITIME INCIDENT RESPONSE GROUP PROJECT MIRG OOERATIONAL GUIDELINES The project developed the following operational guidelines: 1. Assessing the Safety Status of a Vessel

598 views • 16 slides
Planning for the Worst: The Role of Incident Response, Before Youve Had an Incident Sponsored

Planning for the Worst: The Role of Incident Response, Before Youve Had an Incident Sponsored

Planning for the Worst: The Role of Incident Response, Before Youve Had an Incident Sponsored By: Planning for the Worst: The Role of Incident Response, Before Youve Had an Incident Visit www.advisenltd.com at the end of this webinar to

498 views • 18 slides
UHN Recovery Planning for Programs: Principles and Checklist Clinical Activity Working Group

UHN Recovery Planning for Programs: Principles and Checklist Clinical Activity Working Group

UHN Recovery Planning for Programs: Principles and Checklist Clinical Activity Working Group Executive Lead: Fayez Quereshy Co-Chairs: Terri-Stuart McEwan, Barry Rubin Process to develop a UHN-wide Clinical Activity Recovery Plan as of April 27,

348 views • 6 slides
Post-Expira,on Domain Name Recovery PDP WG ICANN

Post-Expira,on Domain Name Recovery PDP WG ICANN

Post-Expira,on Domain Name Recovery PDP WG ICANN San Francisco March 2011 Background To what extent should registrants be able to reclaim their domain names after they

389 views • 21 slides
Detection and Incident Response With osquery Javier Marcos @javutin $ whoami Security

Detection and Incident Response With osquery Javier Marcos @javutin $ whoami Security

Detection and Incident Response With osquery Javier Marcos @javutin $ whoami Security Engineer/Incident Responder Open source contributor (github.com/javuto) Former IBM, Facebook, Uber and Airbnb Current BitMEX Agenda Part 1:

981 views • 59 slides
PhiGARo: Automatic Phishing Detection and Incident Response Framework Martin Husk, Jakub

PhiGARo: Automatic Phishing Detection and Incident Response Framework Martin Husk, Jakub

PhiGARo: Automatic Phishing Detection and Incident Response Framework Martin Husk, Jakub egan {husakm|cegan}@ics.muni.cz ECTCM 2014 Fribourg, Switzerland Outline Introduction, Phishing incident response, PhiGARo (phishing

270 views • 23 slides
Cyber Up! Digital Forensics & Incident Response Tobi West Principal Investigator Coastline

Cyber Up! Digital Forensics & Incident Response Tobi West Principal Investigator Coastline

Cyber Up! Digital Forensics & Incident Response Tobi West Principal Investigator Coastline College NSF Grant Award #1800999 Agenda Background on Coastline College Need for Incident Response Professionals Overview Advisory

571 views • 14 slides
SW District Incident Response 1 Incident Management Coordinator 4 Motorist Assistance

SW District Incident Response 1 Incident Management Coordinator 4 Motorist Assistance

SW District Incident Response 1 Incident Management Coordinator 4 Motorist Assistance Operators 3 FillIn Motorist Assistance Operators from Maintenance 1 Work Zone Coordinator 2 MoDOT TMC Operators 1 City of Springfield

404 views • 24 slides
The Incident Responders Toolkit the stuff they dont teach you in school Judith van Stegeren

The Incident Responders Toolkit the stuff they dont teach you in school Judith van Stegeren

The Incident Responders Toolkit the stuff they dont teach you in school Judith van Stegeren After my graduation After my graduation Where I work Skill set What I do What I do Case study: incident response Incident Response for fictional

709 views • 39 slides
EVERY MINUTE COUNTS COORDINATING HEROKU'S INCIDENT RESPONSE / Blake Gentry @blakegentry

EVERY MINUTE COUNTS COORDINATING HEROKU'S INCIDENT RESPONSE / Blake Gentry @blakegentry

EVERY MINUTE COUNTS COORDINATING HEROKU'S INCIDENT RESPONSE / Blake Gentry @blakegentry PERSONAL BACKGROUND Lead Engineer at Heroku since 2011 Worked on nearly all parts of the platform In 2012, I led a project to overhaul Herokus Incident

1.03k views • 72 slides
COVID-19 Response and Recovery Update Marvin Odum, City of Houston COVID-19 Response and

COVID-19 Response and Recovery Update Marvin Odum, City of Houston COVID-19 Response and

COVID-19 Response and Recovery Update Marvin Odum, City of Houston COVID-19 Response and Recovery Leader Outline COVID-19 Landscape Guiding Principles Testing Contact Tracing Funding Programs and Initiatives

666 views • 28 slides
Checklist for integrating energy in the Humanitarian Programme Cycle Key steps for integrating

Checklist for integrating energy in the Humanitarian Programme Cycle Key steps for integrating

Checklist for integrating energy in the Humanitarian Programme Cycle Key steps for integrating energy in HPC elements 1. Emergency response preparedness 2. Needs assessment 3. Strategic response planning 4. Response implementation 5.

523 views • 10 slides
A perspective to incident response or another set of recommendations for malware authors

A perspective to incident response or another set of recommendations for malware authors

A perspective to incident response or another set of recommendations for malware authors Alexandre Dulaunoy - TLP:WHITE alexandre.dulaunoy@circl.lu June 7, 2013 CIRCL, national CERT of Luxembourg CIRCL 1 is composed of 6 full-time incident

572 views • 21 slides
2018 Data Security Incident Response Report Building Cyber Resilience: Compromise Response

2018 Data Security Incident Response Report Building Cyber Resilience: Compromise Response

2018 Data Security Incident Response Report Building Cyber Resilience: Compromise Response Intelligence in Action April 11, 2018 Contact Information Theodore J. Kobus, III Casie D. Collignon Leader, Privacy and Data Protection Practice

448 views • 23 slides
National Incident Management System National Incident Management System and and National

National Incident Management System National Incident Management System and and National

National Incident Management System National Incident Management System and and National Response Plan National Response Plan Overview March 2006 HSPD-5: Management of Domestic Incidents HSPD-5 Objectives: Single comprehensive

196 views • 17 slides

More recommend