CARIS Workshop Summary and Reflection

The Internet Architecture Board (IAB) and the Internet Society (ISOC) hosted a day-long Coordinating Attack Response at Internet Scale (CARIS) workshop which took place last Friday in coordination with the Forum for Incident Response and Security Teams (FIRST) Conference in Berlin. The workshop included members of the FIRST community, attack response working group representatives (APWG,…

End-to-End Message Encryption — Can it be done?

End-to-end (e2e) encryption for email is hard.  We know this from OpenPGP and S/MIME efforts with the main problem being around obtaining, installing, and exchanging keys.  While there are a number of positive efforts to fix e2e encryption for email, it may take a while for a viable easy to use solution to be deployed…

Coordinating Incident Response at Internet Scale (CARIS)

Coordinating incident response at Internet scale as a concept sounds fabulous, but can we achieve it? What will it take? For those working in incident response and information sharing efforts, we know there is much to be done. While there is a lot of good work progressing this area of information security, there are still very few…

Do Standards Matter for Information Sharing?

In previous blogs and the recent RSA Perspective paper, I have emphasized the need to work through use cases, requirements, and sharing models before thinking about which standards best fit a use case and where they are necessary.  As the co-chair of the Internet Engineering Task Force (IETF) Managed Incident Lightweight Exchange (MILE) working group,…

Information Sharing Done Right – What’s Useful to Share and Who Should Get It?

By Kathleen Moriarty, Global Lead Security Architect, EMC Office of the CTO Continuing on the theme of sharing information in a directed way to have a broad impact, I think it is important to think further about how we can share information effectively. For me, this means breaking down what is important to share and…

Information Sharing: How Do We Share Data Effectively?

I had the opportunity to speak at and attend the FIRST conference in Bangkok during the second week in June and came back energized from the discussions and direction of the participants.  FIRST includes a mix of national level CSIRTS, CSIRTs for large organizations, and vendors with talks covering a wide range of topics from…