ICANN IIS-SSR is the acronym for the terribly long name of my department: Internet Identifier Systems – Security, Stability and Resiliency.
What do we do in this ICANN department?
The mission of the ICANN Security, Stability and Resiliency department is divided into three aspects:
- Maintaining the security, stability and resiliency of the Domain Name System (DNS) and of domain name registration services.
- Promoting user trust in the Internet's systems of unique identifiers (IP addresses and domain names).
- Strengthening those systems by building capacities among the public security and country code top-level domain (ccTLD) communities.
Our approach to fulfill our mission is the following:
- Prevention through raising awareness about threats and preparing to deal with them, collaboration and information sharing.
- Mitigation through information sharing and coordination of responses to incidents.
- Adoption of best practices through collaboration and capacity building.
- Analysis of DNS data, domain registration services information, and information related to the Internet's systems of unique identifiers.
- Trust building through transparency, communication and widely trusted execution.
In order to achieve our goals, we have developed the following tasks as part of our daily practice:
- Work hand in hand with the security and operations communities (in general, both in the private sector) and with the public security community (criminal and civil law enforcement agencies in each country) in order to receive and process intelligence information that may lead us to find imminent threats to the DNS and to domain registration services.
- Facilitate in these communities preparedness for and mitigation of threats to protect the DNS.
- Conduct studies and information analyses to better understand the current health status of the entire DNS ecosystem.
- Coordinate DNS vulnerability disclosure reporting.
- Contribute with our subject matter expertise to build capacities among the public security and ccTLD operators communities on topics related to the DNS ecosystem, including DNSSEC and infrastructure or DNS operation abuse or misuse.
- Support the activities associated with the management of risks faced by the DNS ecosystem.
- Together with the ICANN Global Stakeholder Engagement department, participate in the global effort to increase cybersecurity levels and mitigate cybercrime.
What have we recently done in Latin America?
Among the most important activities only, in the last 12 months we have trained police authorities and the telecommunication regulating agency in Bolivia, we participated in the CSIRT meeting in Lima during LACNIC 23, we participated as speakers at the Southern School on Internet Governance in Costa Rica, and we delivered in-person training for the Peruvian National Police Force and for the Police Cybercrime Center in Colombia. We have also delivered virtual training for officers in the district attorney's office of the Argentine province of Cordoba.
We organized a training course for regional police agencies, which took place in the last ICANN meeting in Buenos Aires, was supported by the Canadian government, Interpol, the OAS Cyber Security Program, the Argentine government, ccTLD .AR, the Buenos Aires Metropolitan Police, and the recently created Public Safety Working Group, and was attended by representatives of over 15 Latin American and the Caribbean countries. We also participated in the LACTLD technical meeting in Sao Paulo.
With some frequency, we offer webinars organized by the OAS Inter-American Telecommunications Commission (CITEL) for its member countries, and we seek to meet with regulating agencies and governments from those countries in order to share topics of current interest that need to be discussed within the community, for instance, topics related to BCP 38 and BCP 140, among others. Only two weeks ago, we met in Bogota with the CRC to talk about these topics in particular, and we sought to meet with MinTIC's officers.
Also, we have facilitated the resolution of incidents related to the use of Internet identifiers.
If you have any question or concern, or if you simply want to contact us, please send an email to firstname.lastname@example.org. We will continue to fulfill our mission, supporting those who operate Internet infrastructure, the public security communities and, in that way, all Internet users around the world.