In 2017, we started a cycle of security exercises for our organisation so as to be prepared to face DNS major attack / outage scenarios (e.g. DDoS attack, zone file corruption...). While the first edition was focused on IT response skills, with some crisis management, the second one was more meant to cover - as much as possible – all relevant aspects one organization must handle should a major security incident occur. Such a security exercise allowed us, for instance, to test our 3C’s (“Coordination”, “Co-operation” & “Communication”) from the time when the first alert was received, until when we were back to normal (or almost) and the crisis meeting was over.
We would like first to share information on main achievements and lessons learned from our 2017 exercise editions. We also would like to trigger some discussion on challenges ahead in terms of involving relevant partners in the future exercises preparation, such as transit providers, Anycast providers, DNS resolver operators, registrars and DNS hosting providers.
PLEASE NOTE the slides for this presentation are not available at the Speaker's request.
|Talk Duration||30 Minutes|