Notes
Tuesday, May 23 –
Cristine Hoepers of CERT Br and Juan Carlos Guel of CERT Mx welcomed the audience and proceeded to open the Network Security event.
SSecurity challenges (DNSSEC, routing security and DDos) - Steve Crocker
Mr. Crocker made a first presentation on Internet Security and then proceeded with another presentation on the structure and functions of the ICANN Security and Stability Advisory Committee (SSEC) of which he is a member.
In his first presentation Mr. Crocker highlighted the need for investing in infrastructure, developing the systems so that they will be strong and robust, so that there will be fewer attacks, observing that this is more important than solving them later or providing responses to the incidents. He added that Latin America is in a very unique and special position, as the region has a great amount of technical talent available while it simultaneously lacks the difficulties represented by an enormous and difficult-to-modify legacy as is the case in other regions. He also added that the region is undergoing a period of growth and that it is in time to take a huge step forward.
SSAC Report – Steve Crocker
Mr. Crocker made a brief presentation about his role as president of the ICANN Security and Stability Advisory Committee. He explained different aspects of the organization, such as its structure, roles, etc., stating that its role is to advice and provide experience not only internally, to ICANN, but also externally, to the community in general. He added that its role is merely advisory, with no decision-making functions.
Wednesday, May 24 –
Juan Carlos Guel and Cristine Hoepers opened the day's session and introduced Ricardo Patara.
Certificate Issuing Service for the Region - Ricardo Patara
Mr. Patara made a presentation on PKI (Public Key Infrastructure).
Erick Irirarte asked how the different legal frameworks that exist in different countries will be considered.
RP replied that the PKI infrastructure will be in Uruguay, and he added that the certificates will be defined by policies that are already defined and that limit their use.
Juan Carlos Guel spoke about the actions that are being implemented at national level in different countries in relation to CERTs and asked whether the intention is to have a LACNIC CERT in each country, to which RP replied that it is not.
JCG proposed reconsidering future possibilities, such as ICTs.
CSIRTs & Incident Management Capabilities - Georgia Killcrece
Presentation on the fundamental concepts having to do with incident response centers – CSIRTs, in what ways a CSIRT may be useful and how to create a CSIRT and its structure (national, state level, etc).
Presentation by CERT.AR - Rodolfo Baader
Presentation about the history behind the creation of CERT AR in 1999.
Mr. Baader commented something new that is being done that has to do with the definition of an information security policy model (ISO 9779).
He also mentioned the services they are providing, such as open-source based firewalls, security monitoring system, etc. Future actions include, among others, evaluating national coverage and the creation of CSIRTs in the provinces, in addition to coordinating with other CSIRTs within the region.
Security in the Commercial Environment: ANTEL Uruguay - Leonardo Vidal
Mr. Vidal spoke about what led ANTEL to start internal discussions for the creation of a security incident response team.
Presentation by CERT.br Brazil - Cristine Hoepers
Ms. Hoepers presented a report about what CERT.br has done in the country. She also made an introduction about CERT.br and about other Brazilian CSIRTs.
Among the services, she showed statistics on incident reports that have been received, tools for automating the treatment of said information, and documents to instruct users about the importance of their computer's security. She also mentioned the support offered for the creation of new CSIRTs such as, for example, the training provided to organizations, even those of other countries. She concluded her presentation speaking about another project called Antispam.
Presentation by UNAM Cert Mexico - Juan Carlos Guel
Mr. Guel reported the work that UNAM Cert has been carrying out during past years, beginning with a brief introduction to explain what a CERT is and what it is not, its structure and functions. He then proceeded to present a brief history of the creation of UNAM Cert and the activities they are developing to involve other Mexican academic organizations. He concluded by speaking about how UNAM Cert has acted jointly with other organizations such as the government, financial, academic, and legislative sectors.
Open debate on Cooperation Initiatives in Latin America and Future Steps.
Georgia, Juan Carlos, Cristine, Leonardo, Rodolfo
Leonardo Vidal of Antel Uruguay asked Juan Carlos about the cybernetic police. He added that he is not part of a cybernetic police, but that a lot of information is exchanged with different areas of the government precisely to share information about incidents.
Cristine observed that in Brazil no special police was created for this purpose, but that there are experts in cyber crime.
Erick Iriarte mentioned that last year Interpol organized the first meeting on digital crime and that a working group on this issue was created in Latin America. He commented on the lack of integration that frequently exists between the police and their reality and the world of academia.
Juan Carlos observed that he agreed with what Erick said, adding that that there is a lack of training and that many times there are no mechanisms to supervise the police itself.
Georgia stated that CSIRTs must understand very clearly the boundaries within which their structure can operate. At this moment the police are on a learning curve, and perhaps one of the functions of CSIRTs could be to help them go through the process and, eventually, help them create a CSIRT to deal with cyber crimes.
Juan Carlos mentioned that what he frequently notices in Mexico is a lack of confidence on the part of the cyber crime police.
Erick Iriarte added that he is concerned about civil society as a whole, that the group should be careful not to become isolated, adding that it should share their knowledge with other sectors as well.
Georgia said that she agrees and that she understands it is in fact important to spread knowledge and train users, adding that they have already organized this type of training courses.
Luis Miguel Fuertes asked whether any Guatemalan institution had contacted anybody in relation to the creation of CSIRTs in that country.
The panel replied that there were some contacts with the Argentine CSIRT and the UNAM CSIRT, but that there was no further progress.
Juan Carlos commented to Georgia that during her experience at the CERT she has seen many cases of CSIRT creation and asked what advise she would give to organizations that are creating new CSIRTs.
Georgia....
Raúl Echeberría congratulated the group for their work and presentations. He inquired which would be the next steps in coordinating the work within the region.
Cristine observed that, from her point of view, we should continue working with the mailing lists supported by LACNIC as a means to generate trust, and that more formal groups should be created naturally, in time. She added that it is not necessary to have a CSIRT right away for people to be able to somehow participate and help.
Leonardo mentioned that the work done on the mailing list was very valuable, but that he sees the need to have a discussion forum with goals and results. He added that the forum itself should motivate the creation and participation of other CSIRTs.
Rodolfo said he agreed with the previous comments, adding that at this moment getting to know the individuals and groups is a way of generating trust, which is an important aspect.
Juan Carlos added that it would also be necessary to find mechanisms for the cooperation among different groups.
German Valdez said that LACNIC will continue to provide support in the form of human resources for the type of activities and proposals commented by the panel.
