Principal Security Researcher's Take on the ICANN75 AGM

FIRST, the Forum of Incident Responders and Security Teams, is a global organization that helps incident responders and other cybersecurity folk get together and help each other out.

I represent FIRST as the DNS Abuse Ambassador, and they recently sent me to Kuala Lumpur for the ICANN75 AGM. It was indeed a time of a lot of firsts (hah) for me—first time in Kuala Lumpur, first ICANN meeting (the 75th meeting and AGM at that!), and the first time I was properly representing FIRST in person.

Here’s my account of the events:

ICANN—A Huge Success! 

At least from my point of view.

Of course, I have to give a big shout out to Carlos Alvarez, a member of the FIRST DNS Abuse SIG and Director of Trust and Public Safety Engagement.

I have to say—Carlos really saved me! 

We spent 40 minutes going through the entire schedule, and he explained the many, many acronyms and overall structure of ICANN elements. Carlos also introduced me to many incredible people and provided very valuable feedback.

The Challenge of Defining DNS Abuse

During this trip, I presented on The Challenge of Defining DNS Abuse. The main goal was to remind people that there's a lot of different perspectives out there—and no single definition.

My presentation went very well, if I do say so myself. Tech Day—a catch-all for anything technical that didn't fit into the other elements of ICANN—was a wonderful place to be. The level of enthusiasm and engagement from the audience was fantastic. We couldn’t even get to all of the questions in the time allotted for Q&A!

The accompanying speakers in my time slot, Jeff Bedser from CleanDNS and Adiel Akplogan from ICANN, were also incredible and welcoming of the newbie.

DNS Abuse: A Very Hot Topic

Amongst the many interesting talks, DNS Abuse was a hot topic. DNS Abuse came up repeatedly from day 1—the ICANN president and CEO highlighted it during the opening meeting. The meaning of the term “DNS Abuse” is very fuzzy to some, and very specific to others. My presentation (The Challenge of Defining DNS Abuse) was appropriate in many ways!

The Highlight of ICANN—Meeting Other Attendees

ICANN attendees were a great group of people. The audience was diverse, from the DNS Abuse Institute, registries, registrars, CERTs, commercial companies, to government organizations. Wonderful discussions took place with some brilliant minds!

By the end, I had a pile of business cards—and had passed out every single one that I had brought! The old school style of networking was unexpected, but welcomed.

My favorite part, though, was finally getting to put faces to names of the people I regularly interact with online. Meeting these familiar people in person strengthened our relationships in ways that are hard for me to define! It was also very nice to know that people were putting a face to FIRST.

Final Thoughts on ICANN

By the time I left, I had a long list of things to follow up on.

The DNS Abuse Institute has a great study that merits further thought (recreating their experiments and looking at their source data could probably be a whole topic in itself). I also spoke to someone about ICANN setting up a group that reaches out to the cybersecurity community—something there’s not really space for at the moment.

DNS Abuse is a potential way to bridge that gap in the meantime—it’s so top of mind. 

Finally, the insights I gained into the inner workings of ICANN was hugely valuable. From the outside, ICANN can seem like a massive ball of bureaucratic red tape and acronyms—seeing how things actually worked from the inside was amazing. Real work gets done here that has the potential to affect everyone on the internet. Millions (or billions!) of people worldwide can have their online lives shaped by the conversations that happen at ICANN. 

In all, the trip was exhausting but excellent. It will take me a while to digest and absorb everything properly, but there are already tangible benefits. I hope to go to more events like this in the future!

Search
  • There are no suggestions because the search field is empty.
Latest posts
How MSPs Can Enhance Customer Experience with Technology How MSPs Can Enhance Customer Experience with Technology

Customer experience is the secret sauce that sets successful Managed Service Providers (MSPs) apart from the rest. In a market teeming with competition, you need to offer more than the best technology or the lowest prices. It's about how clients feel when they interact with your services. A stellar customer experience can transform a one-time client into a loyal advocate, while a poor one can send them running to your competitors. According to a ...

From The Election Polls to Holiday Deals: Cybercriminals are Preying on Seasonal Trends For Their Own Gain From The Election Polls to Holiday Deals: Cybercriminals are Preying on Seasonal Trends For Their Own Gain

In July I published a blog on the DNSFilter website where I looked closely at our passive DNS data, highlighting early election trends in relation to threat domains.

Ensuring CIPA Compliance: A Practical Guide (and checklist) for Educational Leaders Ensuring CIPA Compliance: A Practical Guide (and checklist) for Educational Leaders

The Children's Internet Protection Act (CIPA) is a critical law designed to ensure that students are protected from harmful online content. It requires schools and libraries to implement Internet safety measures, such as filtering and monitoring, to safeguard minors. Compliance with CIPA is essential for institutions seeking E-Rate program discounts for Internet access and internal connections.

Explore More Content

Ready to brush up on something new? We've got even more for you to discover.