Principal Security Researcher's Take on the ICANN75 AGM

FIRST, the Forum of Incident Responders and Security Teams, is a global organization that helps incident responders and other cybersecurity folk get together and help each other out.

I represent FIRST as the DNS Abuse Ambassador, and they recently sent me to Kuala Lumpur for the ICANN75 AGM. It was indeed a time of a lot of firsts (hah) for me—first time in Kuala Lumpur, first ICANN meeting (the 75th meeting and AGM at that!), and the first time I was properly representing FIRST in person.

Here’s my account of the events:

ICANN—A Huge Success! 

At least from my point of view.

Of course, I have to give a big shout out to Carlos Alvarez, a member of the FIRST DNS Abuse SIG and Director of Trust and Public Safety Engagement.

I have to say—Carlos really saved me! 

We spent 40 minutes going through the entire schedule, and he explained the many, many acronyms and overall structure of ICANN elements. Carlos also introduced me to many incredible people and provided very valuable feedback.

The Challenge of Defining DNS Abuse

During this trip, I presented on The Challenge of Defining DNS Abuse. The main goal was to remind people that there's a lot of different perspectives out there—and no single definition.

My presentation went very well, if I do say so myself. Tech Day—a catch-all for anything technical that didn't fit into the other elements of ICANN—was a wonderful place to be. The level of enthusiasm and engagement from the audience was fantastic. We couldn’t even get to all of the questions in the time allotted for Q&A!

The accompanying speakers in my time slot, Jeff Bedser from CleanDNS and Adiel Akplogan from ICANN, were also incredible and welcoming of the newbie.

DNS Abuse: A Very Hot Topic

Amongst the many interesting talks, DNS Abuse was a hot topic. DNS Abuse came up repeatedly from day 1—the ICANN president and CEO highlighted it during the opening meeting. The meaning of the term “DNS Abuse” is very fuzzy to some, and very specific to others. My presentation (The Challenge of Defining DNS Abuse) was appropriate in many ways!

The Highlight of ICANN—Meeting Other Attendees

ICANN attendees were a great group of people. The audience was diverse, from the DNS Abuse Institute, registries, registrars, CERTs, commercial companies, to government organizations. Wonderful discussions took place with some brilliant minds!

By the end, I had a pile of business cards—and had passed out every single one that I had brought! The old school style of networking was unexpected, but welcomed.

My favorite part, though, was finally getting to put faces to names of the people I regularly interact with online. Meeting these familiar people in person strengthened our relationships in ways that are hard for me to define! It was also very nice to know that people were putting a face to FIRST.

Final Thoughts on ICANN

By the time I left, I had a long list of things to follow up on.

The DNS Abuse Institute has a great study that merits further thought (recreating their experiments and looking at their source data could probably be a whole topic in itself). I also spoke to someone about ICANN setting up a group that reaches out to the cybersecurity community—something there’s not really space for at the moment.

DNS Abuse is a potential way to bridge that gap in the meantime—it’s so top of mind. 

Finally, the insights I gained into the inner workings of ICANN was hugely valuable. From the outside, ICANN can seem like a massive ball of bureaucratic red tape and acronyms—seeing how things actually worked from the inside was amazing. Real work gets done here that has the potential to affect everyone on the internet. Millions (or billions!) of people worldwide can have their online lives shaped by the conversations that happen at ICANN. 

In all, the trip was exhausting but excellent. It will take me a while to digest and absorb everything properly, but there are already tangible benefits. I hope to go to more events like this in the future!

  • There are no suggestions because the search field is empty.
Latest posts
The Differences Between DNS Security and Protective DNS The Differences Between DNS Security and Protective DNS

When researchers talk about DNS security, they often refer to anything that protects DNS infrastructure. Although protective DNS and DNS security fall under the cybersecurity umbrella, protective DNS takes a different approach to cybersecurity than standard DNS security. Both security strategies are important for the stability of your business, but protective DNS reduces risks from your weakest link–human error. Protective DNS is critical for you...

Cisco Umbrella RC End-of-Life: What You Need to Know Cisco Umbrella RC End-of-Life: What You Need to Know

The impending Cisco Umbrella RC End-of-Life has many Umbrella users concerned about their next steps and questioning which protective DNS solution might be able to fill the gap for their organization.

Cybersecurity Briefing | A Recap of Cybersecurity News in October 2023 Cybersecurity Briefing | A Recap of Cybersecurity News in October 2023

Industry State of the Art

This month there was a high level of focus on compliance issues spanning several focus areas from governments and oversight agencies around the world.  And while there were actions taken with regard to specific vulnerabilities, a larger spotlight was placed on bigger picture security considerations in a more general context.

Explore More Content

Ready to brush up on something new? We've got even more for you to discover.