Hi guys, Please find my thoughts from our discussion few hours ago, regarding "Sub Topic 4 – Future Challenges", i believe the below is limited in scope and achievable with a reasonable effort, please feel free to consider if you think suitable, thanks. -------Start------- 1-Performance security (SSR2 scope) Issue high level recommendations towards ICANN technologies(routing, switching, computing environments, DNS related services) resources utilization (Traffic, processing/power/memory utilization, ...) To do so we need to: -identify a list of the types of technologies used by ICANN -recommend forecasting techniques to be used by ICANN to determine future utilization -ICANN role in return: Recommendations need to be considered in future technological planning or architecture designs by ICANN. 2-Technology selection security (SSR2 scope) Issue high level recommendations on: -Vendor security technology evaluation process (how to test solutions) -Vendor security technology selection process (how to select a solution) -Vendor security technology implementation process (what vendors need to do when deploying solutions) -Vendor security maintenance process (how vendors should maintain their solutions) -Vendor responsibilities and SLAs (patching vulnerabilities, technology development/deployment) -Vendor accountability for security problems -ICANN role in return: Selection recommendations need to be considered in future technology selection processes employed by ICANN 3-Threat intelligence (SSR2 scope) Issue high level recommendations on: -The need for an ICANN threat intelligence team -The need for ICANN to have established communication with top threat intelligence sources to know about the latest threats -The need for adapting threat intelligence internally, to identify attacks and threats accordingly -ICANN role in return: Threat intelligence recommendations to be adapted by ICANN towards enhancing blocking of cyber attacks, identifying causes of new breaches, and knowing about the latest threats endangering similar organizations. NB1: Recommendations provided should be vendor/technolgy neutral, as to be valid for future utilization NB2: issues of ddos, route injection all fall under “Sub Topic 3 – DNS SSR” as they are issues probably currently being dealt with. What is not dealt with, is how they could be used in the future, which falls under threat intelligence. I do not believe should predict protocols misuse options through new vulnerabilities, that has an unlimited scope. -------End------- Regards, Amin