[[--Translated text (es -> en)--]] Subject: Re:? = Utf-8 q = C3 = A1cticas_para_establecer Buenas_Pr _ = = utf-8 un_CSIRT_Nacional q =????? from: fabricio.pessoa@axur.com Hello Alejandro, I understand what you mean but, for me, the document is specific in say that their focus is national CSIRTs and is very useful to give an idea general LAC countries in the region do not even have a national CSIRT. Obviously this is not a manual, and do not think anyone think of creating a National CSIRT seek only a source of information, but I think the document if it serves to give an idea of \u200b\u200bhow to start piensar the subject. There are other interesting documents arising out of open debates in the IGF about good practices for CSIRT in: http://www.intgovforum.org/cms/documents/best-practice-forums/establishing-a... I personally applaud if the OAS because it is one of the few organizations see is really acting and performing actions to improve and raise awareness about cybersecurity, the example South School on Internet Governance 2016. They are far from perfect seren, and also I think deverian work more together with LACNIC and other organizations, but it unless you are doing something real. He participated in many groups of CSIRTs and cybersecurity in the LAC region and everyone and the truth is that the representativeness of the region is a lot lower and many people do not see're doing things sides. Is a shame, but it's true. I think if we do not agree with things you do, devemos look for alternatives and do something better. I am working together with LACNIC, M3AAWG (Messaging, Malware and Mobile Anti-Abuse Working Group) and APWG (Anti-Phishing Working Group) to we believe a group of anti-abuse in the region precisely because I do not see the people here participating in groups and discussions on the subject.He reflex is justamenet that will keep developing documents and standards that They do not take into account our reality in the LAC region. My goal in becoming more involved with ICANN issues and therefore LACRALO is just looking for a way to improve our participation in cybersecurity issues. For that, I think ost important is to unite efforts and so I always look on the bright side of everything that is done in this regard, and as much does the fact that someone is I doing something, as in the case of OAS, I see something positive com. That said, in May, during the LACNIC event in CUBA, be with presentations from organizations such as M3AAWG, debates about Cybersecurity and CSIRTS, BOFs on how to improve the integration and Communication are among the different actors in the process of fighting network abuse and the possibility of creafrmos a group of anti-abuse for the region. I invite all concerned because it is a real opportunity to build something that will bring benefits to the region. regards Sent With MailTrack < https://mailtrack.io/install?source=signature&lang=en&referral=fabricio.pess...> <http://www.axur.com/> Fabricio Pessôa ** * Community Engagement and Relationship Manager * * Axur. Cyber \u200b\u200bInspection for a safer web. * fabricio.pessoa@axur.com | +55 54 99624737 | +55 51 30122987 Skype: fabricioaxur <http://www.stopthinkconnect.org/> ------------------------------ A contida neste informação e-mail and attachments em seus confidential e não é Prune be used, disclosed for Terceiros reproduzida ou que não seu addressee. Is recebeu this e-mail by mistake, please turn off or seu conteúdo and alert or remetente Immediately. <http://www.axur.com.br> <http://www.ciberbras.com> The information Contained In This e-mail and in ITS attachments is confidential and not be used Shall, reproduced or Disclosed by any person other than ITS addressee (s). If received in error Please delete this e-mail's content and contact the sender immediately. <http://www.axur.com> * This mensagem não tem validade ou contract as agreed. * 04/14/2016 1:04 GMT-03: 00 Alejandro Pisanty <apisanty@gmail.com> :

Fabricio,

mil gracias por enviar este documento sobre CSIRTs de la OEA. Una visión gubernamental y de empresas sin consideración real de los "stakeholders" de las comunidades técnica, académica y de la sociedad civil.

Es importante observar que se concentra en los esfuerzos de seguridad de los gobiernos y no los de la sociedad en general. Por ello omite a algunos de los centros más competentes y probados, origen de algunos de los centros gubernamentales descritos.

Como sucede también en el informe de la OEA sobre el estado de las capacidades de la región en ciberseguridad, el enfoque es ante todo al esfuerzo de los gobiernos, al servicio de los CSIRTs para seguridad pública y seguridad nacional, y no a la construcción de capacidades generalizadas, ni a la movilización de recursos de la propia sociedad que ocurre todos los días en nuestras sociedades. Una rápida búsqueda a la cuerda "universi" lleva a observar que las universidades aparecen solamente como los lugares de trabajo de algunos autores, y en la descripción de un párrafo por país de la oferta educativa en seguridad informática.

Una búsqueda de "dominio" nos muestra otro aspecto importante del informe, la visión de seguridad [cibernética] nacional está permeada por la militarización. Se refiere a "dominio" como lo hace la doctrina estratégica de la Defensa, el dominio "cyber" o "ciber" es uno más en la breve lista de tierra, mar, aire y espacio de los dominios estratégicos militares.

La visión de derechos humanos es igualmente cuestionable desde el punto de vista de la sociedad civil; lo dejo para los expertos.

LACRALO representa y reúne a la sociedad civil y a numerosas personas y agrupaciones con competencia técnica en seguridad. Estamos en proceso de admitir a una asociación dedicada al tema. ¿Debemos aplaudir un informe que nos excluye deliberadamente, por diseño? ¿nos es útil para nuestras actividades como representantes y promotores de los principios e intereses de los usuarios?

Alejandro Pisanty

On Wed, Apr 13, 2016 at 11:32 AM, Fabricio Pessoa < fabricio.pessoa@axur.com> wrote:

...

Hola a todos,

Repaso un documento desarrollado por OAS con Buenas Prácticas para establecer un CSIRT Nacional que creo que puede ser util.

https://www.sites.oas.org/cyber/Documents/2016%20-%20Buenas%20Practicas%20CS...

Saludos

<http://www.axur.com/>

*Fabricio PessÃŽa**Community Engagement and Relationship Manager* *Axur. Cyber Inspection for a safer web.* fabricio.pessoa@axur.com | +55 54 99624737 | +55 51 30122987 Skype: fabricioaxur <http://www.stopthinkconnect.org/> ------------------------------

A informação contida neste e-mail e em seus anexos é confidencial e não pode ser usada, reproduzida ou divulgada para terceiros que não seu destinatário. Se recebeu este e-mail por equívoco, por favor apague o seu conteúdo e avise o remetente imediatamente. <http://www.axur.com.br>

<http://www.ciberbras.com>The information contained in this e-mail and in its attachments is confidential and shall not be used, reproduced or disclosed by any person other than its addressee(s). If received in error, please delete this e-mail's content and contact the sender immediately. <http://www.axur.com>

*Esta mensagem não tem validade como acordo ou contrato.*

Sent with MailTrack <https://mailtrack.io/install?source=signature&lang=en&referral=fabricio.pess...>

_______________________________________________ lac-discuss-es mailing list lac-discuss-es@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/lac-discuss-es

http://www.lacralo.org

-- - - - - - - - - - - - - - - - - - - - - - - - - - - - Dr. Alejandro Pisanty Facultad de Química UNAM Av. Universidad 3000, 04510 Mexico DF Mexico +52-1-5541444475 FROM ABROAD +525541444475 DESDE MÉXICO SMS +525541444475 Blog: http://pisanty.blogspot.com LinkedIn: http://www.linkedin.com/in/pisanty Unete al grupo UNAM en LinkedIn, http://www.linkedin.com/e/gis/22285/4A106C0C8614 Twitter: http://twitter.com/apisanty ---->> Unete a ISOC Mexico, http://www.isoc.org . . . . . . . . . . . . . . . .

[[--Original text (es) http://mm.icann.org/transbot_archive/035ac0db7c.html --]]