On Feb 11, 2021, 11:24 AM -0800, Russ Housley <
housley@vigilsec.com>, wrote:
KC:
I recall the Webinar prior to public comment where we went through each recommendation. I really felt like the people that had read the report did not need that deatail, and the people that had not read it were trying to figure out what parts they cared about. The slide deck seemed a better approach to me.
Russ
On Feb 11, 2021, at 11:05 AM, k claffy <kc@caida.org> wrote:
On Fri, Feb 05, 2021 at 06:33:38PM +0000, Jennifer Bryce wrote:
Dear SSR2 RT members,
FYI ??? please find attached the slides for the SSR2 webinar next week (11 February @ 15:00 UTC). Have a good weekend!
Jennifer, Russ,
I am so sorry I completely missed that you sent out
a slide deck last week. I wish we had had a call to
review the slides. I think they missed the mark.
They did not even review the recommendations, like
we did for the webinars after the draft!
Russ and I have to present a version to SSAC on Monday,
is it possible to create an extended deck for that and
future discussions. we need at least 87 additional slides,
but it should be a straightforward cutting and pasting
exercise:
63 slides, one for each specific recommendation,
with the recommendation group at the to
e.g., slide 3 of this batch would be:
-----------------------------
SSR2 Recommendation 2: Create a C-Suite Position Responsible for Both Strategic
and Tactical Security and Risk Management
2.2 ICANN org should include as part of this role's
description that this position will manage ICANN org's
security function and oversee staff interactions in all
relevant areas that impact security. This position should
be responsible for providing regular reports to the
ICANN Board and community on all SSR-related
activities within ICANN org. Existing security functions
should be restructured and moved organizationally to
report to this new position.
-----------------------------
and then also a batch of 24 slides, one for each group that
has title: "Rec N: Measuring Implementation and Effectiveness"
two bullets on each slide, placed after each subgroup of
recs, e.g., for the above Rec 2, and placed after last
slide in group 2
(smaller font)
SSR2 Recommendation 2: Create a C-Suite Position Responsible for Both Strategic
and Tactical Security and Risk Management
(bigger font)
"Measuring Implementation and Effectiveness"
(normal font)
Implemented: ICANN org has created and filled the role
of Chief Security Officer with responsibilities as defined in
the recommendations.
Effective: when ICANN org centralizes security responsibilities
such that ICANN org can demonstrably coordinate SSR
activities and budget and speak to security issues at
the appropriate management level.
-----------------------------
i know this is some work, But we spent three years on this
report, and I think we do need to be prepared to engage with
the community in-depth.
Also I think the implementation shepherds will need such a
document to keep track of progress here so I don't think this
slide deck will see double or triple duty
others' thoughts?
k
_______________________________________________
Ssr2-review mailing list
Ssr2-review@icann.org
https://mm.icann.org/mailman/listinfo/ssr2-review
_______________________________________________
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
_______________________________________________
Ssr2-review mailing list
Ssr2-review@icann.org
https://mm.icann.org/mailman/listinfo/ssr2-review
_______________________________________________
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.