The Department of Homeland Security released its IT Sector Risk Management Strategy on Friday, focusing on the naming system used for technology and services connected to the Internet.
This risk management strategy was developed in partnership with the Information Technology Sector Coordinating Council (IT-SCC), which is composed of key members of the IT industry, and it was designed with a wide range of stakeholders in mind, including:
- Standards-making organizations that establish and promote standards for Internet infrastructure services, either directly or indirectly;
- Government agencies that are large scale users of DNS
- Companies that are involved in operating DNS services or providing Internet security services
- Government and private organizations that develop and establish policies that govern the Internet
The Strategy describes how the IT sector and DNS communities can address risks to enhance the resiliency and safety of the Internet. It also offers several risk mitigation activities such as:
Advertisement
- Promoting education, training, outreach, and awareness that focuses on data file misuse (both intentional and unintentional) as well as international engagement to develop and disseminate best practices for secure and trusted naming and grouping of domain names;
- Enhancing information sharing and relationships through global forums that address issues impacting the Internet from technical and policy perspectives; and
- Building enhanced capabilities and programs to protect against large-scale attacks including the implementation of continuous real-time monitoring of production equipment by network operation centers to anticipate and protect DNS infrastructure from cyber attacks
It Sector Risk Management Strategy Domain Name Resolution Services June2011