[Ssr2-review] FYI: SSR2 webinar slides

Russ Housley housley at vigilsec.com
Sat Feb 13 16:01:39 UTC 2021 

These look good to me.  Thanks very much.

Russ


> On Feb 12, 2021, at 7:58 PM, Heather Flanagan <hlf at sphericalcowconsulting.com> wrote:
> 
> Hello all,
> 
> I’ve updated the slides in prep for the SSAC meeting. They can be found in the Final Report folder,
> 
> https://drive.google.com/drive/folders/1FKSxLF204CNiM0wrPY8gE5Ltz6eOM4OC?usp=sharing <https://drive.google.com/drive/folders/1FKSxLF204CNiM0wrPY8gE5Ltz6eOM4OC?usp=sharing>
> 
> Heather Flanagan — Translator of Geek to Human
> https://sphericalcowconsulting.com <https://sphericalcowconsulting.com/>
> On Feb 11, 2021, 11:24 AM -0800, Russ Housley <housley at vigilsec.com>, wrote:
>> KC:
>> 
>> I recall the Webinar prior to public comment where we went through each recommendation. I really felt like the people that had read the report did not need that deatail, and the people that had not read it were trying to figure out what parts they cared about. The slide deck seemed a better approach to me.
>> 
>> Russ
>> 
>> 
>>> On Feb 11, 2021, at 11:05 AM, k claffy <kc at caida.org> wrote:
>>> 
>>> On Fri, Feb 05, 2021 at 06:33:38PM +0000, Jennifer Bryce wrote:
>>> Dear SSR2 RT members,
>>> 
>>> FYI ??? please find attached the slides for the SSR2 webinar next week (11 February @ 15:00 UTC). Have a good weekend!
>>> 
>>> 
>>> Jennifer, Russ,
>>> 
>>> I am so sorry I completely missed that you sent out
>>> a slide deck last week. I wish we had had a call to
>>> review the slides. I think they missed the mark.
>>> They did not even review the recommendations, like
>>> we did for the webinars after the draft!
>>> 
>>> Russ and I have to present a version to SSAC on Monday,
>>> is it possible to create an extended deck for that and
>>> future discussions. we need at least 87 additional slides,
>>> but it should be a straightforward cutting and pasting
>>> exercise:
>>> 
>>> 63 slides, one for each specific recommendation,
>>> with the recommendation group at the to
>>> 
>>> e.g., slide 3 of this batch would be:
>>> 
>>> -----------------------------
>>> SSR2 Recommendation 2: Create a C-Suite Position Responsible for Both Strategic
>>> and Tactical Security and Risk Management
>>> 
>>> 2.2 ICANN org should include as part of this role's
>>> description that this position will manage ICANN org's
>>> security function and oversee staff interactions in all
>>> relevant areas that impact security. This position should
>>> be responsible for providing regular reports to the
>>> ICANN Board and community on all SSR-related
>>> activities within ICANN org. Existing security functions
>>> should be restructured and moved organizationally to
>>> report to this new position.
>>> 
>>> -----------------------------
>>> 
>>> and then also a batch of 24 slides, one for each group that
>>> has title: "Rec N: Measuring Implementation and Effectiveness"
>>> two bullets on each slide, placed after each subgroup of
>>> recs, e.g., for the above Rec 2, and placed after last
>>> slide in group 2
>>> 
>>> (smaller font)
>>> SSR2 Recommendation 2: Create a C-Suite Position Responsible for Both Strategic
>>> and Tactical Security and Risk Management
>>> 
>>> (bigger font)
>>> "Measuring Implementation and Effectiveness"
>>> 
>>> (normal font)
>>> Implemented: ICANN org has created and filled the role
>>> of Chief Security Officer with responsibilities as defined in
>>> the recommendations.
>>> 
>>> Effective: when ICANN org centralizes security responsibilities
>>> such that ICANN org can demonstrably coordinate SSR
>>> activities and budget and speak to security issues at
>>> the appropriate management level.
>>> 
>>> -----------------------------
>>> 
>>> 
>>> i know this is some work, But we spent three years on this
>>> report, and I think we do need to be prepared to engage with
>>> the community in-depth.
>>> 
>>> Also I think the implementation shepherds will need such a
>>> document to keep track of progress here so I don't think this
>>> slide deck will see double or triple duty
>>> 
>>> 
>>> others' thoughts?
>>> 
>>> k
>>> _______________________________________________
>>> Ssr2-review mailing list
>>> Ssr2-review at icann.org
>>> https://mm.icann.org/mailman/listinfo/ssr2-review
>>> 
>>> _______________________________________________
>>> By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
>> 
>> _______________________________________________
>> Ssr2-review mailing list
>> Ssr2-review at icann.org
>> https://mm.icann.org/mailman/listinfo/ssr2-review
>> 
>> _______________________________________________
>> By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/ssr2-review/attachments/20210213/889bb150/attachment.html>

More information about the Ssr2-review mailing list