[RSSAC Caucus] Security Incident Reporting Work Party Update
Robert Story
rstory at ant.isi.edu
Mon Apr 22 14:05:53 UTC 2024
Hi Dessalegn,
I think this would fall under an informational report, because:
- it was caused by a bad configuration update, not a malicious actor
- it affected less than 25% of a single RSO, so no material effect on
the RSS
While I think/hope that we will include a recommendation that RSSAC or
the RSS GS consider creating guidance for information reporting, it's
otherwise out of scope for the current document.
Regards,
Robert
USC Information Sciences Institute <http://www.isi.edu/>
Networking and Cybersecurity Division
On Mon 2024-04-22 10:37:01+0300 Dessalegn wrote:
> Here is a security incident report that supports our approach(covering
> indirect incidents), i.e., including security incidents related to
> critical infrastructure components upon which the RSS relies.
>
> https://status.ripe.net/incidents/l3cz0rry823k
>
> Dessalegn
More information about the rssac-caucus
mailing list