Categories
Articles

The future of automated incident response

My post about automating incident response prompted a fascinating chat with a long-standing friend-colleague who knows far more about Incident Response technology than I ever did. With many thanks to Aaron Kaplan (AK), here’s a summary of our discussion… Developments in automated defence AK: Using Machine Learning (“AI”) in cyber-defence will be a gradual journey. […]

Categories
Articles

Does the AI Act allow automated network defence?

In response to my posts about the relevance of the draft EU AI Act to automated network management one concern was raised: would falling within scope of this law slow down our response to attacks? From the text of the Act, I was pretty sure it wouldn’t, so I’m grateful to Lilian Edwards for the […]

Categories
Articles

Thinking about automation

To help me think about automated systems in network and security management, I’ve put what seem to be the key points into a picture. In the middle is my automated network management or security robot: to the left are the systems the robot can observe and control, to the right its human partner and the […]

Categories
Articles

Automating Digital Infrastructures

Most of our digital infrastructures rely on automation to function smoothly. Cloud services adjust automatically to changes in demand; firewalls detect when networks are under attack and automatically try to pick out good traffic from bad. Automation adjusts faster and on a broader scale than humans. That has advantages: when Jisc’s CSIRT responded manually to […]

Categories
Articles

BEREC Net Neutrality Guidelines: good news for security

BEREC, the board of European Telecoms Regulators, has just published its updated guidance on enforcing the Network Neutrality Regulation. Jisc has been working with the Forum of Incident Response and Security Teams (FIRST) for nearly five years to ensure that this legislation and guidance didn’t discourage legitimate practices to secure the operation of networks: this […]

Categories
Articles

BEREC clarifies that permanent network security measures may be OK

Four years ago, Jisc responded to the Board of European Regulators of Electronic Communications (BEREC) consultation on network neutrality to point out that some security measures cannot just be temporary responses by the victims of attacks, but need to be permanently configured in all networks to prevent them being used for distributed denial of service […]

Categories
Articles

Net Neutrality: BCP-38 Seems OK

The Board of European Regulators of Electronic Communications (BEREC) have now released the final version of their net neutrality guidelines, following a public consultation that received nearly half a million responses. These seem to have resulted in clarifications of the draft version, rather than any significant change of policy. Jisc’s response raised a concern that […]

Categories
Consultations

Network Neutrality and Network Security

A new EU law, created earlier this year, requires public network providers to ensure “network neutrality” – roughly, that every packet be treated alike unless there are legitimate reasons not to. The Body of European Regulators of Electronic Communications (BEREC) has now published draft guidelines on how this will be implemented, in particular the circumstances […]

Categories
Articles

Network Neutrality and Network Security

There’s a tension between network neutrality – essentially the principle that a network should be a dumb pipe that treats every packet alike – and network security, which may require some packets to be dropped to protect either the network or its users. Some current attacks simply can’t be dealt with by devices at the […]

Categories
Articles

Detecting DNS configuration errors

The Domain Name Service (DNS) which translates names to IP addresses (among many other things) is critical for humans using the Internet. Research by Slavko Gajin and Petar Bojovic presented at the TERENA Networking Conference indicates that mis-configurations are more common than we might hope. Getting DNS right often requires different organisations to have matching […]