[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[CVEPRI] Next Phase for CyberCrime Treaty Statement


Gene Spafford, Gary Gagnon, Margie Zuk, and I had a discussion this
morning about the next steps to take for the CyberCrime treaty
statement.  Gary and Spaf will be the primary focal points for this
next phase.

Here is an outline of the approach we will take over the next month or

We will be identifying 2 sets of people.  The first includes people
that we invite to sign the statement (industry leaders).  The second
is a list of people we want to make aware of the issue
(e.g. government policy makers, consortium leaders).

If you have suggestions for who could sign the statement and/or who
should be made aware of it, please send them to me, Gary Gagnon
(gjg@mitre.org), and Spaf (spaf@cerias.purdue.edu).

As soon as possible, a web site will be made available to potential
signers.  It will include things like links to the treaty, the current
statement, etc.  This web site will not be publicized in this phase.

Contact names and signatures will be collected over the next few
weeks, with a projected "deadline" of June 9th (but that date may

After the deadline, we will send the signed statement to the Council
of Europe, press, and the "awareness list" of people who should know
about it.  The next step is undefined but will likely involve
increasing awareness at the consortium level.

Care will need to be taken to ensure that this action is not
attributed to "the Editorial Board" as an entity itself.  Hopefully
this will address some of the concerns that Board members have, such
as Kevin Ziese.  Also note that there is a Board organization that has
a dissenting opinion with respect to the statement.  That opinion will
be posted to the list once I've worked with that organization on how
to present it; the idea is to make it a "public record" that there is
not unanimous agreement within the Board.  A dissenting opinion does
not prevent other Board members from contributing, of course, but it
is an additional reason for us to be careful about how we present this
activity to the outside community.

Below is the current list of signers.  If you are speaking for your
organization, please ensure that you are under the "corporate" section
of this list.

- Steve

Scott Blake
Security Program Manager
BindView Corporation

Adam Shostack
Director of Technology
Representing Zero-Knowledge Systems, Inc.


Stuart Staniford, PhD
Representing Silicon Defense

Robert A. Clyde
Vice President Security Management
Representing AXENT Technologies, Inc.

Craig Ozancin
Senior Security Analyst
Representing AXENT Technologies, Inc.

Elias Levy
Chief Technical Officer
Representing SecurityFocus.com


Scott A. Lawler, CISSP
Chief, Vulnerability Analysis
U.S. Department of Defense Computer Emergency Response Team

Mike Prosser
Research Manager
Enterprise Solutions Division
Symantec Corporation

Pascal Meunier, M.Sc., Ph.D.
Research Scientist

Thomas Stracener
Technology Research
Hiverworld, Inc.

Paul E. Proctor
Director of Technology
Cybersafe Corporation

David LeBlanc, Ph.D.
Sr. Technologist
Information Security
Microsoft Corporation

Eugene H. Spafford, Ph.D, FACM, FAAAS
Professor and Director
Purdue University CERIAS

Kelly J. Cooper
Internet Security Officer

Ken Armstrong
Senior Network Security Engineer
EWA-Canada / CanCERT

David M. Balenson, Director of Technical Outreach
NAI Labs, The Security Research Division
Network Associates, Inc.

Steven R. Snapp
Senior Security Engineer
CyberSafe Corporation

David Mann, Ph.D.
Senior Security Analyst
BindView Corporation

Matt Bishop
Associate Professor
Computer Security Laboratory
Department of Computer Science
University of California at Davis

Bill Wall
Senior Computer Security Engineer
STAT Operations, Harris Corporation

William Fithen
Senior Member of the Technical Staff
CERT Coordination Center
Software Engineering Institute
Carnegie Mellon University

Eric Cole
SANS Institute

Jim Magdych
Security Research Manager
Network Associates, Inc.

William Hill
Principal INFOSEC Engineer
The MITRE Corporation

Casper Dik
Security Architect,
Solaris OS Engineering
Sun Microsystems, Inc.

Steve Schall
Sr. Product Manager

David W. Baker, MFS
Senior INFOSEC Engineer
The MITRE Corporation

Ronson Nguyen, CISSP
Information Security Services
Ernst & Young LLP

Page Last Updated or Reviewed: May 22, 2007