Routing Security as Supply Chain Security: Threats and Opportunities

Fall 2023

Is your ISP or cloud provider your first line of defense in the supply chain, or your weakest link?
Enterprises increasingly store their assets, conduct operations, and serve customers via the Internet. This significantly extends their security perimeter beyond physical boundaries and makes them vulnerable to infrastructure attacks, including routing attacks. It aggravates the security challenges that they deal with already, such as ransomware, malware, APTs and denial of service attacks.
It also creates a critical dependency on the reliability and security of the data flowing across the Internet. Routing and traffic security thus becomes an important part of your supply chain security. Therefore, enterprises must carefully vet their ISPs, CDNs, and cloud providers to verify they secure traffic and safeguard data.
MANRS+ is a framework currently in active development that focuses on routing and traffic security and creates a second, elevated tier of MANRS[1] participation for organizations that comply with more stringent requirements and auditing. In this session, we’ll explain the framework and examine the requirements enterprises should consider from their connectivity providers.

[1] Mutually Agreed Norms for Routing Security, or MANRS, is a community of over 1,000 security-minded organizations committed to making the global routing infrastructure more robust and secure.

 

Speakers:

I joined the Internet Society in March 2011. Prior to joining, I was Chief Technical Officer of RIPE NCC, responsible for the company’s IT strategy, including the management of one of the DNS root servers, K-root.

I bring more than 20 years of experience in the Internet technical community, and I’m actively following Regional Internet Registry (RIR) and Internet Engineering Task Force (IETF) activities. In 2010-2012 I was a member of the Internet Architecture Board (IAB).

My primary area of interest is security and resilience of the Internet infrastructure, bridging technology and policy. This work is based on active engagement with the operator, research, and policy communities. I was instrumental in creating an industry-led initiative called Mutually Agreed Norms for Routing Security (MANRS) and the development of its programs. I am also one of the main contributors to the Internet Impact Assessment Toolkit (IIAT), which was developed and promoted by the Internet Society.

I’m based in Amsterdam, The Netherlands.

Matt Davy has been a Chief Network Architect at Visa since 2016. During that time he has led multiple transformational projects focused on Visa’s global backbone, Internet connectivity and network automation. He is also active in efforts to improve Internet routing security including co-chairing a working group within the Mutually Agreed Norms for Routing Security (MANRS) initiative. Prior to joining Visa, Matt spent 19 years in various areas of the networking industry including large Internet Service Providers, universities and startups and has a broad range of experience including operations, engineering, research, training and product development.

In his role as Distinguished Engineer at Comcast, Tony Tauber focuses on Backbone and Core network architecture and engineering with particular attention to measurement, manageability, and automation as well as network and routing security. He also partners with the research and education communities on projects and previously chaired the North American Network Operators Group (NANOG) Program Committee.

In the past, he held senior network engineering positions at BBN, GTE Internetworking, Genuity, Level3, and MIT Lincoln Lab as well as served as co-chair of the Routing Protocol Security working group in the IETF.

He has been the lead engineer and architect for Comcast’s RPKI and Anycast routing initiatives.

Related events