Cristine Hoepers “Discussing security in terms of ‘National Security’ can result in a fragmented Internet”
Cristine Hoepers is one of the LACNIC region’s most prominent and experienced computer security experts. Senior information analyst and general manager at CERT.br (Brazil), Hoepers has been involved with the Internet Registry for Latin America and the Caribbean since its creation.
In Hoepers’ opinion, in addition to number resource coordination, LACNIC has provided a Regional Forum where participants can share their experiences, discuss new technologies and propose initiatives aimed at achieving a better Internet.
She notes that security has become increasingly prominent in Internet governance discussions, and that the community should increase its participation and present practices that will allow an open and stable Internet. She also warns us that discussing security in terms of ‘National Security’ can lead to “a fragmented Internet.”
What was your relationship with the world of ICTs like 15 years ago?
I have been part of the NIC.br team for 18 years. My work at CERT.br involves security and incident handling. Fifteen years ago, I was already working on the challenges of detecting and responding to security incidents in Internet-connected networks.
When and how did your relationship with LACNIC begin?
Although NIC.br has been involved with LACNIC since its creation, I first participated at LACNIC II, an event held in São Paulo.
I am very proud to have been present at the event during which the formal recognition documents for LACNIC were presented to ICANN.
What roles have you played within the LACNIC community? Did they meet your expectations? What aspects would you highlight?
My relationship with LACNIC became closer in 2006, when, together with Juan Carlos Guel, I was chosen to serve as the first co-moderator of the <firstname.lastname@example.org> mailing list and co-chair of the First Security Event for Latin American and the Caribbean, held within the framework of LACNIC IX in Guatemala (http://lacnic.net/pt/eventos/lacnicix/seguridad_en_redes.html).
A few years later, the names of these initiatives changed. Today they are known as LACSEC.
For the Guatemala event, I worked hard to share with the community the state of the art of incident handling and managed to combine the participation of Carnegie Mellon’s CERT/CC with a keynote presentation on incident management. After this event, many participants expressed their interest in learning more about security incident management. To meet this demand, I secured CERT/CC’s authorization to offer the ‘Overview on Creating and Managing CSIRTs’ tutorial at the LACNIC XI, XII and XIII meetings, free of charge.
I continued to promote the creation of CSIRTs and their cooperation, more specifically, helping LACNIC create and formalize LAC-CSIRTs, the regular meeting of the region’s CSIRTs. This group met for the first time in Buenos Aires during LACNIC XVI and continues to meet to this day thanks to the support LACNIC offers this community, which, while small, is essential for the regional Internet’s security and stability.
In what ways do you think LACNIC has contributed to the community’s development?
LACNIC has provided a Regional Forum where we can share our experiences, discuss new technologies and propose initiatives for a better Internet.
How do you envision Internet governance 15 years from now?
Security has become increasingly prominent in Internet governance debates and a central topic at various forums. To maintain an open and innovative Internet, our community must participate in the discussion. There is a tendency to discuss security in terms of ‘National Security,’ yet this could result in a fragmented Internet, one that is closed to innovation and —paradoxically— less secure. In order for us to have a more secure, stable and resilient Internet, we must discuss what we mean by ‘Internet Security’ and openly debate each party’s responsibilities.