Security Experts:

Ram Mohan's picture

Ram Mohan

Ram Mohan is the Executive Vice President and Chief Technology Officer at Afilias, a global provider of Internet infrastructure services including domain name registry and DNS solutions. Ram also serves as the Security & Stability Advisory Committee's liaison to ICANN’s Board of Directors and has helped direct and write numerous policies effecting domain name registration and DNS security.

Recent articles by Ram Mohan

  • There is a lot we can do to keep our data private and, like many aspects of managing security, it’s a process that is best grounded in common sense. What can organizations do to shield themselves from the kind of scrutiny that has caught the world’s attention recently?
  • Despite its popularity, security issues exist with outsourcing; to avoid trouble down the road, a proactive, thoughtful and thorough approach at the beginning of the process usually helps.
  • While the recent massive DDoS attack against SpamHaus.org ended well for SpamHaus, it made me more aware than ever that everyone can become a better Internet citizen.
  • What if you could automatically be recognized as secure because of the DNS? In other words, what if you could put your certificate into the DNS? What if you could turn on a Web browser and be secure right out of the box, without application vendors having to install certificates?
  • Security isn’t sexy. In fact, many people think it’s boring. When it comes to selling security, whether as a concept or in a true “sales” context, the lack of interest in security is compounded by the fact that doesn’t seem urgent— until it is.
  • Is the main purpose of WHOIS data to enhance the overall stability and security of the Internet by providing contact points for network operators and administrators? Or is it to help combat infringements on intellectual property, fraud and other forms of abuse? Both? Neither?
  • Despite its strong security benefits, DNSSEC has not had an equally strong deployment track record. Few IT professionals fully understand how it works and, more importantly, there are even fewer who understand how and why it could fail.
  • Adding DDoS attack mitigation measures as part of your crisis planning and risk mitigation measures is a necessary measure. Failing to plan for a DDoS disaster is like playing with fire.
  • Governments and organizations should make sure that technical and political implications are fully understood by all parties before blocking policies are developed. At the very least, any DNS blocking actions should be disclosed to all affected parties.
  • Historically, the WHOIS was created to make contact information available both for sites and for individuals in what was then a small Internet community. In the new recommendations, there is now the pursuit of the root cause for WHOIS.
  • What differentiates security and privacy? What unites them? Are they mutually exclusive or highly compatible? Does your organization’s policy on privacy trump its security policy? Are there policies in place for one or the other or both?
  • The Internet is now the world’s biggest boomtown and, as you might suspect, a period of adjustment is inevitable when a small town of a few hundred becomes a home to thousands -- in this case, thousands of new gTLDs.
  • If you’re responsible for your organization’s online presence, the introduction of new gTLDs offers challenges in how your organization fares -- or doesn’t -- on the Internet.
  • The semiannual “Global Phishing Survey” from the Anti-Phishing Working Group (APWG) provides powerful insight into what is happening in phishing worldwide.
  • But now ICANN is preparing to release hundreds of new generic Top-Level Domains (gTLDs) – starting most likely in late 2012 -- some concerns are being raised that users will be confused about domains beyond .com, .org, .info and other favorites.
  • It is highly likely that in your future, one of the DNSSEC deployments you are working on will not go according to plan. At that point you’ll need to be prepared to recover from DNSSEC errors.
  • While criminals have a tendency to look for loopholes in any process, the safety measures ICANN has made standard for new gTLDs should help to ensure that this unprecedented expansion of the domain name system has a net benefit on the security and stability of the Internet.
  • Adopters of DNSSEC in the U.S. have a unique barrier to adoption: Congress. SOPA and Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act contain provisions that could break the functionality of DNSSEC.
  • Domain names are part of the plumbing of the Internet and you don't need to worry too much about how it works, until it doesn't. Here are five facts about domains names that you should know.
  • Domain name typo squatting, a decade-old headache for marketing and legal departments, is putting corporate data at risk. But evidence suggests that it is becoming a risk that also needs to be on the CSO's radar.
  • Too often, DNS lends itself to being overlooked when it comes to security. Here are five common threats that leverage DNS, along with suggested best-practice, risk-mitigation strategies.
  • The new gTLD program will enable an unprecedented level of competition, and potential innovation, in the domain name market. But will this expansion cause security “mayhem” on the Internet, as some onlookers have predicted?
  • The Internet is a great tool for helping people become anonymous. Security professionals and law enforcement agents have always been painfully aware of this problem, which is why so few malware creators, phishers and malicious hackers are ever brought to justice.
  • Soldiers more comfortable studying code on a laptop screen than staring down the sights of a rifle will play a key role in future battles. The weapons stockpiles of the future will include stashes of zero-day vulnerabilities, botnets, control codes and sophisticated malware.
  • The ability of any company to apply for a new “dot.anything” gTLD is expected to bring increased consumer choice and technological innovation to the Internet's addressing systems. But will it also spur the adoption of enhanced Internet security? There are good reasons to believe it may, particularly within the addressing system itself.