Computer Security

Discussion Question

Search “scholar.google.com” or your textbook. Discuss the technical skills required to have a CSIRT response team consisting of employees with other job duties (i.e., not a full-time CSIRT job category)? Why or why not? What factors will influence their decision?

– One original post at least 250 words response to the discussion question. Indicate at least one source or reference in APA 6 formatted, which means you MUST INCLUDE in-text citation.

– Two replies to the two attached posts at least 250 words each.

 

by Sruthi Chapel

 

CSIRT refers to the Computer Security Incident Response Team. This response team is majorly put in place to avert cyberattacks inclined to affect the organizations they work for. The number of cybercrimes has solely grown over the past few years and will keep growing in the future because virtually all organizations have turned to online computing services. Having to avert an attack that has not yet happened is almost impossible, time-consuming, and a lot of money is channeled to this course compared to having a response team in place (Ruefle et al., 2014). As we all know, once an attack is underway, most people won’t notice a thing or two until it is too late.

The CSIRT team should have the skill to identify and detect an anomaly; they should be a skill, especially among the team members, it will come in handy. The team should be able to solve problems once they have detected the anomaly. They should be able to prevent attacks of the same kind by finding a permanent way to end the attacks with much ease. The team should have a skill in human resource management; it will save the organization much in their daily operation as the attack can be termed as a risk bound to happen at any time. Once these kinds of skills have been identified among few team members, they can have the job even though it will be a part-time job (Steinke et al., 2015).

 

 

 

References

Ruefle, R., Dorofee, A., Mundie, D., Householder, A. D., Murray, M., & Perl, S. J. (2014). Computer security incident response team development and evolution. IEEE Security & Privacy, 12(5), 16-26. doi:10.1109/msp.2014.89

Steinke, J., Bolunmez, B., Fletcher, L., Wang, V., Tomassetti, A. J., Repchick, K. M., . . . Tetrick, L. E. (2015). Improving cybersecurity incident response team effectiveness Using Teams-Based Research. IEEE Security & Privacy, 13(4), 20-29. doi:10.1109/msp.2015.71

by Noria Rai

 

Computer security incidence response team (CSIRT) are the first respondents to security incidences and breaches in systems whenever they occur; laxity and lapses in responding may yield grave consequences. CSIRT initiatives requires cooperation from team members in time constrained environments. Having employees with other duties double up as CSIRT response team is a feasible idea that maximizes output; instead of having a full-time CSIRT job category that anticipates security and system breach, personnel from the IT department can discharge these ad hoc tasks and other duties (Whitman, 2013). The CSIRT team mainly should have good communication skills because they need to work with different people, application on daily basis when facing the security issues so they should communicate well. Also from my research I came to know that they should also make sure they should have previous experiences on how to handle all types of issues, because in companies we never know what issues can come.

 

Having a mix of employees who execute different tasks in an organization eases identification of potential incidences and vulnerabilities in a system. Furthermore, they can easily create and agree on approaches to address identified weaknesses in systems. Computer Efficiency Readiness Team (CERT) articulates roles for CSIRT members to enhance their mode of responding to security concerns. The responsible manager should possess excellent communication skills to address management. Furthermore, a team leader should exemplify excellent organization skill by safeguarding documentation and recording of decisions, procedures, and other key variables and metrics.

 

Besides, having employees double up as CSIRT members enhances their knowledge and awareness; these complement troubleshooting, problem-solving, and critical thinking. In every company the CSIRT team should understand all the business functionalities which can help them to understand how the business is going and what securities are implemented (Martins, 2019). Mainly the CSIRT team decisions are very important and whatever they decide will be followed, so definitely before making any conclusions they should analyze, mitigate and see the business impact. Training the CSIRT and hiring the right team is very essential for the company.

References

Martins, R. d., Knob, L. A., Silva, E. G., Wickboldt,J. A., Schaeffer-Filho, A., & Granville, L. Z. (2019). Specialized CSIRTfor incident response management in smart grids. Journal of Network andSystems Management, 27(1), 269–285.

Whitman, M. E., Mattord,H. J., & Green, A. (2013). Principles of Incident Response and DisasterRecovery. Cengage Learning.

by Noria Rai

 

Computer security incidence response team (CSIRT) are the first respondents to security incidences and breaches in systems whenever they occur; laxity and lapses in responding may yield grave consequences. CSIRT initiatives requires cooperation from team members in time constrained environments. Having employees with other duties double up as CSIRT response team is a feasible idea that maximizes output; instead of having a full-time CSIRT job category that anticipates security and system breach, personnel from the IT department can discharge these ad hoc tasks and other duties (Whitman, 2013). The CSIRT team mainly should have good communication skills because they need to work with different people, application on daily basis when facing the security issues so they should communicate well. Also from my research I came to know that they should also make sure they should have previous experiences on how to handle all types of issues, because in companies we never know what issues can come.

 

Having a mix of employees who execute different tasks in an organization eases identification of potential incidences and vulnerabilities in a system. Furthermore, they can easily create and agree on approaches to address identified weaknesses in systems. Computer Efficiency Readiness Team (CERT) articulates roles for CSIRT members to enhance their mode of responding to security concerns. The responsible manager should possess excellent communication skills to address management. Furthermore, a team leader should exemplify excellent organization skill by safeguarding documentation and recording of decisions, procedures, and other key variables and metrics.

 

Besides, having employees double up as CSIRT members enhances their knowledge and awareness; these complement troubleshooting, problem-solving, and critical thinking. In every company the CSIRT team should understand all the business functionalities which can help them to understand how the business is going and what securities are implemented (Martins, 2019). Mainly the CSIRT team decisions are very important and whatever they decide will be followed, so definitely before making any conclusions they should analyze, mitigate and see the business impact. Training the CSIRT and hiring the right team is very essential for the company.

References

Martins, R. d., Knob, L. A., Silva, E. G., Wickboldt,J. A., Schaeffer-Filho, A., & Granville, L. Z. (2019). Specialized CSIRTfor incident response management in smart grids. Journal of Network andSystems Management, 27(1), 269–285.

Whitman, M. E., Mattord,H. J., & Green, A. (2013). Principles of Incident Response and DisasterRecovery. Cengage Learning.