Can you help me understand this Computer Science question?
Include at least 250 words in your posting and at least 250 words in your reply. Indicate at least one source or reference in your original post. Please see syllabus for details on submission requirements.
Search “scholar.google.com” or your textbook. Include at least 250 words in your reply. Indicate at least one source or reference in your original post. Discuss ways organizations have built a CSIRT. What are the components to building an effective and successful CSIRT team?
And also need 2 replies for peer posts each of 250 words length and reference .
Computer Security Incident Response Team (CSIRT) is a specialized team that ensures that an organization’s incidents are managed before an incident ,during and after the incident. According to (Chen et al., 2014) “the team analyzes the incident data, determines the impact of the incident, and acts appropriately to limit the damage and restore normal services” .CSIRT is built in various forms like reactive, proactive or security quality management forms within the organizations. For example, it can be built within the government authority or as an interior entity like defense ministry and helps in reporting any security incident. The reactive team alerts about the vulnerabilities and takes care about handling of incidents. Then there would be a group which audits, detects the intrusion named as the proactive team. The other security activities like analyzing the risk and disaster recovery planning and improvising the teams in terms of training are taken care by the security quality management group. The Operational CSIRT is crucial and acts as the core team which investigates prevention, monitoring and response of incidents.
With the technological advancements and focus on the data in huge volumes like cloud computing, big data the data governance is a big challenge to every organization. Hence, an effective and successful CSIRT team needs to be built. Commitment and trust are key attributes that can be developed over time for building such teams. The CSIRT team can be successful if the structure of the Management and support system is stronger. Step by step process of defining who needs to be in which team with a network built around trusted partners and their capabilities contribute to the overall success of organization. Standards need to be defined and adhered in order to have a stronger hang on the security incidents which are run across multiple environments.
Petac Eugen, & Duma Petruţ. (2018). Exploring the New Era of Cybersecurity Governance. Ovidius University Annals: Economic Sciences Series, XVIII(1), 358–363.
M. Grobler and H. Bryk, “Common challenges faced during the establishment of a CSIRT,” 2010 Information Security for South Africa, Sandton, Johannesburg, 2010, pp. 1-6, doi: 10.1109/ISSA.2010.5588307.
Every organization requires a computer security incident response team to protect the systems. With an increase in the development of technology, the threats for security breaches are also rapidly increasing. There is a huge chance for hacking the sensitive information of the organization if there is no secured protection. The databases and the confidential information of the organization need to be closely monitored by a team of professionals to minimize the occurrence of such changes (Krasznay & Hámornik, 2019). The team is specialized in the department of information technology and handles all the tasks related to the network, signaling, and security of the system. If the functional area of the organization is based upon the technology then there is a dire need for such teams in the organization. To build a strong team within the organization it is important to have positive interactions between the teammates and know their specialized skills and roles (Martins & et al., 2019). The CSIRT team helps the organization understand its multifunctional approach during critical situations. The organization should offer support to the incident team whenever there is a necessity by granting them the required funds and orders to take the authority to handle the situation during the period of crisis.
Each team should have different individuals that are assigned with particular key roles such as signal management, security control. This distribution makes the work easy for the team. The legal advisor should also be a part of the team to provide the best advice during any security threat. The team should consider the reason behind the occurrence of a particular situation before analyzing it technically. This includes a few components such as management during the incident. The team should record the information that is availed in the incident and improve its security system according to it (Pengfei & Jiaqi , 2019). Threat intelligence is also an essential factor that should be present in the team, it gives the ability to identify the risks and eliminate them (Martins & et al., 2019). A good incident response team should have a proper understanding to share the information. Crisis management requires a strong team to counteract and protect the information of the organization from the hackers by securing the connections.
Krasznay, C., & Hámornik, B. P. (2019). Human Factors Approach to Cybersecurity Teamwork – The Military Perspective. Advances in Military Technology, 14(2), 291–305. https://doi.org/10.3849/aimt.01296
Martins, R. de J., Knob, L. A. D., da Silva, E. G., Wickboldt, J. A., Schaeffer-Filho, A., & Granville, L. Z. (2019). Specialized CSIRT for Incident Response Management in Smart Grids. Journal of Network & Systems Management, 27(1), 269–285. https://doi.org/10.1007/s10922-018-9458-z
Pengfei Rong, Lan Zhang, & Jiaqi Xie. (2019). Does team conflict affect top management team creativity? Team climate as a moderator. Social Behavior & Personality: An International Journal, 47(12), 1–11. https://doi.org/10.2224/sbp.8096