Preview

. Computer Security Incident Response Team or CSIRT; How and why the “team” is established

Better Essays
Open Document
Open Document
1779 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
. Computer Security Incident Response Team or CSIRT; How and why the “team” is established
.
Computer Security Incident Response Team or CSIRT;
How and why the “team” is established
Debi Bradford
American Public University
Professor Johnny Justice
June 20, 2014

.
Computer Security Incident Response Team or CSIRT;
How and why the “team” is established
Before most of you were born, i.e., 1970’s, computers were something that was talked about, but people didn’t have things such as tablets, laptops or desktops. You heard about places such as IBM and their Big computers that were learning to play chess. For the most part, people were still keeping files by making copies of the original. Copies were kept in a “file” in a “file” drawer of a “file cabinet”. The file cabinets were kept in vaults, if they kept any type of personal information, or they could be locked in a safe. They may be guarded by a security company, or even the US Armed Forces.
Fast forward to the digital age---now people hardly know what a piece of “carbon paper” is. They know how to work a tablet, a laptop, a desktop. Along with learning how to use computer, we have found a way to commit crimes, just as before computers, only this time won’t even need to leave home to do most of the work. Isn’t paper and pencil safer??
With the Internet and e-commerce becoming the way of purchasing for many people, security got much more complicated”. “ (Barr, Builiding Cross-Enterprise Security Teams, 2010)
The purpose of this paper is to show how and why a Computer Security Incident Response Team (aka CSIRT) is established. By explaining the “how” and “why,” people will be able to see that going to back to paper and pencil is not a step they want to take. Computer Security Incident Response Teams (CSIRT) are made up of not only individuals that are specially trained in handling an incident, but there are also others that are on the team with them. Before we get to the makeup of the team let’s look at the reasons for forming a Computer Incident Security Response Team.
It


References: Works Cited Barr, J. G. (2010, 02). Builiding Cross-Enterprise Security Teams. New York, NY, USA. Barr, J. G. (2012). Computer Security Incident Handling. Faulkner Information Services. Borodkin, M. (2001). Computer Incident Response Team. Retrieved from SANS Institute InfoSec Reading Room: www.sansinstitute.com/infosecreadingroom Paul Cichonski, T. M. (2012). U.S. Department of Commerce NIST Computer Security Incident Handling Guide. Washington D.C.: U.S. Government. University, C. M. (2014). Create a CSIRT Incident Management Team. Retrieved from www.cert.org: www.cert.org/Create a CSIRT Incident Management Team
Continue Reading
View Writing Issues

You May Also Find These Documents Helpful

  • Good Essays

    Nt1330 Unit 6 Paper
    • 853 Words
    • 4 Pages

    Nt1330 Unit 6 Paper

    and detailed work strategies, monitoring progress, and determining issues solutions. Finally, organizations should dedicate a team of security analysts directed by the expertise of a Chief information security office (CISO) that reports to the Chief information office (CIO) and provides detailed security information to management for assessment and further expansion opportunities to the security infrastructure. Thus, management and a team of dedicated security experts measure system goals, develop strategies towards a more secure organization environment that prevents risks of any magnitude by safeguarding every corner.…

    • 853 Words
    • 4 Pages
    Good Essays
    Read More
  • Satisfactory Essays

    Testing and Monitoring Security Controls Worksheet
    • 33056 Words
    • 133 Pages

    Testing and Monitoring Security Controls Worksheet

    Itt 255 IT255 Instructor Lab Manual LABORATORY Instructor Lab Manual IT255 Fundamentals of Information Systems Security Copyright © 2012 Jones & Bartlett Learning, LLC www.jblearning.com All Rights Reserved. Current Version Date: 12/06/2010 -1- IT255 Instructor Lab Manual LABORATORY ISS Curriculum Overview............................................................................................................................. 5 Ethics and Code of Conduct.......................................................................................................................... 6 ISS Mock IT Infrastructure ...........................................................................................................................…

    • 33056 Words
    • 133 Pages
    Satisfactory Essays
    Read More
  • Powerful Essays

    mdaniels IS3110 week5quiz
    • 1535 Words
    • 6 Pages

    mdaniels IS3110 week5quiz

    Three models you can use for a CIRT according to the NIST SP 800-61 are central incident response team, distributed incident response team, and coordinating team.…

    • 1535 Words
    • 6 Pages
    Powerful Essays
    Read More
  • Powerful Essays

    FINAL Project IS3230
    • 1645 Words
    • 6 Pages

    FINAL Project IS3230

    P. A. Loscocco, S. D. Smalley, P. A. Muckelbauer, R. C. Taylor, S. J. Turner, and J. F. Farrell. The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments. In Proceedings of the 21st National Information Systems Security Conference, pages 303–314, Oct. 1998.…

    • 1645 Words
    • 6 Pages
    Powerful Essays
    Read More
  • Powerful Essays

    Kudler Security Report
    • 8349 Words
    • 34 Pages

    Kudler Security Report

    References: Whitman, M., & Mattord, H. (2010). Management of Information Security (3rd ed.). Retrieved from https://ecampus.phoenix.edu/content/eBookLibrary2/content/eReader.aspx?…

    • 8349 Words
    • 34 Pages
    Powerful Essays
    Read More
  • Powerful Essays

    Hat1 Task 4
    • 1905 Words
    • 8 Pages

    Hat1 Task 4

    Introduction to the Incident Command System (ICS 100) for healthcare/hospitals. (2010). Retrieved May 5, 2013, from http://www.training.fema.gov…

    • 1905 Words
    • 8 Pages
    Powerful Essays
    Read More
  • Good Essays

    Week 5 Quiz
    • 531 Words
    • 3 Pages

    Week 5 Quiz

    The purpose of the CIRT plan is to help an organization prepare for computer incidents. Preparation helps the organization identify potential incidents. Security personnel can then identify the best responses to reduce the potential damage…

    • 531 Words
    • 3 Pages
    Good Essays
    Read More
  • Satisfactory Essays

    Risk Management in Information Technology Security
    • 789 Words
    • 4 Pages

    Risk Management in Information Technology Security

    appropriate to manage these risks. IT managers then present this information to the senior management.…

    • 789 Words
    • 4 Pages
    Satisfactory Essays
    Read More
  • Better Essays

    WEEK TWO CMGT 400 INDIVIDUAL ASSIGNMENT
    • 1432 Words
    • 5 Pages

    WEEK TWO CMGT 400 INDIVIDUAL ASSIGNMENT

    Whitman, M. E., & Mattord, H. J. (2010). Management of information security (3rd ed.). Boston, MA: Course Technology.…

    • 1432 Words
    • 5 Pages
    Better Essays
    Read More
  • Good Essays

    Ipremier Denial of Service Case
    • 815 Words
    • 4 Pages

    Ipremier Denial of Service Case

    Despite the sense of professionalism maintained by Turley and Ripley it was clear that the company has no procedures in place to deal with infrastructure risk at any level. Needless to say that if this or any similar attack occurred during high traffic time the consequences might be excessive to the infrastructure, business and the reputation of the company. It was clear in the case that Jack hired Bob to create and implement proper policies and procedures for the infrastructure risk management. To do this, iPremier has to assess all known threats to the infrastructure risk matrix and develop procedures to immediately identify the type and risk. These threats would need to be continually assessed as new ones emerge and identification would determine the proper procedures defending against them. Additionally, the incident team manager must have a flawless understanding of the infrastructure design in order to identify where the highest risk of consequences from the attack will be. The case clearly illustrates that an important component of any procedure, regardless of the threat, is a chain of command. Incident…

    • 815 Words
    • 4 Pages
    Good Essays
    Read More
  • Better Essays

    Using Roles Paper Week 3 Individual
    • 1167 Words
    • 4 Pages

    Using Roles Paper Week 3 Individual

    Stallings, W., & Brown, L. (2012) Computer security: Principles and practice (2nd ed.). Boston, MA: Pearson.…

    • 1167 Words
    • 4 Pages
    Better Essays
    Read More
  • Good Essays

    Incident Command System Essay
    • 605 Words
    • 3 Pages

    Incident Command System Essay

    Terrorism provides a unique challenge for emergency responders. Although they share many similar qualities as regular crimes, there may be an added danger. One such danger is the use of weapons of mass destruction. Responding to terrorism falls primarily into the realm of federal law enforcement; however, major incidents will often require the use of multiple agencies from multiple jurisdictions. A disorganized response force could spell doom for the victims. This is why the Incident Command System is so important in the prevention and mitigation of disaster effects.…

    • 605 Words
    • 3 Pages
    Good Essays
    Read More
  • Good Essays

    Computer Specialist Career
    • 525 Words
    • 3 Pages

    Computer Specialist Career

    A computer security career is a highly diverse and important position, where you could work anywhere from a College Campus to a Hospital Administration building, all the way up to the Government Agencies all over the world. With so many new businesses’ opening daily, worldwide, the job market will be forever expanding. Whenever a business’s computer system acts up it’s the job of their computer security specialist to carefully take all the required steps to identify and resolve the specific issue, combining many people into one, saving the company lots of money. These specialists have and exceptional and advanced overall knowledge of all things computer.…

    • 525 Words
    • 3 Pages
    Good Essays
    Read More
  • Better Essays

    Response Execution
    • 1829 Words
    • 8 Pages

    Response Execution

    Creating an emergency response plan is very important in any business. There are different plans for medical, fire, police, and school. The following plans are imperative in any environment. There are many things that will happen and Incident Command System (ICS) will help to provide the responders with an effective system that works. But before we go into the structures, an understanding of an incident command system needs to be addressed.…

    • 1829 Words
    • 8 Pages
    Better Essays
    Read More
  • Better Essays

    Cmgt400 Week 3
    • 1752 Words
    • 8 Pages

    Cmgt400 Week 3

    Whitman, M., & Mattord, H. (2010). Management of Information Security (third ed.). Pittsburgh, PA: Cengage Learning.…

    • 1752 Words
    • 8 Pages
    Better Essays
    Read More

Related Topics