DISCUSSION REPLY

Discussion 1

Most organizations nowadays are considering a computer security incident response team CSIRT as an essential part. CSIRT helps them to deal with the rising number and increasing complexity of cyber threats. CSIRT defends the networks, servers, along with all types of IT infrastructure through its cross-functional team that works together to take action against security confrontations. There are various technical requirements for the companies to form a good CSIRT. Some of them are: Building a friendly team: Educating the entire company on how the team works is the first requirement.  Teaching each team member about the value of their roles and responsibility can help to build a strong team.

Hiring an effective Executive:  A good executive in a team is required to lead the team properly. That person can look over the team and make sure the team receives all the required resources to provide the best result. Designate the Roles and Responsibilities: Each person in the team should have different and specific roles. The team should have one incident manager who can hold the team members together to work on specific incidents. In the same way, the team requires a lead investigator to take charge of inspecting the security incidents (Moore, 2020). Similarly, the team must need communication and a legal expert as well. Protect team members from diversion: It is necessary to avoid unnecessary distractions for the team members so that they can focus on things that matter. one should make sure that a team member is available anytime geographically if required. The incident that has happened is the main factor that will influence their decision. The team should prepare itself accordingly.

References

IntelliGO Networks. (n.d.). Preparing For A Security Incident: Six Decisions You Must Make. Intelligo. Retrieved February 5, 2021, from https://mdr.intelligonetworks.com/blog/preparing-for-a-security-incident-six-decisions-you-must-make

Moore, S. (2020, August 28). 10 Best Practices for Creating an Effective Computer Security Incident Response Team (CSIRT). Exabeam. https://www.exabeam.com/incident-response/incident-response-team/

Discussion 2

Computer security breaches and issues happen all the time in organizations. For these reasons, there is a need to respond to the problems as fast as possible when they arise. An organization with a response team will analyze and respond to the issues before the damages get worse. Computer Security Incident Response Team (CSIRT) ensures the review, response, and way forward regarding the computer security activity.

The technical skills needed for CSIRT dictate that they should handle the issues that come their way. As such, they should possess top-notch analysis and technical skills. The members are expected to provide timely responses and have seamless communication with other colleagues (Jones & Faas, 2016). For the most part, the required skills are categorized into two parts, technical and personal. The latter entails how a given member communicates with the superiors, response teams, and colleagues. It calls for them to have good skills of communication.

Necessary technical skills are required of CSIRT since it is vital to know the challenges and report them to the relevant teams. They ought to understand how software and system functions, their working principles, risks, and the way forward in the system's restoration. The CSIRT response team should consist of employees with duties such as analysis team members and security providers to identify the structure (Rittinghouse & Ransome, 2004). They know what to do and can explain when required. Some of the factors that should influence the decision include a proper incident presentation and counterattack, management support, resources, staff availability, and team performance.

 

References

Jones, E., & Faas, A. (2016). Social Network Analysis of Disaster Response, Recovery, and Adaptation. Elsevier Science.

Rittinghouse, P., & Ransome, P. (2004). Wireless Operational Security. Elsevier.