DISCUSSION REPLY

profileakak64733
Discussion6_Replies.docx

Discussion 1

Due to increase in the number of cyber-attacks on the organization and business, there is a tremendous need for better incident response teams, few years’ back the dedicated incidents response team seemed luxurious for many organizations, but now it has become essential for every firm, their main focus is purely detecting the threats and analyzing them, Organizations consider various aspects while building an effective CSIRT, the CSIRT team is always a cross functional it consists of specialists they can deal with all types of security incidents which includes handling the breach, managing communications and assisting legal and creating the files for media enquiries.

            The main roles and responsibilities considered while creating a team is it must contain Executive sponsor fulfilled by CISO and a lead investigator who analyzes the security incident reports that may occur they work with the forensic investigators, an incident manager who coordinates the team by gathering the team and escalating the higher priority issues as needed, a legal rep handle the disclosing of the incidents and deals with the legal fallouts such as lawsuits and a communications person whose role is   field media enquiries and monitor the social media channels and communicate with the teams and employees (Moore, 2019).

            (Pfleeger, 2017) An effective and successful CSIRT team requires an effective performance measurement and evaluation on individual and team. They team should measure the quantity and quality, the quantity is derived from metrics and the quality comes from client reviews. The maximum performance and typical performance should be measured, both reactive and proactive performance should be measured, these measures should be appropriate because it depicts the strengths and weakness of the team. Creating a comprehensive balance sheet for performance measurement which helps the relationship of performance and categories.

 

Reference:

Pfleeger, S. L. (March 2017). Improving Cybersecurity incident response team (CSIRT) skills, Dynamics and Effectiveness. AIR FORCE RESEARCH LABORATORY INFORMATION DIRECTORATE.

Moore, S. (2019, January 25). Building an effective computer security incident response team. Retrieved from https://www.continuitycentral.com/index.php/news/technology/3670-building-an-effective-computer-security-incident-response-team

Discussion 2

Ways to organizations have built a CSIRT

CSIRT is nothing but the groups or an individual person who is the one paid for detection and identifies/reports incidents related to a security that happened in the company. In organizations, security will play an important role in taking the implementation use of CSIRT and threats in the structured organization (Morgus, 2015). The CSIRT teams have main objectives about the incidents to mitigate by effective provided guidelines that are helpful in future and also get the best performance at the organizations. The effective constructions of a team have techniques knowledge and also technology will be giving the best-eliminated outcomes with a vulnerability. The secured teams will build the teams that have the capability of giving threats to educate and also team members should determine the values of responsibilities and roles. The recruitment has taken executive sponsors were efficient in taking the securities responsibilities and also makes budgets proper attention towards the crisis times (Morgus, 2015).

The CSIRT is determined with an effective issue administrated and also considerations have taken the issues of project management. These were managed with the ability of CSIRT teams. The teams were collective to form data with many sources that have provided the services as per the needs of an organization (Angafor, 2020). These components were presented in CSIRT to identify the data gathering requirements. The evaluations have determined the team quality operations to perform at the organization. So, these were used in teams of CSIRT at an organization (Angafor, 2020).

References

Morgus, R., Skierka, I., Hohmann, M., & Maurer, T. (2015). National CSIRTs and their role in computer security incident response. New America.

Angafor, G. N., Yevseyeva, I., & He, Y. (2020). Game‐based learning: A review of tabletop exercises for cybersecurity incident response training. Security and Privacy3(6), e126.