PricingBlogAbout Us

CSIRT: Business Continuity Plan and Disaster Recovery Plan Report

Verified

Added on  2020/04/21

|5
|800
|65
Report
AI Summary
This report focuses on the Computer Security Incident Response Team (CSIRT) and its crucial role in organizational security. It examines the importance of CSIRT in addressing security incidents, including network attacks, insider threats, and information breaches. The report emphasizes the need for robust business continuity and disaster recovery plans to mitigate the impact of security events. It discusses the structure of CSIRT teams, comparing shared versus standalone responsibilities, and highlights the advantages of dedicated teams. The document underscores the significance of timely detection and prevention in controlling damage from security attacks and stresses the importance of management and administrative support. It concludes by emphasizing that the choice between shared and standalone CSIRT teams should depend on organizational factors like information categories, management support, and employee skills. The report references several academic sources that support the findings.
Document Page
Business continuity plan and disaster recovery plan
Computer Security Incident Recording Team (CSIRT)
NOVEMBER 3, 2017
tabler-icon-diamond-filled.svg

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Computer Security Incident Response Team (CSIRT)
Table of Contents
Computer Security Incident Response Team (CSIRT)..........................................................................2
References.............................................................................................................................................4
1
Document Page
Computer Security Incident Response Team (CSIRT)
Computer Security Incident Response Team (CSIRT)
Computer Security Incident Response Team (CSIRT) is the team that is set up in the
organizations for dealing with the recording, responding and handling of the security events
and incidents.
Security has become a primary area of concern for the organizations due to the increase in the
occurrence of security risks and attacks. There are a number of different security attacks that
take place in the organizations in the form of network security attacks, insider threats and
attacks, information and database security attacks and many more (Tondel, Line & Jaatun,
2014). The organizations need to be capable of dealing with such occurrences for ensuring
business continuity.
In order to achieve the same, there are CSIRT teams that are deployed in the business units
and organizations. These teams can comprise of the employees with partial or complete
dependencies. For instance, there may be members in the CSIRT teams that may have
multiple job duties and commitments with incident management as one of the duties. While,
there may also be employees that may have a complete accountability and responsibility for
the management of the incidents (Ahmad, Maynard & Shanks, 2015).
In case of shared responsibilities, there are often drawbacks and loopholes that are witnessed.
It is because of the reason that there are simultaneous operations that are carried out in the
business organizations. An employee that has too many shared duties and responsibilities
often fails to fulfill any of them with complete dedication. In case of the security events and
their management, it is necessary to have a complete dedication as the attacker may choose to
attack the system or information sets at any hour of the day. The timely detection and
prevention is the mechanism that proves to be of a great aid in controlling the damage. There
are also management conflicts that get involved in the case of shared responsibilities (Ahmad,
Hadgkiss & Ruighaver, 2012). The managers of different teams prefer to get their work done
on the priority basis that results in professional disputes. There are also uncertainties that are
involved in the area of security and associated incidents. These uncertainties can lead to
massive impacts if not handled in a timely manner. The shared roles and duties are feasible in
case of low priority risks and information sets that can be made publically available. For the
critical areas, this form of CSIRT teams shall not be preferred and deployed by the
organizations.
2
Document Page
Computer Security Incident Response Team (CSIRT)
The CSIRT teams that do not have any shared roles and responsibilities often succeed in
providing better results. It is because of the reason that these teams are available at a non-stop
basis and are not required to deal with other professional commitments or multiple focus
points. There is also a complete support provided by the administration and management in
such cases (Baskerville, Spagnoletti & Kim, 2014).
The decision to deploy the shared or standalone CSIRT teams shall be based upon the
information categories that are associated with the organization, management and
administrative support along with the employee skills and abilities. This will ensure that the
security incidents are handled adequately and the damage resulting out of the same is also
controlled.
3
tabler-icon-diamond-filled.svg

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Computer Security Incident Response Team (CSIRT)
References
Ahmad, A., Hadgkiss, J., & Ruighaver, A. (2012). Incident response teams – Challenges in
supporting the organisational security function. Computers & Security, 31(5), 643-652.
http://dx.doi.org/10.1016/j.cose.2012.04.001
Ahmad, A., Maynard, S., & Shanks, G. (2015). A case analysis of information systems and
security incident responses. International Journal Of Information Management, 35(6),
717-723. http://dx.doi.org/10.1016/j.ijinfomgt.2015.08.001
Baskerville, R., Spagnoletti, P., & Kim, J. (2014). Incident-centered information security:
Managing a strategic balance between prevention and response. Information &
Management, 51(1), 138-151. http://dx.doi.org/10.1016/j.im.2013.11.004
Tondel, I., Line, M., & Jaatun, M. (2014). Information security incident management:
Current practice as reported in the literature. Computers & Security, 45, 42-57.
http://dx.doi.org/10.1016/j.cose.2014.05.003
4
chevron_up_icon
1 out of 5
circle_padding
hide_on_mobile
zoom_out_icon
logo.png

Your All-in-One AI-Powered Toolkit for Academic Success.

  +13062052269
info@desklib.com

Available 24*7 on WhatsApp / Email

[object Object]
Unlock your academic potential

© 2024   |   Zucol Services PVT LTD   |   All rights reserved.