Business Continuity and Disaster Recovery: The CSIRT Response Team

Verified

Added on 2020/04/21

AI Summary

This report delves into the crucial role of a Computer Security Incident Response Team (CSIRT) in business continuity and disaster recovery. It emphasizes the feasibility of utilizing a CSIRT response team composed of individuals with diverse job duties, highlighting the necessity for specific skill sets and technical expertise. The report outlines the CSIRT's responsibilities, including incident tracking, analysis, efficient communication, problem-solving, and adaptability. It explores the team's involvement in improving computer security, responding to security breaches, assessing incidents, identifying potential threats, and recommending solutions. The report concludes that a CSIRT response team, with its specialized knowledge, is essential for minimizing damage, preventing incidents, and providing valuable business intelligence by collecting information on threats to the organization.

Running head: BUSINESS CONTINUITY AND DISASTER RECOVERY
Business Continuity and Disaster Recovery
Name of the Student:
Name of the University:
Author Note:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

2BUSINESS CONTINUITY AND DISASTER RECOVERY
Table of Contents
Introduction......................................................................................................................................2
Need for CSIRT response team.......................................................................................................2
Conclusion.......................................................................................................................................3
Reference List..................................................................................................................................4

3BUSINESS CONTINUITY AND DISASTER RECOVERY
Introduction
This study deals with understanding the need for CSIRT response team that consist of
employees with other job duties that does not mean full-time CSIRT job category. It is actually
feasible to have CSIRT response team consisting of employees with other job duties as it needs
people with a certain set of skills as well as technical expertise (Valladares et al., 2017). Most of
the CSIRT team maintains some type of incident tracking databases or that type of system where
they can record information on matters relating to reported incidents as well as any responses
actions that is needed for mitigating or resolving the incidents in the most appropriate way.
Need for CSIRT response team
There is a need to have CSIRT response team because the team properly responds to
incidents, perform analysis tasks as well as communicate efficiently with constituency and other
external contacts as well (Mohd et al., 2016). They have the capacity to solve problems and
easily adaptable to any changes and conduct daily activities easily. They even believe in
nurturing as well as training internal staff members and explain in advance about how to handle
incidents and come with a solution in an effective way. CSIRT team gets involved together to
improve in the activities relating to computer security threats or any incidents that cannot be
handled without assistance or support in an effective way
Computer Security Incident Response Team constantly receives reports of most of the
security breaches and then they conduct analysis as well as respond to the sender accordingly
(Mejía et al., 2016). It is the responsibility of the CSIRT team to handle operations that takes into
account assessing the impact, extent as well as nature of the occurrence or incident. They need to

4BUSINESS CONTINUITY AND DISASTER RECOVERY
understand the procedural reason of any of the event or occurrence caused. The team needs to
identify potential threats that results from given event or incident. The team together is
responsible to research as well as recommend solutions. CSIRT team has specialized knowledge
and aims at recommending best practices for protecting systems, incident prevention and critical
data assets (Horne, 2014). CSIRT is one of the service business enterprise that is responsible for
receiving as well as responding and reviewing on matters relating to computer security incident
reports and related activities at the same time. These team members play the role of platform
specialists, vulnerability handlers, incident handlers, trainer, assistant managers as well as
manager and team leaders.
Conclusion
At the end of the study, it is concluded that it is feasible to have CSIRT response team
that consist of employees with other job duties with the necessary skills and aptitude. The main
goal of this response team is to minimize as well as control the damage that results from
incidents as well as provide response and prevent further incidents from happening. This team
actually aims at providing true business intelligence to its parent organization by collecting
information on various threats that impact or potentially threat the business organization from
any form.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

5BUSINESS CONTINUITY AND DISASTER RECOVERY
Reference List
Horne, B. (2014). On computer security incident response teams. IEEE Security &
Privacy, 12(5), 13-15. (Accessed from:
http://ieeexplore.ieee.org/abstract/document/6924687/)
Mejía, J., Muñoz, M., Ramírez, H., & Peña, A. (2016). Proposal of Content and Security
Controls for a CSIRT Website. In New Advances in Information Systems and
Technologies (pp. 421-430). Springer, Cham. (Accessed from:
https://link.springer.com/chapter/10.1007/978-3-319-31232-3_40)
Mohd, N., Yunos, Z., Ariffin, A., Nor, A., & Malaysia, C. (2016). CSIRT Management
Workflow: Practical Guide for Critical Infrastructure Organizations. In 10th European
Conference on Information Systems Management: ECISM 2016 (p. 138). Academic
Conferences and publishing limited. (Accessed from: https://books.google.co.in/books?
hl=en&lr=&id=x5AcDQAAQBAJ&oi=fnd&pg=PA138&dq=Mohd,+N.,+Yunos,+Z.,
+Ariffin,+A.,+Nor,+A.,+%26+Malaysia,+C.+(2016).+CSIRT+Management+Workflow:
+Practical+Guide+for+Critical+Infrastructure+Organizations.
+In+10th+European+Conference+on+Information+Systems+Management:
+ECISM+2016+(p.+138).
+Academic+Conferences&ots=T_VjtdsGSB&sig=GMjxnmZjS4OXH0CpE6Vu38VzmG
w)
Valladares, P., Fuertes, W., Tapia, F., Toulkeridis, T., & Pérez, E. (2017, July). Dimensional data
model for early alerts of malicious activities in a CSIRT. In Performance Evaluation of

6BUSINESS CONTINUITY AND DISASTER RECOVERY
Computer and Telecommunication Systems (SPECTS), 2017 International Symposium
on (pp. 1-8). IEEE. (Accessed from:
http://ieeexplore.ieee.org/abstract/document/8046771/)