University Name: Business Continuity Plan and CSIRT Analysis Report

Verified

Added on 2020/04/21

AI Summary

This report delves into the critical aspects of building and managing a Computer Security Incident Response Team (CSIRT) within the framework of a Business Continuity Plan and Disaster Recovery Plan. It initiates with an introduction to CSIRT, elucidating its role in receiving and responding to security breaches. The discussion section provides a comprehensive analysis of the CSIRT, including its responsibilities, the different models used in building CSIRTs (central, distributed, and coordinating teams), and the essential steps involved in the development process, such as obtaining management support, strategic planning, and evaluating effectiveness. The report also explores the significance of effective teamwork, highlighting essential components like positive corporate culture, recognition, feedback, and opportunities for growth. Furthermore, it outlines key steps in team building. The conclusion emphasizes the importance of independent departments and effective incident handling, reinforcing the value of diligently managing CSIRT plans. The report references several key publications to support its analysis.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: BUSINESS CONTINUITY PLAN AND DISASTER RECOVERY PLAN
Business Continuity Plan and Disaster Recovery Plan
Name of the Student:
Name of the University:
Author Note:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1BUSINESS CONTINUITY PLAN AND DISASTER RECOVERY PLAN
Contents
Introduction......................................................................................................................................2
Discussion........................................................................................................................................2
Conclusion.......................................................................................................................................4
References........................................................................................................................................6

2BUSINESS CONTINUITY PLAN AND DISASTER RECOVERY PLAN
Introduction
CSIRT is an organization which receives reports of various kinds of security breaches and carry
out further analysis of the responds and reports to the senders. These may comprise an adhoc
assembly or an established group. This paper will carry out a detailed analysis of building a
CSIRT. It will also discuss the various components of effective team in an organization. The
CSIRT website will provide the security professionals to discuss, report and disseminate the
computer security related information to other people in the world (Wara & Singh, 2015).
Discussion
A CSIRT is responsible for reviewing, receiving and responding to different types of computer
security activities and reports. A CSIRT can be an ad-hoc team or a formalized team. There are
certain organizations which prefer the employees to contact the help desk. This help desk
determines whether to contact the CSIRT team or not. The CSIRT members depending on the
incident try to handle the situation. They analyze the incident data and then determine the
impact of the incident (Bada et al., 2014). There may be only few members who provide CSIRT
services and the success depends on the co-operation and participation of the individuals in the
organization. There are certain models which are used to build CSIRTs such as central CSIRT,
distributed CSIRT, co-coordinating team. The single CSIRT team handles the situation in the
organization. Moreover, this is considered useful for small organizations which have little
geographic variety in computing resources (Skierka et al., 2015). The steps necessary in building
a CSIRT are described below:
a. It is vital to obtain the management support and buy-in.

3BUSINESS CONTINUITY PLAN AND DISASTER RECOVERY PLAN
b. The next step is to determine the CSIRT development strategic plan.
c. It is also important to gather relevant information to determine the incident response team.
d. As the information gathered will help to fulfill the expectation of the management, it is
important to design the CSIRT vision and communicate the CSIRT vision.
e. The management must then try to begin the CSIRT formulation and announce operation plan
of CSIRT.
f. Once the CSIRT has been in operation, it is necessary to evaluate the effectiveness of CSIRT.
A CSIRT which is followed by the co-coordinating team will provide advice and
guidance to other teams without any authority over other teams. CSIRTs are developed for
staffing the employee’s model and partially outsourced model. The organizations try to provide
administrative and technical support to the employees. Sometimes, they also outsource certain
portions of the work to other organizations. There are certain organizations which try to perform
the in-house work and contact the contractors so that they might assist them in handling various
incidents. In some cases, there are some organizations which outsource the work completely to
the on-site contractors. The main job of CSIRT is to assess the damage and regain the control of
networks. It can also be seen that there are some organizations which require on-site CSIRT
because they do not have qualified and available employees. In selecting the team, there are
appropriate structures and staffing models for CSIRT and the organization needs to consider
certain factors. The organizations with limited funding or certain other needs require part time
team members. In case of emergency, these teams are contacted rapidly so as to get proper
assistance (Steinke et al., 2015).

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4BUSINESS CONTINUITY PLAN AND DISASTER RECOVERY PLAN
Effective teamwork is important for the success of any business organization. The four
essential components of a successful team are positive corporate culture, recognition, providing
feedback and providing new opportunities. The culture of the organization must be open,
positive and stimulating. It is also important to give recognition to the success of the employees.
The team members must also be given feedback so as to avoid confusion and disappointment.
The management must help the team members for the long term career plans based on the
organizational needs. There are five important steps in team building.
a. It is necessary to understand the purpose of forming the team because all teams are not
created with the same purpose.
b. It is vital to examine the characteristics and components of the team because different
teams may have different components.
c. Thirdly, it is necessary to assess the degree of interaction which is required in the team.
Sometimes the team may have low, medium and high interdependence.
d. It is vital to review what the organization is doing so as to support team work. It is
important to assess the organization’s commitment in developing the team.
e. In the final stage, it is necessary to examine the roles and responsibilities of the leader
in supporting team work. It is necessary to build technical capabilities and open the various lines
of communication within the team (Morin & Kira, 2016).
Conclusion
Thus, it can be said that the organizations must have independent departments and the incident
handling department must function more effectively. It must also be checked that these

5BUSINESS CONTINUITY PLAN AND DISASTER RECOVERY PLAN
departments has their individual CSIRT. Throughout the revision or the development of the
CSIRT document, the existing CSIRT plans that are derived must act as guiding document for
the organization. Therefore, it will be beneficial for the organization if they choose to manage a
single document diligently.

6BUSINESS CONTINUITY PLAN AND DISASTER RECOVERY PLAN
References
Bada, M., Creese, S., Goldsmith, M., Mitchell, C., & Phillips, E. (2014). Computer Security
Incident Response Teams (CSIRTs) An Overview. Global Cyber Security
Capacity Centre, 1-23.
Morin, D., & Kira, D. (2016). THE THREE C’S OF TEAM-BUILDING–COMMUNICATION,
COOPERATION, COORDINATION. The Online Journal of New Horizons in
Education-July, 6(3).
Skierka, I., Morgus, R., Hohmann, M., & Maurer, T. (2015). CSIRT Basics for Policy-Makers.
Steinke, J., Bolunmez, B., Fletcher, L., Wang, V., Tomassetti, A. J., Repchick, K. M., ... &
Tetrick, L. E. (2015). Improving Cybersecurity Incident Response Team
Effectiveness Using Teams-Based Research. IEEE Security & Privacy, 13(4), 20-
29.
Wara, Y. M., & Singh, D. (2015). A Guide to Establishing Computer Security Incident Response
Team (CSIRT) For National Research and Education Network (NREN). African
Journal of Computing & ICT, 8(2), 1-8.