CSIRT Skills, Incident Reporting, and Data Protection Strategies

Verified

Added on 2023/04/11

AI Summary

This assignment provides a comprehensive overview of Computer Security Incident Response Team (CSIRT) skills, incident reporting processes, and the challenges associated with cloud security and data protection. It highlights the essential skills for CSIRT members, emphasizing problem-solving, communication, and training abilities. The role of end-users in incident reporting is examined, focusing on how their feedback can improve security measures and protect against identity theft and fraud. The assignment also details the steps involved in building a CSIRT, from gaining management support to evaluating its effectiveness. Furthermore, it addresses the security issues, cost management challenges, and lack of expertise associated with cloud environments. Finally, it discusses the importance of protecting customer data, including managing large data volumes and implementing appropriate technologies, stressing the need for transparency and informed consent in data protection policies. Desklib offers a wealth of similar assignments and study resources to aid students in their academic pursuits.

Running head: QUESTION AND ANSWER
QUESTION AND ANSWER
Name of the Student
Name of the University
Authors Note

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

QUESTION AND ANSWER
Module 4
The purpose of CSIRT is to manage all kinds of security aspects of the organization.
Thus, the key skills, which will increase their employability status, are problem solving
ability with good communication strategy. They must be willing to solve the problem
instantly and must possess the ability to train the internal employees. Getting employee with
the ideal set of employment skills are not always feasible thus, it is necessary for the
employers to possess the ability of teaching and training the new comers (Huis, et al., 2017).).
Having a prior experience in this field is of crucial importance. This will enable them to
tackle any disastrous consequences and increase the periphery of knowledge and capabilities
of the team. The factors that influence these skills can be the organizational need, individual
need, team need and the instrumental needs. By organizational need, the financial health
along with the economic growth, customer growth and institutional competencies are
considered. The individual need covers the subjective and the objective dimension of social
reality. Emotional aspects like power, achievement and love and the material establishment
like the possession of material wealth is important for the individual. The instrumental needs
refers to the interventions or the products that are required for obtaining a level of satisfactory
functioning. Thus along with the individualistic skills it also necessary for them to indulge in
skills that will create trustable relationship. This relationship can be both formal and
informal. However, this kind of communication within and around the firm also influences
the skills of the CSIRT employees.
Module 5
End users lay an important part in the incident report. End-user typically refer to the
employees of the customer. For example if a large retail company buys computers from an
agency, the employees of the company are end-users. The feedback of the company are
important because it gives the employees a sense of empowerment because their views are

QUESTION AND ANSWER
taken into consideration. It also provides them with their right to voice their opinion thus their
issues of safety and security are also garnered. Effective report from the end-users will help
the company to fox the issues of identity, theft, fraud and black mailing. This kind of
feedback can direct the economic system of the company. They have the ability to influence
the managerial limbo thus it is very important for the end-users to response to any suspicious
occurrences. The factors that influence the potential of the end-user to report a case are
recognition, reporting and the resolution that is taken afterwards. The urgency or the ways in
which any case of data breach or cyber-crime is solved motivates the end-user to report to the
cases. However, it is also important to understand the importance of the way in which the
issue has been redressed. Information being available at every stage of enquiry so that the
particular client may feel safe and secured. This kind of initiative will help the end-user to
regain the trust of the company.
Module 6
CSIRT is the group that responds to the security incidents of a company. It important
to understand the benefits CSIRT can provide to a company (Mejía, et al., 2016). After the
analysis of the impact of CSIRT the financial model, organizational model, and nature of
staff needs to addressed. Organizing the CSIRT involves the proper assessment of the roles
and responsibilities of staff. The steps to build a CSIRT are as follows:
Step one: One should obtain support and buy-in from the management before forming a team.
Step two: It is important to list out the issues that will be addresses by the CSIRT team.
Step three: sufficient information must be gathered for all types of incident activities. This
helps to determine both the types of services that are required and the types of skills and
expertise CSIRT staff requires.

QUESTION AND ANSWER
Step four: In this step, it is important to design the vision of the CSIRT team. With the
information of the gathered in the above steps one needs to identify the key components of
the CSIRT this will allow the design the goal and the functions of the CSIRT team.
Step Five: Once the vision is created, a proper communication of the CSIRT vision and the
operational plan of the management needs to be done. Communication of the vision helps to
identify the process and the organizational problems of it before implementing them in the
floor.
Step six: in this step the CSIRT in implemented on the floor. This step also involve other sub-
steps like:
 hiring or firing of new or old employee,
 purchase of new equipment and construction of the infrastructure to support the team,
 the policies and the procedures of the CSIRT of the team is also formulated in this
step,
 the other specification that is needed in building the CSIRT is also formulated in this
step,
 the last sub-step refers to the development of the incident-reporting guidelines,
Step 7: refers to the announcement of the CSIRT plan to the parent organization and
constituency.
Step 8: in the step, the effectiveness of the CSIRT is evaluated.
Module 7
The challenges that are faced when resources to the cloud environment are as follows:
1. Security issues: The move to cloud computing involves serious issues of data breach.
Issues like compromised credentials, broken authentication, hacked interfaces and
APIs, account hijacking are increasing evident in the act of cloud computing. This

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

QUESTION AND ANSWER
kind of data breach causes the loss of good will of the company and hampers the
growth holistically.
2. The second issue is related to cost management and containment: Even though cloud
computing saves the money it makes the prediction of the cost and quantities difficult.
3. Lack of resources or expertise: Cloud technologies are advancing in faster rates and
thus it creates a need for demand of an expertise, which will be able to keep pace with
time.
4. Management and control of cloud computing: Certain regulations do not allow to gain
full control on cloud computing thus causes problem in data commuting.
5. Problem with multiple clouds: the problem of cloud computing do not always results
in the issue of single cloud. The state of multi-cloud has gained an paramount
importance in recent years.
Module 8
The issues that are faced in protecting customer’s data are:
 Excessive volumes of data: Business enterprises need to have the ability to
process volumes of data constant innovation in the platforms of storage facilities
makes it challenging the company to allocate the old data.
 Implementation of technology: It is very important to implement the right forms
of technology. Provisions should be made for building more customised
technology for understanding customer’s experience.
For an organization to notify the users about the ways in which there data is protected, the
following steps can be followed:
 Written documentation about policies where the risks and security needs of the
employees will be clearly stated.

QUESTION AND ANSWER
 There should be enough transparency where the risks of the business will be
explained diligently to the employees. In other words it refers to let people
know about the deterrent effect of being watched.
 Right use technological tools: in order to reduce office friction it is important
to implement the right method of tools.
The expected outcome may vary with different context of the situation. On one side, there
lies an ethical dilemma and on the other side the constraining effect of the legibility of these
methods (Ford, et al., 2015). These kind of measures may create issue of distrust where the
employees no longer wish to be attached to the company. Thus, informed consent plays a
significant role in the company atmosphere.

QUESTION AND ANSWER
References
Ford, J., Willey, L., White, B. J., & Domagalski, T. (2015). New Concerns in Electronic
Employee Monitoring: Have You Checked Your Policies Lately?. Journal of Legal,
Ethical & Regulatory Issues, 18(1).
Huis, M. A. A., van der Kleij, R., Kleinhuis, I. G., de Koning, L., Kort, J., Meiler, I. P., ... &
Young, H. J. (2017). Human Factors in Cyber Incident Response: Needs,
collaboration and The Reporter.
Mejía, J., Muñoz, M., Ramírez, H., & Peña, A. (2016). Proposal of content and security
controls for a CSIRT website. In New Advances in Information Systems and
Technologies(pp. 421-430). Springer, Cham.