Developing a Cyber Security Incident Response Team for iFinance
VerifiedAdded on 2023/01/23
|14
|3076
|37
Report
AI Summary
This report proposes the development and implementation of a Cyber Security Incident Response Team (CSIRT) for iFinance Bank, a large financial institution. It begins by highlighting the increasing cyber security threats faced by financial organizations and the need for a centralized response team. The report provides a detailed background of iFinance Bank, its services, and the growing risks associated with digital banking. It outlines the mission and vision of the proposed CSIRT, key stakeholders, scope of services, and staffing recommendations. The report also covers essential policies, reporting structures, organizational models, and funding requests. A communication strategy and a proposed timeline for implementation are also included, along with research on Return on Investment (ROI) and examples of cyber security incidents in other organizations. Finally, the report details the total cost of a cyber security incident, including direct and indirect costs, and discusses the impact on the company's reputation and brand image. The conclusion emphasizes the importance of a CSIRT for effective security incident management.
Running head: CYBER SECURITY INCIDENT RESPONSE TEAM
Cyber Security Incident Response Team
Name of the student:
Name of the university:
Author note:
Cyber Security Incident Response Team
Name of the student:
Name of the university:
Author note:
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1CYBER SECURITY INCIDENT RESPONSE TEAM
Table of Contents
Introduction................................................................................................................................3
Background of the organisation.............................................................................................3
CSIRT....................................................................................................................................4
Importance of CSIRT in the organisation..............................................................................4
Proposed CSIRT.........................................................................................................................5
Mission and vision statement for the CSIRT.........................................................................5
Key stakeholders....................................................................................................................5
Scope and levels of service....................................................................................................5
Staffing recommendation.......................................................................................................5
Identifying and procuring personnel......................................................................................6
Infrastructure required for the proposed CSIRT....................................................................6
Top 5 key CSIRT policies for the organisation.....................................................................6
CSIRT reporting structure......................................................................................................7
CSIRT Organizational model.................................................................................................7
Funding request for the proposed CSIRT..............................................................................7
Communication strategy........................................................................................................7
Proposed timeline to implement the CSIRT..........................................................................8
Return on Investment (ROI) research........................................................................................8
Examples of cyber security incidents in other organisations.................................................8
Total cost of an incident.........................................................................................................9
Direct cost of manpower........................................................................................................9
Table of Contents
Introduction................................................................................................................................3
Background of the organisation.............................................................................................3
CSIRT....................................................................................................................................4
Importance of CSIRT in the organisation..............................................................................4
Proposed CSIRT.........................................................................................................................5
Mission and vision statement for the CSIRT.........................................................................5
Key stakeholders....................................................................................................................5
Scope and levels of service....................................................................................................5
Staffing recommendation.......................................................................................................5
Identifying and procuring personnel......................................................................................6
Infrastructure required for the proposed CSIRT....................................................................6
Top 5 key CSIRT policies for the organisation.....................................................................6
CSIRT reporting structure......................................................................................................7
CSIRT Organizational model.................................................................................................7
Funding request for the proposed CSIRT..............................................................................7
Communication strategy........................................................................................................7
Proposed timeline to implement the CSIRT..........................................................................8
Return on Investment (ROI) research........................................................................................8
Examples of cyber security incidents in other organisations.................................................8
Total cost of an incident.........................................................................................................9
Direct cost of manpower........................................................................................................9
2CYBER SECURITY INCIDENT RESPONSE TEAM
Direct costs of Equipment......................................................................................................9
Indirect costs..........................................................................................................................9
Potential costs of lost business...............................................................................................9
Company’s reputation and Brand image................................................................................9
Conclusion..................................................................................................................................9
References:...............................................................................................................................11
Direct costs of Equipment......................................................................................................9
Indirect costs..........................................................................................................................9
Potential costs of lost business...............................................................................................9
Company’s reputation and Brand image................................................................................9
Conclusion..................................................................................................................................9
References:...............................................................................................................................11
You're viewing a preview
Unlock full access by subscribing today!
3CYBER SECURITY INCIDENT RESPONSE TEAM
Introduction
Cyber security incidents can occur at any time in any field. With the advancement of
digital technology in every sector of life, cyber security events have become notable events
causing damages of systems around the world in different sectors especially in the financial
sectors. This report is prepared so as to reflect the importance of developing a cyber security
response team for responding quickly and efficiently to the major losses and interruptions in
services of the organisation of iFinance. Accordingly the detailed report is presented based on
the proposed CSIRT for the organisation.
Background of the organisation
iFinance bank is one of the largest banks with a global network. It provides a range of
financial services serving the traditional banking of consumers, corporate investment banking
and other insurance services. The organisation was formed while acquiring regional banks
from the West and Midwest. The organisation of iFinance operates about 2225 banking
offices in 25 states, operating over 4000 ATMs. Besides these services, the organisation also
provides online banking and mobile banking services to business and personal customers
(Drigă & Isac, 2014).
According to Khezri & Tavallaei, (2014), with the growing number of financial
transactions, digitization in banking process has led to the emergence of cybercrimes. The
main reason that was established in this respect is the lack of having a centralized body or a
CSIRT. As the organization of iFinance is expanding its network with other banking sectors,
the security policies that are used are different for different sectors. It is thus needed that a
proper standard security incident response team should be implemented defining a consistent
policy for securing information all across its business units.
Introduction
Cyber security incidents can occur at any time in any field. With the advancement of
digital technology in every sector of life, cyber security events have become notable events
causing damages of systems around the world in different sectors especially in the financial
sectors. This report is prepared so as to reflect the importance of developing a cyber security
response team for responding quickly and efficiently to the major losses and interruptions in
services of the organisation of iFinance. Accordingly the detailed report is presented based on
the proposed CSIRT for the organisation.
Background of the organisation
iFinance bank is one of the largest banks with a global network. It provides a range of
financial services serving the traditional banking of consumers, corporate investment banking
and other insurance services. The organisation was formed while acquiring regional banks
from the West and Midwest. The organisation of iFinance operates about 2225 banking
offices in 25 states, operating over 4000 ATMs. Besides these services, the organisation also
provides online banking and mobile banking services to business and personal customers
(Drigă & Isac, 2014).
According to Khezri & Tavallaei, (2014), with the growing number of financial
transactions, digitization in banking process has led to the emergence of cybercrimes. The
main reason that was established in this respect is the lack of having a centralized body or a
CSIRT. As the organization of iFinance is expanding its network with other banking sectors,
the security policies that are used are different for different sectors. It is thus needed that a
proper standard security incident response team should be implemented defining a consistent
policy for securing information all across its business units.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4CYBER SECURITY INCIDENT RESPONSE TEAM
As a matter of fact, a wide range of software and computer vulnerabilities are causing
increased cyber-attacks (Grobler & Bryk, 2015). Financial sectors are at the verge of
maximum risks in this respect. Various attacks like DDoS attacks, web-based application
attacks, third party vendor attacks are common type of attacks that are faced in banking
organisations (Hagen & Lysne, 2016). As the bank operates to about thousand of ATM
devices and also facilitates online banking hence the risk of getting victimized with this
attack is also more. Hence to respond top this type of incidents a proper CSIRT is needed so
that the risks can be conveyed to the higher authorities to the necessary actions against them
(Aguilà Vilà, 2016).
As per Bada et al., (2014), various financial organisations have already adopted their
respective CSIRT with their individual mission and vision statements. Thus, for the
organisation of iFinance it is necessary that it should adopt measures to implement
infrastructures to protect its resources and also to maintain its business reputations.
According to Bradshaw (2015), as security incidents are taking place within the
organisation of iFinance they still remain unhandled consistently across the organisation of
iFinance (Ruefle & Murray, 2014). Hence it is required to implement a consistent Cyber
Security Incident Response System within the organisation.
CSIRT
A Computer Security Incident Response Team is a collection of teams that helps in
providing a well-defined services, constituency and support from the organization’s end
while preventing and responding to the computer security incidents that are likely to take
place within the organisation.
Importance of CSIRT in the organisation
As a matter of fact, a wide range of software and computer vulnerabilities are causing
increased cyber-attacks (Grobler & Bryk, 2015). Financial sectors are at the verge of
maximum risks in this respect. Various attacks like DDoS attacks, web-based application
attacks, third party vendor attacks are common type of attacks that are faced in banking
organisations (Hagen & Lysne, 2016). As the bank operates to about thousand of ATM
devices and also facilitates online banking hence the risk of getting victimized with this
attack is also more. Hence to respond top this type of incidents a proper CSIRT is needed so
that the risks can be conveyed to the higher authorities to the necessary actions against them
(Aguilà Vilà, 2016).
As per Bada et al., (2014), various financial organisations have already adopted their
respective CSIRT with their individual mission and vision statements. Thus, for the
organisation of iFinance it is necessary that it should adopt measures to implement
infrastructures to protect its resources and also to maintain its business reputations.
According to Bradshaw (2015), as security incidents are taking place within the
organisation of iFinance they still remain unhandled consistently across the organisation of
iFinance (Ruefle & Murray, 2014). Hence it is required to implement a consistent Cyber
Security Incident Response System within the organisation.
CSIRT
A Computer Security Incident Response Team is a collection of teams that helps in
providing a well-defined services, constituency and support from the organization’s end
while preventing and responding to the computer security incidents that are likely to take
place within the organisation.
Importance of CSIRT in the organisation
5CYBER SECURITY INCIDENT RESPONSE TEAM
As the entire organisation of iFinance is gradually expanding their business, various
security incidents are also taking place within it which remains unhandled (Hellwig et al.,
2016). So, a consistent Cyber Security Incident Response Team is thus needed to be
implemented in order to mitigate the identified security issues.
Proposed CSIRT
Mission and vision statement for the CSIRT
In a mission to provide assistance and information to the Information Security
managers and staffs for implementing effective measures in terms of reducing risks of
computer security incidents as well as helping in to respond the incidents whenever they
occur.
Key stakeholders
The Stake holders to whom the proposed CSIRT will serve includes Information
Security managers with proper management backing, Public Relations, Risk groups, audit
and other information security.
Scope and levels of service
The scope of the proposed CSIRT focuses on building a repeatable process that will
be based on the existing practices of the organisation of iFinance in order to effectively
handle the response to the security incidents (Wiik, Gonzalez & Kossakowski, 2016).
The services that would be provided by the proposed CSIRT include support to
prevent and to respond to the incidents of the computer security within the organisation of
iFinance. It would also be responsible for mitigating the risks that is faced and to improve the
brands image of iFinance organisation (Bhasin, 2017).
As the entire organisation of iFinance is gradually expanding their business, various
security incidents are also taking place within it which remains unhandled (Hellwig et al.,
2016). So, a consistent Cyber Security Incident Response Team is thus needed to be
implemented in order to mitigate the identified security issues.
Proposed CSIRT
Mission and vision statement for the CSIRT
In a mission to provide assistance and information to the Information Security
managers and staffs for implementing effective measures in terms of reducing risks of
computer security incidents as well as helping in to respond the incidents whenever they
occur.
Key stakeholders
The Stake holders to whom the proposed CSIRT will serve includes Information
Security managers with proper management backing, Public Relations, Risk groups, audit
and other information security.
Scope and levels of service
The scope of the proposed CSIRT focuses on building a repeatable process that will
be based on the existing practices of the organisation of iFinance in order to effectively
handle the response to the security incidents (Wiik, Gonzalez & Kossakowski, 2016).
The services that would be provided by the proposed CSIRT include support to
prevent and to respond to the incidents of the computer security within the organisation of
iFinance. It would also be responsible for mitigating the risks that is faced and to improve the
brands image of iFinance organisation (Bhasin, 2017).
You're viewing a preview
Unlock full access by subscribing today!
6CYBER SECURITY INCIDENT RESPONSE TEAM
Staffing recommendation
Within the proposed CSIRT, it is recommended that the staffing structure of the
CSIRT should consist of a CSIRT manager who will be working full time, core team
members, an extended team of several subject matter experts and internationally affiliated
representatives forming a distributed team (Penedo, 2016). The managers and the core team
members wil be responsible for the daily operations and will cooperate with the CSIRT in all
business functions within the organisation of iFinance Bank.
Identifying and procuring personnel
The security managers under the staffing structure needs to sign agreements with the
technology department of the organisation and utilize them for the purpose for assigning
suitable subject matter expert in case of any security incident (West-Brown et al., 2013).
Infrastructure required for the proposed CSIRT
In order to implement the proposed CSIRT within the organisation of iFinance, it is
recommended that the organisation publish and distribute its plan for security architecture for
providing an infrastructure for security on its internal website (Mooi & Botha, 2015).
Top 5 key CSIRT policies for the organisation
To create an effective Incident Response Team, it is necessary that the organisation
should adopt the use of certain CSIRT policies (Skierka et al., 2015). The top 5 CSIRT
policies that the organisation of iFinance should keep in mind includes the following:
1. Defining key roles and recruiting from across the organisation
2. Building a friendly team
3. Making incident response a shared responsibility (Servidio & Taylor, 2015)
Staffing recommendation
Within the proposed CSIRT, it is recommended that the staffing structure of the
CSIRT should consist of a CSIRT manager who will be working full time, core team
members, an extended team of several subject matter experts and internationally affiliated
representatives forming a distributed team (Penedo, 2016). The managers and the core team
members wil be responsible for the daily operations and will cooperate with the CSIRT in all
business functions within the organisation of iFinance Bank.
Identifying and procuring personnel
The security managers under the staffing structure needs to sign agreements with the
technology department of the organisation and utilize them for the purpose for assigning
suitable subject matter expert in case of any security incident (West-Brown et al., 2013).
Infrastructure required for the proposed CSIRT
In order to implement the proposed CSIRT within the organisation of iFinance, it is
recommended that the organisation publish and distribute its plan for security architecture for
providing an infrastructure for security on its internal website (Mooi & Botha, 2015).
Top 5 key CSIRT policies for the organisation
To create an effective Incident Response Team, it is necessary that the organisation
should adopt the use of certain CSIRT policies (Skierka et al., 2015). The top 5 CSIRT
policies that the organisation of iFinance should keep in mind includes the following:
1. Defining key roles and recruiting from across the organisation
2. Building a friendly team
3. Making incident response a shared responsibility (Servidio & Taylor, 2015)
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7CYBER SECURITY INCIDENT RESPONSE TEAM
4. Selecting additional members and subject matter experts when necessary for the cyber
security incident (Alberts et al., 2014).
5. Maintaining awareness and implementing methods in order to produce an effective
response for the computer security incidents.
CSIRT reporting structure
The security managers of the iFinance bank will be responsible for implementing
response to any issue while following the procedures and policies that are meant for the
implementation of the CSIRT (Valladares et al., 2017). The security managers will be
responsible for reporting the incidents actively to the core team members of the iFinance
bank.
CSIRT Organizational model
The core team members of type CSIRT are responsible for monitoring activities and
has the right to access and address any potential threats which when arises within the
organisation (Bada et al., 2014).
Funding request for the proposed CSIRT
The cost to create the proposed CSIRT will depend on a number of resources and
services that will be required to create an incident response team of the organisation. The cost
of the proposed CSIRT will be provided based on the cost required for the administration and
for developing the structure of the CSIRT.
Communication strategy
In order to implement a proper and effective CSIRT in the organisation it is necessary
to implement a well communication strategy plan and coordination process. It is
4. Selecting additional members and subject matter experts when necessary for the cyber
security incident (Alberts et al., 2014).
5. Maintaining awareness and implementing methods in order to produce an effective
response for the computer security incidents.
CSIRT reporting structure
The security managers of the iFinance bank will be responsible for implementing
response to any issue while following the procedures and policies that are meant for the
implementation of the CSIRT (Valladares et al., 2017). The security managers will be
responsible for reporting the incidents actively to the core team members of the iFinance
bank.
CSIRT Organizational model
The core team members of type CSIRT are responsible for monitoring activities and
has the right to access and address any potential threats which when arises within the
organisation (Bada et al., 2014).
Funding request for the proposed CSIRT
The cost to create the proposed CSIRT will depend on a number of resources and
services that will be required to create an incident response team of the organisation. The cost
of the proposed CSIRT will be provided based on the cost required for the administration and
for developing the structure of the CSIRT.
Communication strategy
In order to implement a proper and effective CSIRT in the organisation it is necessary
to implement a well communication strategy plan and coordination process. It is
8CYBER SECURITY INCIDENT RESPONSE TEAM
recommended that the CSIRT team should arrange for a formal management or technical
training class. It is also recommended to arrange for a brainstorming session in order to
discuss about the different operation procedure of the incident scenarios. Besides these
brainstorming sessions it is also recommended to held monthly teleconferences to discuss
about the progress and planning of the implementation of the CSIRT (Jacobs, Solms, &
Grobler, 2015). Supervisors need to understand the challenges that are faced within the
organisation. Developing a checklist will also enhance the communication strategy that is
planned for the CSIRT within the organisation of iFinance.
Proposed timeline to implement the CSIRT
In order to implement the proper CSIRT within the organisation about 18-24 months
of timeline would be required in order to be make the CSIRT fully operational. However, this
timeframe can be extended or compressed based on the number of factors that are made
during the decision process.
Return on Investment (ROI) research
Examples of cyber security incidents in other organisations
Some of the examples of security events that took place in other financial organisation
includes the attack of the Melissa virus which had the capability of infecting more than 50
computers (Schweighofer, Heussler & Kieseberg, 2017). The virus graved its implications on
company servers which contained large number of emails. As a result of this cyber security
incident, about 100000 workplace computers were affected.
Another incident that was reported to take place is the attack of the Love Letter worm.
In the year 2000, millions of people got affected as result of a worm named the Love Letter
worm where millions of files unleashed a malicious program causing damage to millions of
recommended that the CSIRT team should arrange for a formal management or technical
training class. It is also recommended to arrange for a brainstorming session in order to
discuss about the different operation procedure of the incident scenarios. Besides these
brainstorming sessions it is also recommended to held monthly teleconferences to discuss
about the progress and planning of the implementation of the CSIRT (Jacobs, Solms, &
Grobler, 2015). Supervisors need to understand the challenges that are faced within the
organisation. Developing a checklist will also enhance the communication strategy that is
planned for the CSIRT within the organisation of iFinance.
Proposed timeline to implement the CSIRT
In order to implement the proper CSIRT within the organisation about 18-24 months
of timeline would be required in order to be make the CSIRT fully operational. However, this
timeframe can be extended or compressed based on the number of factors that are made
during the decision process.
Return on Investment (ROI) research
Examples of cyber security incidents in other organisations
Some of the examples of security events that took place in other financial organisation
includes the attack of the Melissa virus which had the capability of infecting more than 50
computers (Schweighofer, Heussler & Kieseberg, 2017). The virus graved its implications on
company servers which contained large number of emails. As a result of this cyber security
incident, about 100000 workplace computers were affected.
Another incident that was reported to take place is the attack of the Love Letter worm.
In the year 2000, millions of people got affected as result of a worm named the Love Letter
worm where millions of files unleashed a malicious program causing damage to millions of
You're viewing a preview
Unlock full access by subscribing today!
9CYBER SECURITY INCIDENT RESPONSE TEAM
computer users in just 9 days (Baftiu, 2017). The virus took only few hours to become a
global pandemic
Total cost of an incident
It is estimated that the total cost of a cybercrime incident in financial organisation has
increased up to 40 percent over the past few years. The cost ranges from about US$12.97
million per firm to US$18.28 million.
Direct cost of manpower
The direct cost of manpower is estimated to around $1,694.61.
Direct costs of Equipment
The direct cost of equipment that would be needed is estimated around $27794.54 +/-
$4169.18
Indirect costs
Potential costs of lost business
As a result of the cyber security risks in financial organisations, it is estimated that the
total potential cost of loss to the business will account for 13 percent after implementing the
CSIRT.
Company’s reputation and Brand image
As a result of the implemented CSIRT, the brand image of the iFinance bank will also
get improved across various unit of the business while the team will be able to quickly detect
and respond to the security events even before they get potentially addressed and damage the
organisation’s reputation.
computer users in just 9 days (Baftiu, 2017). The virus took only few hours to become a
global pandemic
Total cost of an incident
It is estimated that the total cost of a cybercrime incident in financial organisation has
increased up to 40 percent over the past few years. The cost ranges from about US$12.97
million per firm to US$18.28 million.
Direct cost of manpower
The direct cost of manpower is estimated to around $1,694.61.
Direct costs of Equipment
The direct cost of equipment that would be needed is estimated around $27794.54 +/-
$4169.18
Indirect costs
Potential costs of lost business
As a result of the cyber security risks in financial organisations, it is estimated that the
total potential cost of loss to the business will account for 13 percent after implementing the
CSIRT.
Company’s reputation and Brand image
As a result of the implemented CSIRT, the brand image of the iFinance bank will also
get improved across various unit of the business while the team will be able to quickly detect
and respond to the security events even before they get potentially addressed and damage the
organisation’s reputation.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10CYBER SECURITY INCIDENT RESPONSE TEAM
Conclusion
Thus, from the above report it can be concluded that for performing a successful
management of security incidents, for any organisation, developing a proper CSIRT is of
utmost importance. It is very much beneficial for establishing a network of one source for
computer security incidents and other cyber security issues that are often faced in the
organisation.
Conclusion
Thus, from the above report it can be concluded that for performing a successful
management of security incidents, for any organisation, developing a proper CSIRT is of
utmost importance. It is very much beneficial for establishing a network of one source for
computer security incidents and other cyber security issues that are often faced in the
organisation.
11CYBER SECURITY INCIDENT RESPONSE TEAM
References:
(2019). Retrieved from
https://www.washingtonpost.com/news/on-leadership/wp/2014/01/13/target-ceo-
opens-up-about-data-breach/?utm_term=.9ae38512b926)
Aguilà Vilà, J. (2016). Identifying and combating cyber-threats in the field of online banking.
Alberts, C., Dorofee, A., Killcrece, G., Ruefle, R., & Zajicek, M. (2014). Defining incident
management processes for csirts: A work in progress (No. CMU/SEI-2004-TR-015).
CARNEGIE-MELLON UNIV PITTSBURGH PA SOFTWARE ENGINEERING
INST.
Bada, M., Creese, S., Goldsmith, M., Mitchell, C., & Phillips, E. (2014). Computer security
incident response teams (CSIRTs) an overview. Global Cyber Security Capacity
Centre, 1-23.
Bada, M., Creese, S., Goldsmith, M., Mitchell, C., & Phillips, E. (2014). Computer security
incident response teams (CSIRTs) an overview. Global Cyber Security Capacity
Centre, 1-23.
Baftiu, N. (2017). Cyber security in Kosovo. European Journal of Economics, 1(1).
Bhasin, M. (2017). Mitigating cyber threats to banking industry. The Chartered
Accountant, 50(10), 1618-1624.
Bradshaw, S. (2015). Combating Cyber Threats: CSIRTs and Fostering International
Cooperation on Cybersecurity.
Drigă, I., & Isac, C. (2014). E-banking services–features, challenges and benefits. Annals of
the University of Petroşani. Economics , 14, 49-58.
References:
(2019). Retrieved from
https://www.washingtonpost.com/news/on-leadership/wp/2014/01/13/target-ceo-
opens-up-about-data-breach/?utm_term=.9ae38512b926)
Aguilà Vilà, J. (2016). Identifying and combating cyber-threats in the field of online banking.
Alberts, C., Dorofee, A., Killcrece, G., Ruefle, R., & Zajicek, M. (2014). Defining incident
management processes for csirts: A work in progress (No. CMU/SEI-2004-TR-015).
CARNEGIE-MELLON UNIV PITTSBURGH PA SOFTWARE ENGINEERING
INST.
Bada, M., Creese, S., Goldsmith, M., Mitchell, C., & Phillips, E. (2014). Computer security
incident response teams (CSIRTs) an overview. Global Cyber Security Capacity
Centre, 1-23.
Bada, M., Creese, S., Goldsmith, M., Mitchell, C., & Phillips, E. (2014). Computer security
incident response teams (CSIRTs) an overview. Global Cyber Security Capacity
Centre, 1-23.
Baftiu, N. (2017). Cyber security in Kosovo. European Journal of Economics, 1(1).
Bhasin, M. (2017). Mitigating cyber threats to banking industry. The Chartered
Accountant, 50(10), 1618-1624.
Bradshaw, S. (2015). Combating Cyber Threats: CSIRTs and Fostering International
Cooperation on Cybersecurity.
Drigă, I., & Isac, C. (2014). E-banking services–features, challenges and benefits. Annals of
the University of Petroşani. Economics , 14, 49-58.
You're viewing a preview
Unlock full access by subscribing today!
12CYBER SECURITY INCIDENT RESPONSE TEAM
Fortinet's Derek Manky on the year ahead in cybersecurity. (2019). Retrieved from
http://video.cnbc.com/gallery/?video=3000469792
Grobler, M., & Bryk, H. (2015, August). Common challenges faced during the establishment
of a CSIRT. In 2015 Information Security for South Africa (pp. 1-6). IEEE.
Hagen, J., & Lysne, O. (2016). Protecting the digitized society—the challenge of balancing
surveillance and privacy. The Cyber Defense Review, 1(1), 75-90.
Hellwig, O., Quirchmayr, G., Huber, E., Goluch, G., Vock, F., & Pospisil, B. (2016, August).
Major challenges in structuring and institutionalizing CERT-communication. In 2016
11th International Conference on Availability, Reliability and Security (ARES) (pp.
661-667). IEEE.
Jacobs, P. C., Solms, S. H., & Grobler, M. M. (2015). Framework for the implementation of
Business Cybersecurity.
Khezri, R., & Tavallaei, R. (2014). Risk Management Strategies of Electron
Mooi, R., & Botha, R. A. (2015, August). Prerequisites for building a computer security
incident response capability. In 2015 Information Security for South Africa
(ISSA) (pp. 1-8). IEEE.
Mshunqane, Z. (2017). Government and private sector cooperation on security of critical
information infrastructures(Doctoral dissertation).
Penedo, D. (2016, August). Technical Infrastructure of a CSIRT. In International Conference
on Internet Surveillance and Protection (ICISP’06) (pp. 27-27). IEEE.
Ruefle, R. M., & Murray, M. (2014). CSIRT requirements for situational awareness.
CARNEGIE-MELLON UNIV PITTSBURGH PA SOFTWARE ENGINEERING
INST.
Fortinet's Derek Manky on the year ahead in cybersecurity. (2019). Retrieved from
http://video.cnbc.com/gallery/?video=3000469792
Grobler, M., & Bryk, H. (2015, August). Common challenges faced during the establishment
of a CSIRT. In 2015 Information Security for South Africa (pp. 1-6). IEEE.
Hagen, J., & Lysne, O. (2016). Protecting the digitized society—the challenge of balancing
surveillance and privacy. The Cyber Defense Review, 1(1), 75-90.
Hellwig, O., Quirchmayr, G., Huber, E., Goluch, G., Vock, F., & Pospisil, B. (2016, August).
Major challenges in structuring and institutionalizing CERT-communication. In 2016
11th International Conference on Availability, Reliability and Security (ARES) (pp.
661-667). IEEE.
Jacobs, P. C., Solms, S. H., & Grobler, M. M. (2015). Framework for the implementation of
Business Cybersecurity.
Khezri, R., & Tavallaei, R. (2014). Risk Management Strategies of Electron
Mooi, R., & Botha, R. A. (2015, August). Prerequisites for building a computer security
incident response capability. In 2015 Information Security for South Africa
(ISSA) (pp. 1-8). IEEE.
Mshunqane, Z. (2017). Government and private sector cooperation on security of critical
information infrastructures(Doctoral dissertation).
Penedo, D. (2016, August). Technical Infrastructure of a CSIRT. In International Conference
on Internet Surveillance and Protection (ICISP’06) (pp. 27-27). IEEE.
Ruefle, R. M., & Murray, M. (2014). CSIRT requirements for situational awareness.
CARNEGIE-MELLON UNIV PITTSBURGH PA SOFTWARE ENGINEERING
INST.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
13CYBER SECURITY INCIDENT RESPONSE TEAM
Schweighofer, E., Heussler, V., & Kieseberg, P. (2017, June). Privacy by Design Data
Exchange Between CSIRTs. In Annual Privacy Forum (pp. 104-119). Springer,
Cham.
Servidio, j. S., & Taylor, r. D. (2015). Safe and Sound: Cybersecurity for Community
Banks. Journal of Taxation & Regulation of Financial Institutions, 28(4).
Skierka, I., Morgus, R., Hohmann, M., & Maurer, T. (2015). CSIRT Basics for Policy-
Makers. The History, Types & Culture of Computer Security Incident Response
Teams.
Valladares, P., Fuertes, W., Tapia, F., Toulkeridis, T., & Pérez, E. (2017, July). Dimensional
data model for early alerts of malicious activities in a CSIRT. In 2017 International
Symposium on Performance Evaluation of Computer and Telecommunication Systems
(SPECTS) (pp. 1-8). IEEE.
West-Brown, M. J., Stikvoort, D., Kossakowski, K. P., Killcrece, G., & Ruefle, R.
(2013). Handbook for computer security incident response teams (csirts) (No.
CMU/SEI-2003-HB-002). CARNEGIE-MELLON UNIV PITTSBURGH PA
SOFTWARE ENGINEERING INST.
Wiik, J., Gonzalez, J. J., & Kossakowski, K. P. (2016, June). Effectiveness of Proactive
CSIRT Services. In IMF (pp. 67-81).
Schweighofer, E., Heussler, V., & Kieseberg, P. (2017, June). Privacy by Design Data
Exchange Between CSIRTs. In Annual Privacy Forum (pp. 104-119). Springer,
Cham.
Servidio, j. S., & Taylor, r. D. (2015). Safe and Sound: Cybersecurity for Community
Banks. Journal of Taxation & Regulation of Financial Institutions, 28(4).
Skierka, I., Morgus, R., Hohmann, M., & Maurer, T. (2015). CSIRT Basics for Policy-
Makers. The History, Types & Culture of Computer Security Incident Response
Teams.
Valladares, P., Fuertes, W., Tapia, F., Toulkeridis, T., & Pérez, E. (2017, July). Dimensional
data model for early alerts of malicious activities in a CSIRT. In 2017 International
Symposium on Performance Evaluation of Computer and Telecommunication Systems
(SPECTS) (pp. 1-8). IEEE.
West-Brown, M. J., Stikvoort, D., Kossakowski, K. P., Killcrece, G., & Ruefle, R.
(2013). Handbook for computer security incident response teams (csirts) (No.
CMU/SEI-2003-HB-002). CARNEGIE-MELLON UNIV PITTSBURGH PA
SOFTWARE ENGINEERING INST.
Wiik, J., Gonzalez, J. J., & Kossakowski, K. P. (2016, June). Effectiveness of Proactive
CSIRT Services. In IMF (pp. 67-81).
1 out of 14
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.