Professional Documents
Culture Documents
Discuss Ways Organizations Have Built A CSIRT. What Are The Components To Building An Effective and Successful CSIRT Team?
Discuss Ways Organizations Have Built A CSIRT. What Are The Components To Building An Effective and Successful CSIRT Team?
One of building an effective CSIRT is training your entire to understand the value of complementary
skills and roles. This helps organization about its serious, cross-functional nature. Every team
member requires eliminating friction between, for example, technical members in the SOC and
nontechnical CSIRT members (Wiik, Gonzalez & Kossakowski, 2006).
Recruit an effective advocate or executive sponsor is also very essential when building an effective
CSIRT. This should be a staff member at the level of a CISO or executive staff member who can
effectively communicate the impact of an incident to other executives, as well as to board members.
This person is also responsible for ensuring that the incident response team receives appropriate
attention, a workable budget, and retains the authority to act swiftly during crisis.
In addition, Creating a deep bench based on realistic IT budgets is another key practice in coming
up with appropriate CSIRT. Since security incidents can occur at any time, you will need to have
CSIRT staff geographically dispersed to ensure someone will be available throughout meaning
availability within 24 hours. Therefore, having an effective CSIRT in a company is very essential.
Reference:
Wiik, J., Gonzalez, J. J., & Kossakowski, K. P. (2006). Effectiveness of Proactive CSIRT Services.
In IMF (pp. 67-81).