Answered step-by-stepThis week's discussion topic is as follows: Obtaining Management...
This week's discussion topic is as follows:
Obtaining Management Support and Buy-In It should be self-evident that an organization-wide effort will fail without proper management support. Building the CSIRT is no different. Most organizations create the CSIRT by assigning additional duties to the organization members who have other assignments and will work on the CSIRT part-time or as detached assignments.
Therefore, care must be taken to ensure that those assigned roles as CSIRT members do not have irresolvable conflicts with their primary job responsibilities. This consideration requires careful coordination and the authorization of the proper supervisors and higher-level managers. When assigned staff members have other duties, senior management must direct subordinate managers to ensure that the affected individuals spend time away from their primary responsibilities to work on CSIRT activities.
Also, the time and materials to effectively prepare for and react to incidents are two of the resources that will require formal funding and support. Without these resources discussed later in this chapter, the team will find itself scrounging for the tools it needs to contain and control incidents. It is important to note that this management support is not a one-time thing, only required for the start-up of the CSIRT.
The support must be constant and ongoing to sustain the team's efforts and ensure long-term success in managing incidents. Therefore, it is common to appoint a champion for the CSIRT, just as it is essential to nominate an advocate for the entire contingency planning (CP) function, encompassing IR, DR, and BC planning and operations. The champion for the CSIRT may even be the same person as the champion for the entire IR function—typically, the chief information officer (CIO). In any case, it must be an upper-level executive with enough organizational power and authority to ensure the effort's success.
Incident Containment and Eradication Strategies for Specific Attacks: The selection of the appropriate reaction strategy is an exercise in risk assessment, in which the CSIRT leader must determine what the appropriate response is, based on several variables, including the following aspects of the incident:
- Type
- Method of incursion
- The current level of success
- Expected or projected level of success
- The current status of loss
- Expected or projected level of loss
- Target
- Target's level of classification and sensitivity
- Any legal or regulatory impacts mandating a specific response
The complexity of this resulting decision thus mandates clear and convincing CSIRT reaction procedures, enabling the CSIRT leader to make quick and appropriate actions to contain the incident.
What are the essential aspects of a CSIRT? What are the priorities for security and defense against cyber attacks?
PLEASE CITE AND USE A REFERENCE
Answer & Explanation
Solved by verified expertsectet
sectetur adipiscing elit. Nam lacinia pulvinar tortor nec facilisis. Pellentesque dapibus efficitur laoreet. Nam risus ante, dapibus a molestie consequat, ultrices ac magna. Fusce dui lectus, congue vel laoreet ac, dictum vitae odio. Donec aliquet. L
sectetur adipiscing elit. Nam lacinia pulvi
Unlock access to this and over
10,000 step-by-step explanations
Have an account? Log In
Step-by-step explanation
sectetur ad
sectetur adipiscing elit. Nam
sectetur adipiscing elit. Nam lacinia pulvinar tortor nec facilisis. Pellentesque dapibus efficitur laoreet. Nam risus ante, dapibus a molestie consequat, ultrices ac magna. Fusce dui lectus, congue vel laoreet ac, dictum vitae odio. Donec aliquet. Lorem ipsum dolor sit amet, co
sectetur adipiscing elit. Nam lacinia pulvinar tortor nec facilisis. Pellentesque dapibus efficitur laoreet. Nam risus ante, dapibus a molestie consequat, ultrices ac magna. Fusce dui lectus, congue vel laoreet ac, dictum vitae odio. Donec aliquet. Lorem ipsum dolor
sectetur adipiscing elit. Nam lacinia pulvinar tortor nec facilisis. Pellentesque dapibus efficitur laoreet. Nam risus ante, dapibus a molestie consequat, ultrices ac magna. Fusce dui lectus, congue vel laoreet ac, dictum vitae odio. Don
sectetur adipiscing elit. Nam lacinia pulvinar tortor nec facilisis. Pellentesque dapibus efficitur laoreet. Nam risus ante, dapibus a molestie consequat, ultrices ac magna. Fusce dui lectus, congue vel laoreet ac, dictum
sectetur adipiscing elit. Nam lacinia pulvinar tortor nec facilisis. Pellentesque dapibus efficitur laoreet. Nam risus ante, dapibus a molestie consequat, ultrices ac magna. Fusce dui lectus, congu
sectetur adipiscing elit. Nam lacinia pulvinar tortor nec facilisis. Pellentesque dapibus efficitur laoreet. Nam risus ante, dapibus a molestie consequat, ultrices ac magna. Fusce dui lectus, congue vel laoreet ac, dictum vitae odio. Donec aliquet.
sectetur adipiscing elit. Nam lacinia pulvinar tortor nec facilisis. Pellentesque dapibus efficitur laoreet. Nam risus ante, dapibus a molestie consequat, ultrices ac magna. Fusce dui lectus, congue vel laoreet ac, dictum
sectetur adipiscing elit. Nam lacinia pulvinar tortor nec facilisis. Pellentesque dapibus efficitur laoreet. Nam risus ante, dapibus a molestie consequat, ultrices ac magna. Fusce dui lectus, congue vel laoreet ac, dictum vitae odio. Donec aliqu
sectetur adipiscing elit. Nam lacinia pulvinar tortor nec
sectetur adipiscing elit. Nam lacinia pulvinar tortor nec facilisis. Pellentesque dapibus efficitur laoreet. Nam risus ante, dapibus a molestie consequat, ultrices ac magna. Fusce dui lectus, co
sectetur adipiscing elit. Nam lacinia pulvinar tortor nec facilisis. Pellentesque dapibus efficitur laoreet. Nam risus ante, dapibus a molestie consequat, ultrices ac magna. Fusce dui lectus, congue vel laoreet ac,
sectetur adipiscing elit. Nam lacinia pulvinar tortor nec facilisis. Pellentesque dapibus efficitur laoreet. Nam risus ante, dapibus a molestie consequat, ultrices ac magna. Fusce dui lectus, congue vel laoreet ac, dictum vitae odio. Donec aliquet
sectetur adipiscing elit. Nam lacinia pulvinar tortor nec facilisis. Pellentesque dapibus efficitur laoreet. Nam risus ante, dapibus a molestie consequat, ultrices ac magna. Fusce dui lectus, con
sectetur adipiscing elit. Nam lacinia pulvinar tortor nec facilisis. Pellentesque dapibus efficitur laoreet. Nam risus ante, dapibus a molestie consequat, ultrices ac magna. Fusce dui lec
sectetur adipiscing elit. Nam lacinia pulvinar tortor nec facilisis. Pellentesque dapibus efficitur laoreet. Nam risus ante, dapibus a molestie consequat, ultrices ac magna. Fusce dui lectus, congue vel laoreet ac,
sectetur adipiscing elit. Nam lacinia pulvinar tortor nec facilisis. Pellentesque dapibus efficitur laoreet. Nam risus ante, dapibus a molestie consequat, ultrices ac magna. Fusce dui lectus, congue vel laoreet ac, dictum vitae odio. Donec a
sectetur adipiscing elit. Nam lacinia pulvinar tortor nec facilisis. Pellentesque dapibus efficitur laoreet. Nam risus ante, dapibus a molestie consequat, ultrices ac magna. Fusce dui lectus, congue vel laoreet ac, dictum vitae odio. Donec aliquet. Lorem ipsum
sectetur adipiscing elit. Nam lacinia pulvinar tortor nec facilisis. Pellentesque dapibus efficitur laoreet. Nam risus ante, dapibus a molestie consequat, ultrices ac magna. Fusce dui lectus, congue vel laoreet ac, dictum vitae odio. Donec aliquet. Lorem ipsum dolor sit amet, consect
sectetur adipiscing elit. Nam lacinia pulvinar tortor nec facilisis. Pellentesque dapibus efficitur laoreet. Nam risus ante, dapibus a molestie consequat, ultrices ac magna. Fusce dui lectus, congue v
Get unstuck with a CliffsNotes subscription
