Essay Sample on A Computer Security Response Team

Introduction

A Computer Security Response Team (CSIRT) is a computer specialization branch that usually receives reports of any security breaches, analyzes the reports received and ultimately responds to the senders. CSIRT is an established group or even an ad hoc assembly. CSIRT members consist of a manager who is the leader of the team, supervisors or assistant managers; help desk personnel, incident handlers, platform specialist, vulnerability handlers, trainers and technology watch among other members. There are various additional technical skills that are needed so as to have an effective CSIRT response team that is consisting of employees who have other job duties, that is staff who do not have a full-time CSIRT job category. CSIRT staff members are expected to be equipped with numerous basic knowledge of technical skills. These skills include; excellent knowledge of the various cyber threats as well as incident response procedures, great knowledge of the internal IT structure and good communication skills (Pfleeger, 2017).

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Save 25%

CSIRT members who are not full-time employees are partially outsourced and hence need to have additional technical skills to be able to handle incident related activities such as knowledge of the cyber threat for the organization, have an excellent knowledge of the IT structure of the company, have the capability to dilute any cyber threat, and be able to effectively communicate their findings. These technical skills are needed in a CSIRT who have other job duties so as that they can be able to be integrated into the internal operations of the system. These technical skills are also important in the identification of the type of incidence that has been recently reported to the community (Brown, Greenspan & Biddle, 2016).

Response

In my opinion, I believe that it is much feasible to have a CSIRT response team consisting of various employees that have other job duties such as analysis team members and security providers. This is because these individuals have a wide range of experience and are able to know where a threat is likely to come from and come up with various responses to handle such incidents. Their wide range of knowledge and exposure positively influences their decision making as they are able to make sound and informed decisions. These CSIRT members are able to easily identify any incidents and vulnerabilities of the system. They are able to explain about the incident due to their integrated knowledge hence can easily identify the various solutions to the problem. For the other duties, the employees should take proper training on how to integrate all their responsibilities so that to make a productive CSIRT. The training on CSIRT will however not require much training since they have strong knowledge of the technical skills and also personal skills. This CSIRT who have other job duties that are related to CSIRT, therefore, know much about the functionalities and security of the systems and software of the organization.

Conclusion

As stated above, the technical skills that are acquired by CSIRT members who have other job duties related to this field are able to perform their duties well and effectively. These technical skills include; effective communication skills, excellent knowledge of the various cyber threats as well as incident response procedures, great knowledge of the internal IT structure. They are able to detect, contain and finally eradicate any cyber incidents and also restore the affected IT systems.

References

Brown, J. M., Greenspan, S., & Biddle, R. (2016). Incident Response Teams in IT Operations Centers: the T-TOCs Model of Team Functionality. Cognition, Technology & Work, 18(4), 695-716.

Pfleeger, S. L. (2017). Improving the Cyber security Incident Response Team (CSIRT) Skills, Dynamics and Effectiveness. Trustees of Dartmouth College Hanover United States.