2. Who Should Be on a CSIRT?
CSIRT teams often are formed in response to specific incidents and are composed of individuals with various technical, communication and administrative skills. Since the main goal is to limit the impact of cyber incidents, a CSIRT should include security analysts, network and system administrators, vulnerability experts, incident handlers, and managers.
3. What CSIRT Organizational Model Makes Sense for My Institution?
When creating a CSIRT organizational model, an institution must first establish how incident response individuals and teams will work together to carry out cyber incident response. A CSIRT may also involve other parts of an institution, like human resources and legal, to keep employees and the public informed about incidents.
Click the banner below to learn how to strengthen your team's security strategy.