What was the purpose of the study?
The major objective of this study is to examine the primary areas of needs for producing a CSIRT model and creating a management model based on the areas of requirement analysis in the existing CSIRT literature. Two views of the model are displayed: a tactical view and a strategic one. Using a DSR (design science research) paradigm, building management models are created. The business prerequisites required to create a CSIRT model are also covered.
What models did the authors evaluate? What models performed better and why?
Strategic view- It focuses on the needs of the business and the choices made by higher-level managers. It indicates the starting point of the model, which mostly refers to the initial choices made when developing the CSIRT model, including:
- Choosing the CSIRT’s target audience; and choosing the best funding strategy.
The tactical view- is concerned with the connections that the four Ps (People, Process, Partner, and Products) still have with the environment. The “how” part of constructing the CSIRT is covered by the view that is employed following the strategic view.
The tactical view is superior to the strategic view because it considers the interaction of people, technologies, and processes. The environment and a constituency are utilized for the people, services, processes, tools, and other domains, much like in the entry points. The connections between the left regions are also included.
Assume you are assisting with IR planning for the Wilmington University Library. What recommendations would you have Wilmington University Library for serving students and faculty?
Protect the passwords – Both instructors and students should choose secure passwords and use unique ones for each website. To safeguard the system against threats, do this is easy. Passwords are stored in the password manager.
Limit the use of external devices– which are used to implant malware in computers and, if the device becomes infected, infects the computers as well, further compromising the privacy of their personal information. So, before using, these should be scanned.
Educating the staff regarding malware links or wrong websites – Employees must also be made aware of the risks. It should be made clear to staff members that they should never open attachments, links, or emails from senders they are unfamiliar with.
Assume you are assisting with IR planning for the Wilmington University Library. What risks would you identify and what recommendations do you have for the Library’s Incident Response Plan?
Malware – Using USB drives can permit users to access the network system through which they can access malware.
Ransomware – Malware is what encrypts the server or the entire computer’s data. It is easily propagated throughout the network. Mail attacks are one way it can attack and have an impact on the system.
Remote work vulnerabilities – As the remote system includes the systems at their homes from any other locations are less secure. They may be vulnerable to browser-based attacks and it becomes difficult to fix once they occur.
Recommendations for the above risks are:
Secure configuration – Each device must be set up to ensure that services are only offered to specific networks or systems. It will assist in lowering some devices’ susceptibility.
Internet gateways and boundary firewall – To safeguard the systems, data, or applications from unwanted access, network techniques such as boundary firewalls, internet gateways, and other devices are necessary. A border firewall manages all incoming and outgoing traffic and stops frequent cyberattacks that can be easily launched from the internet.
References
William, D. (2021). Cybersecurity Checklist for When Your Library Reopens. Retrieved 29 January 2021, from https://blog.techsoup.org/posts/cybersecurity-checklist-for-when-your-library-reopens