INTELLIGENCE IN CSIRT TEAM.

INTELLIGENCE IN CSIRT TEAM.
March 29, 2021 No Comments Assignment Assignment help

• Map the Current System. (INTELLIGENCE IN CSIRT TEAM) • Map the Desired System within the context of strategic guidance. • What are the differences between the two systems. Please see the Q&A below for this paperwork. I emailed him for clarification. Question: The group presentation will lay out “how-to” build/develop a new CSIRT in an unspecified country using US-CERT as the basis for the new CSIRT.. This will focus on how private partners within each LOE can help build capacity as well as share information with the CSIRT to build its capacity. Answer: The focus should be on how to engage the private sector during the development phase of a new CSIRT in an unspecified country. US-CERT can be the basis of best practices for the CSIRT (align your justification for why within US, DHS, and DOS strategies). Not so much private partners within an LOE, but what organizations exist within an LOE to aid in engagement. Question: Specifically, the deliverable will look at the best parts of the US-CERT-private sector relationship and discuss how those best parts can be replicated. We’ll also look at the less-effective “worst” parts of the US-CERT system-private sector relationship and discuss how those worst parts can be avoided in building a new CSIRT. (All within the specified LOE’s) Answer: The deliverable should address the role that US-CERT will play in engaging other actors. However, caution here is not just to focus on US-CERT, but look at what other organizations can do as part of a 5-year plan. Question: So, the desired end state would be a new CSIRT (in a not-to-be-specified country/region) that would have good private-sector information-sharing and partnerships. We would need to list specific examples of what “good partnerships” and “good information sharing” looks like based on US-CERT. Answer: Desired end state: A CSIRT that has private sector engagement built into it’s DNA and has effective local and global information sharing partnerships. Word of caution that I’ve saved for the end: You don’t need to only take what US-CERT is doing. ENISA and the ITU also have CSIRT development programs. You could distill those efforts into one coherent strategy and identify the implementing organizations that would be responsible for a line of effort.