Presentation is loading. Please wait.

Presentation is loading. Please wait.

Preserving a balanced CSIRT constituency

Published byShanna Wells Modified over 6 years ago

Similar presentations

Presentation on theme: "Preserving a balanced CSIRT constituency"— Presentation transcript:

1 Preserving a balanced CSIRT constituency
Goal: Improve retaining the internal constituency – i.e., the customer base or community who by its funding enable the existence of the CSIRT. CSIRT = Computer Security Incident Team How: Workshops, face-to-face meetings, frequent teleconferences & virtual meetings with managing director and staff of CSIRT. Access to numerical data, docs and mental models Partner: One of Europe’s largest and oldest coordinating CSIRTs CSIRTs get incident reports from their constituency (internal sites) and from external sites that detect incidents coming from the CSIRTs constituency. The observed increasing reliance on external reporting is a problem, since it indicates that the recognition of the CSIRT by its constituency is correspondingly weaker. It also means that external reporting fills up more of the incident response capacity. Historical variation relative to average for internal and external reporting sites as well as internal and external reporting in , and for total high-priority incident reporting The number of sites varies with a similar pattern as the total number of incidents reported. However, the internal sites seems to vary more in absolute numbers, and an increasing gap in the number of reporting sites is emerging from 2003. The handling capacity represents an internal limit to the growth of the CSIRTs workload and this forms several balancing feedback loops that may counteract growth of sites by slowing down the rate of attraction of new sites, B5 (sl) and the rate of new frequent reporters through B4 (sl) Base Run (l.h.s.): The instabilities create an imbalance that – if it persists – could threaten the very existence of the CSIRT. Policy analysis (r.h.s.): A strategy that reduces the turnover of the most frequent reporters (right) is much better than attempting to attract a higher number of frequent reporters (left) The base case scenario shows the behavior of key variables from 1993 to 2015, using the historical policies identified in the case Simulation results comparing the base case to amplified attraction (left column) and preserving reporting sites (right column) Johannes Wiik1, Jose J. Gonzalez2, Pål I. Davidsen3, Klaus-Peter Kossakowski4 1University of Agder, Faculty of Engineering and Science, Department of ICT, 4898 Grimstad, Norway 2University of Agder, Faculty of Engineering and Science, Department of ICT, Grimstad, Norway 2NISlab, Gjøvik University College, 2802 Gjøvik, Norway 3Institute for geography, University of Bergen, 5020 Bergen, Norway 4SEI Europe, Carnegie Mellon University, Frankfurt, Germany

Download ppt "Preserving a balanced CSIRT constituency"

Similar presentations

Setting internal Quality Assurance systems

Setting internal Quality Assurance systems
S3-1 © 2001 Carnegie Mellon University OCTAVE SM Process 3 Identify Staff Knowledge Software Engineering Institute Carnegie Mellon University Pittsburgh,

S3-1 © 2001 Carnegie Mellon University OCTAVE SM Process 3 Identify Staff Knowledge Software Engineering Institute Carnegie Mellon University Pittsburgh,
© 2003 Carnegie Mellon University slide 1 Building CSIRT Capabilities and the State of the Practice Georgia Killcrece CSIRT Development Team CERT ® Training.

© 2003 Carnegie Mellon University slide 1 Building CSIRT Capabilities and the State of the Practice Georgia Killcrece CSIRT Development Team CERT ® Training.
Major: System Dynamics

Major: System Dynamics
Timed. Transects Statistics indicate that overall species Richness varies only as a function of method and that there is no difference between sites.

Timed. Transects Statistics indicate that overall species Richness varies only as a function of method and that there is no difference between sites.
Women and STEM (Science, Technology, Engineering and Maths) Bill Jones Executive Director Student Experience Julie Byrne Principal of Sheffield City College.

Women and STEM (Science, Technology, Engineering and Maths) Bill Jones Executive Director Student Experience Julie Byrne Principal of Sheffield City College.
“When out of ammo, Reload” CYBERSECURITY CHALLENGES AND THREATS Ahmed Husain Managing Director.

“When out of ammo, Reload” CYBERSECURITY CHALLENGES AND THREATS Ahmed Husain Managing Director.
University of Jyväskylä Agora Human Technology Center.

University of Jyväskylä Agora Human Technology Center.
© 2001 Carnegie Mellon University S8A-1 OCTAVE SM Process 8 Develop Protection Strategy Workshop A: Protection Strategy Development Software Engineering.

© 2001 Carnegie Mellon University S8A-1 OCTAVE SM Process 8 Develop Protection Strategy Workshop A: Protection Strategy Development Software Engineering.
IT ISSUES & TRENDS, 2015 Faculty Technology Day Wednesday, August 19, 2025.

IT ISSUES & TRENDS, 2015 Faculty Technology Day Wednesday, August 19, 2025.
The Science of Cyber Security Laurie Williams 1 Figure from IEEE Security and Privacy, May-June 2011 issue.

The Science of Cyber Security Laurie Williams 1 Figure from IEEE Security and Privacy, May-June 2011 issue.
Experience to create and manage Computer Security Incident Response Team in Latvia Egils Stūrmanis DDIRV (VITA CSIRT) manager State Joint Stock Company.

Experience to create and manage Computer Security Incident Response Team in Latvia Egils Stūrmanis DDIRV (VITA CSIRT) manager State Joint Stock Company.
The skills revolution in South Africa has started. SETAs are undoubtedly the pilots at the helm, ensuring that the vision of “skills for productive citizenship.

The skills revolution in South Africa has started. SETAs are undoubtedly the pilots at the helm, ensuring that the vision of “skills for productive citizenship.
Vice Chancellor of Engineering and Computer Science Oregon University System Mobilizing Oregon A Partnership to Build a 21st Century Technology Workforce.

Vice Chancellor of Engineering and Computer Science Oregon University System Mobilizing Oregon A Partnership to Build a 21st Century Technology Workforce.
This presentation, including any supporting materials, is owned by Gartner, Inc. and/or its affiliates and is for the sole use of the intended Gartner.

This presentation, including any supporting materials, is owned by Gartner, Inc. and/or its affiliates and is for the sole use of the intended Gartner.
Dr Johann Hugo Prestige Academy CHE QEP Workshop for PHEIs 17-18 Sept 2015 Cape Town Quality in Private Higher Education: Wake up or shake up?!

Dr Johann Hugo Prestige Academy CHE QEP Workshop for PHEIs Sept 2015 Cape Town Quality in Private Higher Education: Wake up or shake up?!
Chronic Workload Problems in Computer Security Incident Response Teams Johannes Wiik, Jose J. Gonzalez University of Agder, Norway Pål I. Davidsen University.

Chronic Workload Problems in Computer Security Incident Response Teams Johannes Wiik, Jose J. Gonzalez University of Agder, Norway Pål I. Davidsen University.
CERT Centers, Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890 SEI is sponsored by the U.S. Department of Defense ©

CERT Centers, Software Engineering Institute Carnegie Mellon University Pittsburgh, PA SEI is sponsored by the U.S. Department of Defense ©
1  Carnegie Mellon University Overview of the CERT/CC and the Survivable Systems Initiative Andrew P. Moore CERT Coordination Center.

1  Carnegie Mellon University Overview of the CERT/CC and the Survivable Systems Initiative Andrew P. Moore CERT Coordination Center.
1 Comments on Kirabo Jackson: «Recruiting and Retaining Quality Teachers» Torberg Falch Department of Economics Norwegian University of Science and technology.

1 Comments on Kirabo Jackson: «Recruiting and Retaining Quality Teachers» Torberg Falch Department of Economics Norwegian University of Science and technology.

Similar presentations

Ads by Google