- BlackBerry Storm vs. the iPhone
- Digg's Kevin Rose: "We have to do better"
- Blogger warns: "Nortel doesn't make it out alive"
- Financial quagmire bringing out the scammers
- Verizon plays with the wrong e-mail addresses
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:Application Performance Solutions | App Performance | Networking Solution | SafeGuard Enterprise Solution Center | SOA | Test your Web Filter | Value of WDS
Mich Kabay takes a high-level view of security issues and provides resources to help safeguard your corporate and personal security.
Once we've hired a good employee and invested in training and integrating that person into our operations, it's a terrible waste to lose their enthusiasm and even their services through burnout and turnover.
MSIA graduate Timothy Dzierzek wrote an excellent paper in the course I taught on Computer Security Incident Response Team Management last summer, and I’m delighted to present his work (slightly edited) in this and two additional columns based on his case study organization, which is represented pseudonymously as “Smith & Smith.”
By the way, even professors in the MSIA do not normally know their students’ case study names – we are deeply concerned with protecting confidentiality of their sources and explicitly ask them not to reveal details of the organizations they are studying.
* * *
Hiring adequate staff for a Computer Security Incident Response Team (CSIRT) represents a critical challenge for any organization. The CSIRT must have an adequate number of employees to respond to computer security incidents. Author Danny Smith, a member of the Australian Computer Emergency Response Team, states that “the size of a team would have an effect on the overall capability of the team.”
In addition, the CSIRT must employ technicians with necessary skills and experiences. Experts at the CERT Coordination Center state, “[Y]ou need people with a certain set of skills and technical expertise, with abilities that enable them to respond to incidents, perform analysis tasks, and communicate effectively with your constituency and other external contacts.” Meeting these two requirements ensures the CSIRT has adequate staff to perform this valuable function.
Once organizations hire employees for the CSIRT, they must manage their personnel to maintain adequate staffing levels. One area that organizations must focus on is staff turnover. A Help Desk Institute study published in 2000 suggested that 48% of help-desk managers interviewed the previous year considered staff turnover a serious problem.
A specific area that organizations must address is the effect that staff burnout has on the CSIRT’s capabilities. The authors of Handbook for Computer Security Incident Response Teams (CSIRTs) state, “Many CSIRT staff suffer from burnout…, where the constant pressures and stress from daily… incident handling tasks become a burden and intrude into the private life.” Each of these factors has detrimental effects on the CSIRT.
M. E. Kabay, PhD, CISSP-ISSMP, is Program Director of the Master of Science in Information Assurance program at Norwich University.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment