Network Security - Network World

Security

CSIRT Management: Lessons from other group postmortems

My favorite graduate course in the Norwich University Master of Science in Information Assurance Program is the "Computer Security Incident Response Team Management" graduate seminar which I developed some years ago based in part on an extensive series of articles on the subject that appeared here in the Network World Security Strategies and that I collected for readers in a single document freely available on my Web site along with a free companion CD-ROM from the Defense Information Systems Agency on the subject.

In 2008, I was blessed with five excellent students who not only wrote their weekly essays well but also participate enthusiastically in the weekly discussions (we have three or occasionally four topics for them to use in sharing insights and experiences) and in Week 9 of the 11-week course, one of the questions was as follows:

"Postmortems are conducted in many other fields – well, for example, as autopsies! But perhaps some of you have actually participated in non-CSIRT teams where a postmortem was standard operating procedure. Examples might include, say, a sports team, any kind of problem-solving team, a marketing group looking at an advertising campaign, a group of professors evaluating a new course, and a group of detectives or attorneys looking at how an investigation or a courtroom proceeding turned out. Please share interesting experiences of this kind with your classmates and see if any of your insights can be constructively applied to CSIRT management."
Continued

Recent Newsletters | Archive

Iran, disintermediation and cyberwar 06/29/09
Subtle pressures for security policy compliance 06/24/09
Working with consultants part 4 06/22/09
Working with consultants part 3 06/17/09

Click Here

Question of the Day: IT Asked & Answered

I work with a PostgreSQL database that sits behind two SSH logins. The first machine is accessible from the Internet. The second machine is accessible only by SSH and only from the first machine. How...By Anon

More ways to stay informed

NetworkWorld content as you like it

News

RSA's Coviello: Cloud computing not secure enough

Cloud-based services are being rolled out without enough attention being paid to securing these...
IDaaS picks up steam

The buzz around Identity as a Service is heating up. I'll be discussing this in an online Webinar...
Bad guys learn a lesson about disaster recovery

It didn't take long for spammers to learn their lesson. About seven months after the McColo... ...1
Security guard charged with hacking hospital systems

The grainy video shows a bleary-eyed young man in a hoodie inside the Carrell Clinic in Dallas,... ...2
Apple patching serious SMS vulnerability on iPhone

Apple is working to fix an iPhone vulnerability that could allow an attacker to remotely install... ...1
Jailbroken iPhones leave users more vulnerable

Jailbreaking an iPhone leaves users vulnerable to attack by stripping away most of the handset's... ...2
Mozilla slates first Firefox 3.5 patch

Mozilla will patch the just-released Firefox 3.5 later this month to stamp out several bugs that...
The notification chain when a breach is suspected

A few weeks ago, we provided best practice tips on preserving log data for a forensic...
Conficker: Forgotten but not Gone

Conficker may not dominate the headlines any longer, but it's still going strong, according to...
Conficker cost Manchester council £1.5m

Manchester City Council has cancelled hundreds of fines for drivers caught on camera in bus lanes,...
Fly-by SMS death threats hold Aussies to ransom

The federal government has issued a warning against fly-by criminals who are issuing SMS death...
New Trojan puts sneaky twist on click fraud

A new piece of malicious software has been discovered that cheats Google and potentially other...
Gov't official: We're serious about cybersecurity this time

The U.S. White House is determined to follow through on its efforts to make cybersecurity a top...
Backup for spammers

Disaster recovery experts take note. One of the largest and most active botnets, US-based Cutwail,...
Google: Spammers regroup after ISP takedowns

Spammers are pumping out an increasing number of garbage messages as they regain their capacity to... ...1

View Security news | All news

Skip Links

Network World

Security

CSIRT Management: Lessons from other group postmortems

Question of the Day: IT Asked & Answered

More ways to stay informed

News

RSA's Coviello: Cloud computing not secure enough

IDaaS picks up steam

Bad guys learn a lesson about disaster recovery

Security guard charged with hacking hospital systems

Apple patching serious SMS vulnerability on iPhone

Jailbroken iPhones leave users more vulnerable

Mozilla slates first Firefox 3.5 patch

The notification chain when a breach is suspected

Conficker: Forgotten but not Gone

Conficker cost Manchester council £1.5m

Fly-by SMS death threats hold Aussies to ransom

New Trojan puts sneaky twist on click fraud

Gov't official: We're serious about cybersecurity this time

Backup for spammers

Google: Spammers regroup after ISP takedowns

Featured Video

Blogs

HIDDEN MICROSOFT

SECURITY IDENTITY MANAGEMENT ALERT

SECURITY STRATEGIES ALERT

CLOUD SECURITY ALERT

NETWORKING NUGGETS AND SECURITY SNIPPETS

SECURITY: RISK AND REWARD

JAMEY HEARY: CISCO SECURITY EXPERT

INSIDER THREAT

Clear Choice Tests

Case Studies

Skip Links

Security

Free Newsletters

More ways to stay informed

News

Featured Video

Blogs

Clear Choice Tests

Case Studies

Sponsored Links