CSIRTM resources online

* CSIRTM white paper and training CD available

Longtime readers of this column will have noted that since 2004, I’ve been writing occasional articles about computer security incident response team management (CSIRTM).

As part of the preparations for a new graduate course in CSIRTM to be offered to students as an elective in the Norwich University Master’s of Science in Information Assurance (MSIA) program, I put all my articles together into an edited white paper on the subject and added some new material.

The monograph has the following major headings:


Creating the CSIRT

Responding to Computer Emergencies

Securing the CSIRT: Walk the Talk

Managing the CSIRT

Learning From Emergencies

The white paper is available in HTML and PDF for all non-commercial use (that is, please don’t sell what I give away for free).

On another note, I have received permission from the Defense Information Systems Agency (DISA) of the U.S. Department of Defense to put its excellent CSIRTM training CD online for anyone who wants it.

DISA has stopped producing it, but in response to my enquiry about providing the CD-ROM to MSIA students enrolled in the CSIRTM Elective, someone from DISA with a bit of gender confusion about me caused by my name responded:

"Dear Ms Kabay, / Thank you for your interest! However we discontinued that product, CIRT Management, just recently. We do have a few copies may have kept on hand, if you want a copy, then you can make copies of it for your students. There is no charge for our products."

I double-checked with them about posting the file online, and they were enthusiastic about making it available free to everyone. So, feel free to download the 358MB ZIP file and install it to disk. Use the README file in the ZIP for instructions on installation.


Editor's Note: Is your IT organizational structure holding your company back?

We're assembling a package of stories to be published in Network World looking at the IT organizational structure of the future and we need your help:News Editor Bob Brown

* If your company has recently reorganized in light of new business and technology challenges and opportunities, can you send along "before" and "after" org charts? (Feel free to strip out the names, we're really just looking for titles. But give us a sense of the size of your IT organization/business.) Can you tell us how the reorganization has worked out?

* If your company is in need of an IT org makeover, what areas are currently most dysfunctional?

* Any advice on what your peers can do to improve their IT organizations right now?

We're looking to tap into our readership through a technique some call "crowdsourcing." Knowing we don't have all the answers, but that our audience probably has a lot of them, we're hoping to help you help each other.

Please send info to


Copyright © 2007 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022