Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 CREATING AND MANAGING CERT. 2 Internet Wonderful and Terrible “The wonderful thing about the Internet is that you’re connected to everyone else. The.

Published byMae Norris Modified over 8 years ago

Similar presentations

Presentation on theme: "1 CREATING AND MANAGING CERT. 2 Internet Wonderful and Terrible “The wonderful thing about the Internet is that you’re connected to everyone else. The."— Presentation transcript:

1 1 CREATING AND MANAGING CERT

2 2 Internet Wonderful and Terrible “The wonderful thing about the Internet is that you’re connected to everyone else. The terrible thing about the Internet is that you’re connected to everyone else.” Vint Cerf

3 3 Introduction Keeping organizational information assets secure in today's interconnected computing environment is a true challenge that becomes more difficult with each new "e" product and each new intruder tool.

4 4 Introduction Most organizations realize that there is no one solution or panacea for securing systems and data; instead a multi-layered security strategy is required. One of the layers that many organizations are including in their strategy today is the creation of a Computer Security Incident Response Team, generally called a CSIRT.

5 5 Motivation Motivators driving the establishment of CERT: –A general increase in the number of computer security incidents being reported. –Organizations on the need for security policies and practices as part of their overall risk-management strategies. –New laws and regulations. –System and network administrators alone cannot protect organizational systems and assets –Prepared plan and strategy is required

6 6 What is a CERT? An organization or team that provides, to a defined constituency, services and support for both preventing and responding to computer security incidents.

7 7 Process versus Technology Incident handling is not just the application of technology to resolve computer security events –It is the development of a plan of action. –It is the establishment of processes for Notification and communication Collaboration and coordination Analysis and response

8 8 Benefits of CERT Reactive –Focused response effort –More rapid and standardized response –Stable cadre of staff with incident handling expertise, combined with functional business knowledge. –Coordination with others in security community.

9 9 Benefits of CERT Proactive : –- Enabler of organizational business goals. –- Value-added services to business processes. –- Input into product development cycle or network operations. –- Assistance in performing vulnerability assessments and development of security policies.

10 10 What Does a CERT Do? In general CERT –Provides a single point of contact for reporting local problems –Assists the organizational constituency and general computing community in preventing and handling computer security incidents –Shares information and lessons learned with other response teams and other appropriate organizations and sites

11 11 General Categories of CERT Internal CERT –Educational –Governmental –Commercial Coordination Centers –Country –State –Region Analysis Centers Vendor Incident response provider

12 12 Stages of CERT Development Stage 1Educating the organization Stage 2Planning effort Stage 3Initial implementation Stage 4Operational phase Stage 5Peer collaboration

13 13 Creating an Effective CERT To be effective, a CERT requires four basic elements –An operational framework –A service and policy framework –A quality assurance framework –The capability to adapt to a changing environment and changing threat profiles

14 14 Implementation Recommendations Get Management buy-in and organizational consensus Match goals to parent or constituent organizational policies and business goals Select CERT development project team. Communicate throughout the process Start small and grow Use what exists, if appropriate. (Re-use is good.)

15 15 Implementation Steps: Get approval and support from management Identify who will need to be involved Have an announcement sent out by management Select a project team Collect information –Research what other organizations are doing –Identify existing processes and workflows –Interview key stakeholders and participants

16 16 Implementation Steps With input from stakeholders determine –CERT mission CERT range and levels of service CERT reporting structure, authority and organizational model Identify interactions with key parts of the constituency Define roles and responsibilities for interactions –Create a plan based on the vision or framework. –Obtain feedback on the plan –Build CERT –Announce CERT –Get feedback

17 17 Common Problems Failure to –Include all involved parties –Achieve consensus –Develop and overall vision and framework –Outline and document policies and procedures Organizational battles Taking on too many services Unrealistic expectations or perceptions Lack of time staff, and funding

18 18 Think Big Start Small Scale Fast !!!!!!!!!!!!

19 19

Download ppt "1 CREATING AND MANAGING CERT. 2 Internet Wonderful and Terrible “The wonderful thing about the Internet is that you’re connected to everyone else. The."

Similar presentations

International Telecommunication Union An Insight into BDT Programme 3 Marco Obiso ICT Applications and Cybersecurity Division Telecommunication Development.

International Telecommunication Union An Insight into BDT Programme 3 Marco Obiso ICT Applications and Cybersecurity Division Telecommunication Development.
DISASTER PLANNING: Do it Before Disaster Strikes Community Issues Satellite Workshops Department of Commerce & Economic Opportunity.

DISASTER PLANNING: Do it Before Disaster Strikes Community Issues Satellite Workshops Department of Commerce & Economic Opportunity.
The Greening of North Carolina Network NCSU IES: www.ies.ncsu.edu GNCN: www.ncsu.edu/climatewisewww.ies.ncsu.eduwww.ncsu.edu/climatewise.

The Greening of North Carolina Network NCSU IES: GNCN:
Enterprise Security A Framework For Tomorrow Christopher P. Buse, CPA, CISA, CISSP Chief Information Security Officer State of Minnesota.

Enterprise Security A Framework For Tomorrow Christopher P. Buse, CPA, CISA, CISSP Chief Information Security Officer State of Minnesota.
© 2003 Carnegie Mellon University slide 1 Building CSIRT Capabilities and the State of the Practice Georgia Killcrece CSIRT Development Team CERT ® Training.

© 2003 Carnegie Mellon University slide 1 Building CSIRT Capabilities and the State of the Practice Georgia Killcrece CSIRT Development Team CERT ® Training.
Building Capabilities for Incident Handling and Response

Building Capabilities for Incident Handling and Response
© 2001 by Carnegie Mellon University PPA-1 OCTAVE SM : Participants Briefing Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213.

© 2001 by Carnegie Mellon University PPA-1 OCTAVE SM : Participants Briefing Software Engineering Institute Carnegie Mellon University Pittsburgh, PA
A Framework to Implement a National Cyber Security Structure for Developing Nations ID Ellefsen - SH von Solms - Academy.

A Framework to Implement a National Cyber Security Structure for Developing Nations ID Ellefsen - SH von Solms - Academy.
Dr. Julian Lo Consulting Director ITIL v3 Expert

Dr. Julian Lo Consulting Director ITIL v3 Expert
Security Controls – What Works

Security Controls – What Works
IT Strategic Planning Project – Hamilton Campus FY2005.

IT Strategic Planning Project – Hamilton Campus FY2005.
Unit 8: Tests, Training, and Exercises Unit Introduction and Overview Unit objectives:  Define and explain the terms tests, training, and exercises. 

Unit 8: Tests, Training, and Exercises Unit Introduction and Overview Unit objectives:  Define and explain the terms tests, training, and exercises. 
1 Case Study ESTABLISHING NATIONAL CERT By Saleem Al-Balooshi Etisalat - AE.

1 Case Study ESTABLISHING NATIONAL CERT By Saleem Al-Balooshi Etisalat - AE.
Why Managers Must Understand IT Managers play a key role –Frame opportunities and threats so others can understand them –Evaluate and prioritize problems.

Why Managers Must Understand IT Managers play a key role –Frame opportunities and threats so others can understand them –Evaluate and prioritize problems.
4 4 By: A. Shukr, M. Alnouri. Many new project managers have trouble looking at the “big picture” and want to focus on too many details. Project managers.

4 4 By: A. Shukr, M. Alnouri. Many new project managers have trouble looking at the “big picture” and want to focus on too many details. Project managers.
Privileged and Confidential Strategic Approach to Asset Management Presented to October 2004 2004 Urban Water Council Regional Seminar.

Privileged and Confidential Strategic Approach to Asset Management Presented to October Urban Water Council Regional Seminar.
National Public Health Performance Standards Local Assessment Instrument Essential Service:3 Inform, Educate, and Empower People about Health Issues.

National Public Health Performance Standards Local Assessment Instrument Essential Service:3 Inform, Educate, and Empower People about Health Issues.
Allen Hepner Senior Planning & Performance Manager September 22, 2011

Allen Hepner Senior Planning & Performance Manager September 22, 2011
NGAC Interagency Data Sharing and Collaboration Spotlight Session: Best Practices and Lessons Learned Robert F. Austin, PhD, GISP Washington, DC March.

NGAC Interagency Data Sharing and Collaboration Spotlight Session: Best Practices and Lessons Learned Robert F. Austin, PhD, GISP Washington, DC March.
Solution Overview for NIPDEC- CDAP July 15, 2005.

Solution Overview for NIPDEC- CDAP July 15, 2005.

Similar presentations

Ads by Google