Computer Incident Response Teams Are Needed for Controlling the Impact Research Paper

Computer Incident Response Teams Are Needed for Controlling the Impact of a Security Breach - Research Paper Example CIRT or Computer Incident Response Teams are especially those kinds of teams that are formed for the purpose of minimizing and controlling the impact of a security breach or other emergency (Brussin, Cobb, & Miora, 2003). They are also known as CERT (Computer Emergency Response Teams) and CSIRT (Computer Security Incident Response Teams), but they basically attempt to do the same in case of a computer security threat. This question can only be truly answered by predicting the trends in intrusion and the level of threats expected. Usually, the answer is yes to the above question since an organization rather be safe than sorry! With the increasing number of viruses, spyware, backdoors in the systems being detected, having a CIRT is a must for any organization having informational data on the computers. Before assigning the team and its task, the management needs to make a proper business plan in case of an incident. The plan includes all the details about the CIRT and all the information that the CIRT need to know. Furthermore, for the plan to be successful, the strategy must be feasible, approved and legally reviewed. "It is critical that practice emergencies are staged and response times measured. This would require financial and executive/upper management support and commitment to the CIRT need". (RHE, 2004) Policies regarding the computer system must be in place beforehand. The breach would usually occur when that policy is not obeyed, thus it is imperative to have policies so that the root cause of the problems can be found. These policies need to be documented and provided to every member of the organization so that everyone is aware of security guidelines and the procedures for emergency situations. (Lucas & Moeller, 2003)