Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Standard view
Full view
of .
Save to My Library
Look up keyword or section
Like this

Table Of Contents

0 of .
Results for:
No results containing your search query
P. 1
Establishing a Computer Security Incident Response Capability (CSIRC)

Establishing a Computer Security Incident Response Capability (CSIRC)

Ratings: (0)|Views: 51 |Likes:
Published by Daniel Checchia

More info:

Published by: Daniel Checchia on Jul 28, 2010
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less





Establishing a Computer SecurityIncident Response Capability(CSIRC)
John P. Wack Computer Systems LaboratoryNational Institute of Standards and Technology
NIST Special Publication 800-3November, 1991
Establishing a Computer Security Incident Response Capability(CSIRC)
Government agencies and other organizations have begun to augment their computer secu-rity efforts because of increased threats to computer security. Incidents involving these threats,including computer viruses, malicious user activity, and vulnerabilities associated with high tech-nology, require a skilled and rapid response before they can cause significant damage. Theseincreased computer security efforts, described here as Computer Security Incident Response Ca-pabilities (CSIRCs), have as a primary focus the goal of reacting quickly and efficiently to com-puter security incidents. CSIRC efforts provide agencies with a centralized and cost-effectiveapproach to handling computer security incidents so that future problems can be efficiently re-solved and prevented.While the risks to computer security have increased, agencies have also become more de-pendent on computers. Many systems in widespread use today do not contain safeguards toguarantee protection from these threats. Additionally, as systems become more complex, they aremore prone to vulnerabilities that can increase the risk of malicious exploitation. Due to greateravailability of computers, users are often de facto system managers, however many have neitherthe requisite skills nor time to manage their systems effectively. These factors make it clear thatagencies need to augment their computer security capabilities before they suffer from seriouscomputer security problems that can harm their missions, result in significant expense, and tar-nish their images.A CSIRC can help agencies resolve computer security problems in a way that is both effi-cient and cost-effective. Combined with policies for centralized reporting, a CSIRC can reducewaste and duplication while providing a better posture against potentially devastating threats. ACSIRC is a
approach to computer security, one that combines reactive capabilities withactive steps to prevent future incidents from occurring.iii

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->