developing a critical incident response
Atlang
Member Posts: 2 ■□□□□□□□□□
Bankers Association would like to implement a Critical incident response infrastructure
(BBA CSIRT) that will enable the association to collect and analyze Cyber Threat data and use this
intelligence to alert their members of evolving or existing threats, incidents and vulnerabilities
and advice on mitigation steps or best practices.
Your Role:
Come up with an approach that will guide us in developing a critical incident response
infrastructure for BA.
Best Answer
Answers
-
chrisone Member Posts: 2,278 ■■■■■■■■■□Tell your employer I am free Mon, Wed, & Thursday for 2-3 hrs each evening. I can help develop IR Playbooks for a substantial fee using the NIST framework.
Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
2023 Cert Goals: SC-100, eCPTX -
SteveLavoie Member Posts: 1,133 ■■■■■■■■■□Atlang said:It's an assignment.
-
egrizzly Member Posts: 533 ■■■■■□□□□□I'll be the sucker here that threw you a bone with more info. However that's because I had a similar question in the recent past and somebody threw me a bone. A really big bone for that matter. So here goes.
In your very next meeting with your manager/executive or whatever when they ask you. "Heh, on that cyber thing do you have a plan yet?" What you're gonna need to do is tell them. "yeah, we're going to be meeting those requirements using the NIST Cyber Security Framework". However to get something going real quick we can use components of the CIS Top 20 for our immediate need. I've identified these elements from the CIS Top 20 below:CIS Top 20#3 Continuous Vulnerability Management#6 Maintenance, Monitoring, and Analysis of Audit Logs#8 Malware Defenses#16 Account Monitoring and Control------------
Now after that's said and done you want to dive into the NIST CSF as this is the framework you'll be using to fulfill those requirements over the next 6months or whatever timeline your manager has agreed to. Visit https://www.nist.gov/cyberframework/new-framework#videos then basicallystart from the top-left item labelled "New To Framework" and work your way down to familiarize yourself with it. That site does an extremely good job of baby-stepping you on the method to use NIST CSF to meet those requirements.
Be confident. You can rock it! Hope this helps.B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+