Home
Cybersecurity
Security News & Breaches
developing a critical incident response
Atlang
Bankers Association would like to implement a Critical incident response infrastructure (BBA CSIRT) that will enable the association to collect and analyze Cyber Threat data and use this intelligence to alert their members of evolving or existing threats, incidents and vulnerabilities and advice on mitigation steps or best practices. Your Role: Come up with an approach that will guide us in developing a critical incident response infrastructure for BA.
Find more posts tagged with
Accepted answers
JDMurray
Homework assignment?
All comments
JDMurray
Homework assignment?
chrisone
Tell your employer I am free Mon, Wed, & Thursday for 2-3 hrs each evening. I can help develop IR Playbooks for a substantial fee using the NIST framework.
Atlang
It's an assignment.
SteveLavoie
Atlang
said:
It's an assignment.
Ok, so start by reading the NIST Framework and make up your own mind
Then once you have specific question, go ahead and ask
egrizzly
I'll be the
sucker
here that threw you a bone with more info. However that's because I had a similar question in the recent past and somebody threw me a bone. A really big bone for that matter. So here goes.
In your very next meeting with your manager/executive or whatever when they ask you. "Heh, on that cyber thing do you have a plan yet?" What you're gonna need to do is tell them. "yeah, we're going to be meeting those requirements using the NIST Cyber Security Framework". However to get something going real quick we can use components of the
CIS Top 20
for our immediate need. I've identified these elements from the CIS Top 20 below:
CIS Top 20
#3 Continuous Vulnerability Management
#6 Maintenance, Monitoring, and Analysis of Audit Logs
#8 Malware Defenses
#16 Account Monitoring and Control
------------
Now after that's said and done you want to dive into the NIST CSF as this is the framework you'll be using to fulfill those requirements over the next 6months or whatever timeline your manager has agreed to. Visit
https://www.nist.gov/cyberframework/new-framework#videos
then basically
start from the top-left item labelled "New To Framework" and work your way down to familiarize yourself with it. That site does an extremely good job of baby-stepping you on the method to use NIST CSF to meet those requirements.
Be confident. You can rock it! Hope this helps.
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
