Sharifah Roziah Mohd Kassim, Solahuddin Bin Shamsuddin, Shujun Li, B. Arief
{"title":"How National CSIRTs Operate: Personal Observations and Opinions from MyCERT","authors":"Sharifah Roziah Mohd Kassim, Solahuddin Bin Shamsuddin, Shujun Li, B. Arief","doi":"10.1109/DSC54232.2022.9888803","DOIUrl":null,"url":null,"abstract":"Computer Security Incident Response Teams (CSIRTs) have been established at national and organisational levels to respond to and mitigate cyber incidents. National CSIRTs play a critical role in defending a nation's infrastructure from cyber attacks. However, the research literature lacks studies that can provide first-hand insights on current operational practices in national CSIRTs and challenges faced by staff at national CSIRTs. This paper provides personal observations and opinions from two members of staff at MyCERT (Malaysia's national CSIRT), regarding important areas of national CSIRTs' operational practices including cross-CSIRT collaboration, the lack of systematic use of data and tools, and the lack of evaluation of data and tools used. We hope this paper can help stimulate more research and work to address some of the gaps we identified.","PeriodicalId":368903,"journal":{"name":"2022 IEEE Conference on Dependable and Secure Computing (DSC)","volume":"28 2 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE Conference on Dependable and Secure Computing (DSC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/DSC54232.2022.9888803","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
Abstract
Computer Security Incident Response Teams (CSIRTs) have been established at national and organisational levels to respond to and mitigate cyber incidents. National CSIRTs play a critical role in defending a nation's infrastructure from cyber attacks. However, the research literature lacks studies that can provide first-hand insights on current operational practices in national CSIRTs and challenges faced by staff at national CSIRTs. This paper provides personal observations and opinions from two members of staff at MyCERT (Malaysia's national CSIRT), regarding important areas of national CSIRTs' operational practices including cross-CSIRT collaboration, the lack of systematic use of data and tools, and the lack of evaluation of data and tools used. We hope this paper can help stimulate more research and work to address some of the gaps we identified.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
