CREATING AND MANAGING CERT - PowerPoint PPT Presentation

About This Presentation
Title:

CREATING AND MANAGING CERT

Description:

The terrible thing about the Internet is that you're connected to everyone else.' Vint Cerf ... Keeping organizational information assets secure in today's ... – PowerPoint PPT presentation

Number of Views:19
Avg rating:3.0/5.0
Slides: 20
Provided by: Dev4151
Category:
Tags: and | cert | creating | managing | vint

less

Transcript and Presenter's Notes

Title: CREATING AND MANAGING CERT


1
CREATING AND MANAGING CERT
2
Internet Wonderful and Terrible
The wonderful thing about the Internet is that
youre connected to everyone else. The terrible
thing about the Internet is that youre connected
to everyone else. Vint Cerf
3
Introduction
  • Keeping organizational information assets secure
    in today's interconnected computing environment
    is a true challenge that becomes more difficult
    with each new "e" product and each new intruder
    tool.

4
Introduction
  • Most organizations realize that there is no one
    solution or panacea for securing systems and
    data instead a multi-layered security strategy
    is required .
  • One of the layers that many organizations are
    including in their strategy today is the creation
    of a Computer Security Incident Response Team,
    generally called a CSIRT.

5
Motivation
  • Motivators driving the establishment of CERT
  • A general increase in the number of computer
    security incidents being reported.
  • Organizations on the need for security policies
    and practices as part of their overall
    risk-management strategies.
  • New laws and regulations.
  • System and network administrators alone cannot
    protect organizational systems and assets
  • Prepared plan and strategy is required

6
What is a CERT?
  • An organization or team that provides, to a
    defined constituency, services and support for
    both preventing and responding to computer
    security incidents.

7
Process versus Technology
  • Incident handling is not just the application of
    technology to resolve computer security events
  • It is the development of a plan of action.
  • It is the establishment of processes for
  • Notification and communication
  • Collaboration and coordination
  • Analysis and response

8
Benefits of CERT
  • Reactive
  • Focused response effort
  • More rapid and standardized response
  • Stable cadre of staff with incident handling
    expertise, combined with functional business
    knowledge.
  • Coordination with others in security community.

9
Benefits of CERT
  • Proactive
  • - Enabler of organizational business goals.
  • - Value-added services to business processes .
  • - Input into product development cycle or network
    operations .
  • - Assistance in performing vulnerability
    assessments and development of security policies
    .

10
What Does a CERT Do?
  • In general CERT
  • Provides a single point of contact for reporting
    local problems
  • Assists the organizational constituency and
    general computing community in preventing and
    handling computer security incidents
  • Shares information and lessons learned with other
    response teams and other appropriate
    organizations and sites

11
General Categories of CERT
  • Internal CERT
  • Educational
  • Governmental
  • Commercial
  • Coordination Centers
  • Country
  • State
  • Region
  • Analysis Centers
  • Vendor
  • Incident response provider

12
Stages of CERT Development
  • Stage 1 Educating the organization
  • Stage 2 Planning effort
  • Stage 3 Initial implementation
  • Stage 4 Operational phase
  • Stage 5 Peer collaboration

13
Creating an Effective CERT
  • To be effective, a CERT requires four basic
    elements
  • An operational framework
  • A service and policy framework
  • A quality assurance framework
  • The capability to adapt to a changing environment
    and changing threat profiles

14
Implementation Recommendations
  • Get Management buy-in and organizational
    consensus
  • Match goals to parent or constituent
    organizational policies and business goals
  • Select CERT development project team.
  • Communicate throughout the process
  • Start small and grow
  • Use what exists, if appropriate. (Re-use is
    good.)

15
Implementation Steps
  • Get approval and support from management
  • Identify who will need to be involved
  • Have an announcement sent out by management
  • Select a project team
  • Collect information
  • Research what other organizations are doing
  • Identify existing processes and workflows
  • Interview key stakeholders and participants

16
Implementation Steps
  • With input from stakeholders determine
  • CERT mission
  • CERT range and levels of service
  • CERT reporting structure, authority and
    organizational model
  • Identify interactions with key parts of the
    constituency
  • Define roles and responsibilities for
    interactions
  • Create a plan based on the vision or framework.
  • Obtain feedback on the plan
  • Build CERT
  • Announce CERT
  • Get feedback

17
Common Problems
  • Failure to
  • Include all involved parties
  • Achieve consensus
  • Develop and overall vision and framework
  • Outline and document policies and procedures
  • Organizational battles
  • Taking on too many services
  • Unrealistic expectations or perceptions
  • Lack of time staff, and funding

18
Think BigStart SmallScale Fast!!!!!!!!!!!!
19
(No Transcript)
Write a Comment
User Comments (0)
About PowerShow.com