Fandom

The IT Law Wiki

Computer Security Incident Response Team

32,181pages on
this wiki
Add New Page
Talk0 Share

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.

Definitions Edit

A Computer Security Incident Response Team (CSIRT) (also called a Computer Incident Response Team (CIRT) or a Computer Incident Response Center, or a Computer Incident Response Capability) (CIRC) is

[a] capability set up for the purpose of assisting in responding to computer security-related incidents.[1]
[a]n organization "that coordinates and supports the response to security incidents that involve sites within a defined constituency."[2]

Overview Edit

The job of a Computer Security Incident Response Team (CSIRT) is to detect that an attack occurred, prevent ongoing damage, repair the damage to the extent possible, reconstitute the affected system functions, and report as appropriate to the United States Computer Emergency Readiness Team (US-CERT) and to other affected parties according to governing regulation and law.

"To be considered a CSIRT, an organization must do as follows:

References Edit

  1. NIST Special Publication 800-61 (rev. 1), Glossary, at D-1; NIST Special Publication 800-150, at 59.
  2. Internet Security Glossary, at 43.
  3. Id.

Source Edit

See also Edit

Also on Fandom

Random Wiki