CERT team involving GEs structured
Mostly, the systems attached to the Internet lack the ease of administration. Kuwaitian GE and non-GE entities are of the most businesses that daily resides their data on and flows across the networks to conduct their business operations over the Internet. As a result, the organizations connected th...
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
2015
|
| Subjects: | |
| Online Access: | http://irep.iium.edu.my/50763/ http://irep.iium.edu.my/50763/ http://irep.iium.edu.my/50763/1/50763_-_CERT_team_involving_GEs_structured.pdf |
| Summary: | Mostly, the systems attached to the Internet lack the ease of administration. Kuwaitian GE and non-GE entities are of the most businesses that daily resides their data on and flows across the networks to conduct their business operations over the Internet. As a result, the organizations connected through the Internet are not securely configured. Additionally the underlying network protocols that support Internet communication are insecure. Such difficulties involved in protecting the data securely make Internet systems vulnerable to cyber-attacks.Therefore, when a cyber-attack on an organization occurs, it is critical for the affected organization to have a fast and effective means of responding in order to limit the damage done and lower the cost of recovery.Hence, a formal and specialized incident response capability for protecting GE and non-GE entities in Kuwait nationis established. This team is called Kuwait Computer Emergency Response Team and it is abbreviated as K-CERT. This team provides a single point of contact for reporting computer security incidents and problems. K-CERT serves as a repository for incident information, a center for incident analysis, and a coordinator of incident response across Kuwait nation. In this article, we specify the infrastructure of K-CERT that including, but are not limited to, served constituencies, team services, team structure, team staff, and team incident response personnel roles. As the Kuwait GE and non-GE have a closed geographic proximity, we proposed a centralized team as working model that consists of staff with proficiency in all systems and platforms supported by the entities in the nation. A workflow strategy that enable the day-to-day operation of the team is developed to handle an incident efficiently. This workflow model includes the details for an incident reporting, or detection, registration, assessment, categorization, prioritization, containment and recovery, post-analysis, and documentation. To success the incident response program, we develop a procedure for K-CERT that makes the organization preventing the incidents occurrence as much as possible by ensuring that systems, networks, and applications are sufficiently secure.It is expected that such infrastructure of K-CERT and its associated incident prevention procedures, and incident handling workflow model will make effectively the GE and Non- GE in Kuwait accurately and completely protected against cyber-attacks. |
|---|