CERT team involving GEs structured
Mostly, the systems attached to the Internet lack the ease of administration. Kuwaitian GE and non-GE entities are of the most businesses that daily resides their data on and flows across the networks to conduct their business operations over the Internet. As a result, the organizations connected th...
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
2015
|
| Subjects: | |
| Online Access: | http://irep.iium.edu.my/50763/ http://irep.iium.edu.my/50763/ http://irep.iium.edu.my/50763/1/50763_-_CERT_team_involving_GEs_structured.pdf |
| id |
iium-50763 |
|---|---|
| recordtype |
eprints |
| spelling |
iium-507632018-02-26T08:56:12Z http://irep.iium.edu.my/50763/ CERT team involving GEs structured Abdulkareem Alenezi, Khaled Taha Alshaikhli , Imad Fakhri Abdullah, Lili Marziana AlAhmad, Mohammad A. QA75 Electronic computers. Computer science Mostly, the systems attached to the Internet lack the ease of administration. Kuwaitian GE and non-GE entities are of the most businesses that daily resides their data on and flows across the networks to conduct their business operations over the Internet. As a result, the organizations connected through the Internet are not securely configured. Additionally the underlying network protocols that support Internet communication are insecure. Such difficulties involved in protecting the data securely make Internet systems vulnerable to cyber-attacks.Therefore, when a cyber-attack on an organization occurs, it is critical for the affected organization to have a fast and effective means of responding in order to limit the damage done and lower the cost of recovery.Hence, a formal and specialized incident response capability for protecting GE and non-GE entities in Kuwait nationis established. This team is called Kuwait Computer Emergency Response Team and it is abbreviated as K-CERT. This team provides a single point of contact for reporting computer security incidents and problems. K-CERT serves as a repository for incident information, a center for incident analysis, and a coordinator of incident response across Kuwait nation. In this article, we specify the infrastructure of K-CERT that including, but are not limited to, served constituencies, team services, team structure, team staff, and team incident response personnel roles. As the Kuwait GE and non-GE have a closed geographic proximity, we proposed a centralized team as working model that consists of staff with proficiency in all systems and platforms supported by the entities in the nation. A workflow strategy that enable the day-to-day operation of the team is developed to handle an incident efficiently. This workflow model includes the details for an incident reporting, or detection, registration, assessment, categorization, prioritization, containment and recovery, post-analysis, and documentation. To success the incident response program, we develop a procedure for K-CERT that makes the organization preventing the incidents occurrence as much as possible by ensuring that systems, networks, and applications are sufficiently secure.It is expected that such infrastructure of K-CERT and its associated incident prevention procedures, and incident handling workflow model will make effectively the GE and Non- GE in Kuwait accurately and completely protected against cyber-attacks. 2015-10 Article PeerReviewed application/pdf en http://irep.iium.edu.my/50763/1/50763_-_CERT_team_involving_GEs_structured.pdf Abdulkareem Alenezi, Khaled and Taha Alshaikhli , Imad Fakhri and Abdullah, Lili Marziana and AlAhmad, Mohammad A. (2015) CERT team involving GEs structured. International Journal of Innovative Research in Engineering & Multidisciplinary Physical Sciences, 3 (3). pp. 12-26. ISSN 2349-730 http://ijirmps.com/ |
| repository_type |
Digital Repository |
| institution_category |
Local University |
| institution |
International Islamic University Malaysia |
| building |
IIUM Repository |
| collection |
Online Access |
| language |
English |
| topic |
QA75 Electronic computers. Computer science |
| spellingShingle |
QA75 Electronic computers. Computer science Abdulkareem Alenezi, Khaled Taha Alshaikhli , Imad Fakhri Abdullah, Lili Marziana AlAhmad, Mohammad A. CERT team involving GEs structured |
| description |
Mostly, the systems attached to the Internet lack the ease of administration. Kuwaitian GE and non-GE entities are of the most businesses that daily resides their data on and flows across the networks to conduct their business operations over the Internet. As a result, the organizations connected through the Internet are not securely configured. Additionally the underlying network protocols that support Internet communication are insecure. Such difficulties involved in protecting the data securely make Internet systems vulnerable to cyber-attacks.Therefore, when a cyber-attack on an organization occurs, it is critical for the affected organization to have a fast and effective means of responding in order to limit the damage done and lower the cost of recovery.Hence, a formal and specialized incident response capability for protecting GE and non-GE entities in Kuwait nationis established. This team is called Kuwait Computer Emergency Response Team and it is abbreviated as K-CERT. This team provides a single point of contact for reporting computer security incidents and problems. K-CERT serves as a repository for incident information, a center for incident analysis, and a coordinator of incident response across Kuwait nation. In this article, we specify the infrastructure of K-CERT that including, but are not limited to, served constituencies, team services, team structure, team staff, and team incident response personnel roles. As the Kuwait GE and non-GE have a closed geographic proximity, we proposed a centralized team as working model that consists of staff with proficiency in all systems and platforms supported by the entities in the nation. A workflow strategy that enable the day-to-day operation of the team is developed to handle an incident efficiently. This workflow model includes the details for an incident reporting, or detection, registration, assessment, categorization, prioritization, containment and recovery, post-analysis, and documentation. To success the incident response program, we develop a procedure for K-CERT that makes the organization preventing the incidents occurrence as much as possible by ensuring that systems, networks, and applications are sufficiently secure.It is expected that such infrastructure of K-CERT and its associated incident prevention procedures, and incident handling workflow model will make effectively the GE and Non- GE in Kuwait accurately and completely protected against cyber-attacks. |
| format |
Article |
| author |
Abdulkareem Alenezi, Khaled Taha Alshaikhli , Imad Fakhri Abdullah, Lili Marziana AlAhmad, Mohammad A. |
| author_facet |
Abdulkareem Alenezi, Khaled Taha Alshaikhli , Imad Fakhri Abdullah, Lili Marziana AlAhmad, Mohammad A. |
| author_sort |
Abdulkareem Alenezi, Khaled |
| title |
CERT team involving GEs structured |
| title_short |
CERT team involving GEs structured |
| title_full |
CERT team involving GEs structured |
| title_fullStr |
CERT team involving GEs structured |
| title_full_unstemmed |
CERT team involving GEs structured |
| title_sort |
cert team involving ges structured |
| publishDate |
2015 |
| url |
http://irep.iium.edu.my/50763/ http://irep.iium.edu.my/50763/ http://irep.iium.edu.my/50763/1/50763_-_CERT_team_involving_GEs_structured.pdf |
| first_indexed |
2023-09-18T21:11:49Z |
| last_indexed |
2023-09-18T21:11:49Z |
| _version_ |
1777411303040614400 |