top of page

創建網絡安全事件響應團隊

創建你的戰鬥團隊

本課程專為負責創建網絡戰隊的經理和項目負責人而設計,從技術上講,這是一個計算機安全事件響應小組 (CSIRT)。本課程對建立網絡戰隊時必須解決的關鍵問題和決策進行了高層次的概述。作為課程的一部分,您的員工將製定行動計劃,該計劃可用作規劃和實施網絡戰隊的起點。他們將知道支持團隊所需的資源和基礎設施類型。此外,與會者將確定在創建 CSIRT 時應制定和實施的政策和程序。

注意:本課程可獲得軟件工程師學院網絡安全碩士學位

 

1.png
2.png

The Cyber Security Incident Response Team (CSIRT) is a key component of an organization's security posture. By definition, a CSIRT is a team of individuals who are responsible for responding to computer security incidents. While the term "computer security incident" can be used to describe any type of event that poses a threat to computer systems or data, in practice, most CSIRTs focus on responding to cyber incidents – that is, events that involve some form of malicious activity carried out using digital means.

A CSIRT assesses threat vulnerabilities and the potential for cyber-attacks.  They also assess the damage caused by an attack and are quickly deployed with pre-planned strategies to mitigate the attack and have the organisation up and running again as quickly as possible.  Their goal is to prevent further attacks from occurring. 

3.png
4.png

Why should I establish a Cyber Security Incident Response Team BEFORE a cyber attack occurs?

Creating a Cyber Security Incident Response Team (CSIRT) is an important step in preparing for a cyber-attack. A CSIRT is a group of people who are trained and prepared to respond to a security incident. The team can provide support during and after an attack, including helping to contain the damage, restore systems, and investigate the incident. Having a CSIRT in place before an attack occurs can help to minimize the impact of the attack and ensure that operations can resume quickly. Furthermore, a CSIRT can help to build trust with customers and other stakeholders by demonstrating that the organization takes security seriously. As such, creating a CSIRT is an important part of preparing for a cyber-attack.

誰應該學習這門課?

  • 現任和未來的 CSIRT 經理; C 級管理人員,例如 CIO、CSO、CRO;和有興趣建立或啟動網絡戰隊的項目負責人。

  • 與 CSIRT 互動並希望更深入了解 CSIRT 如何運作的其他員工。例如,CSIRT 成員;上級管理;媒體關係、法律顧問、執法、人力資源、審計或風險管理人員。

話題

  • 事件管理和與 CSIRT 的關係

  • 規劃 CSIRT 的先決條件

  • 創建 CSIRT 願景

  • CSIRT 的使命、目標和權限級別

  • CSIRT 組織問題和模型

  • 提供服務的範圍和級別

  • 資金問題

  • 僱用和培訓初始 CSIRT 員工

  • 實施 CSIRT 政策和程序

  • CSIRT 基礎設施的要求

  • 實施和運營問題和戰略

  • 協作和溝通問題

你的員工會學到什麼?

您的員工將學習:

  • 了解建立有效的網絡戰隊 (CSIRT) 的要求

  • 戰略性地規劃新網絡戰隊的發展和實施。

  • 突出與組建響應迅速、高效的計算機安全專業人員團隊相關的問題

  • 確定應制定和實施的政策和程序。

  • 了解新網絡戰隊的各種組織模式

  • 了解網絡戰隊可以提供的服務種類和水平

bottom of page