Embed Size (px)
Citation preview
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 1/40
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 2/40
respond to incidents
perform analysis tasks
communicate effectively with your constituency
competent problem solversmust easily adapt to change
must be effective in their daily activities
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 3/40
mission and goals (of the CSIRT)
nature and range of services offered
available staff expertise
constituency size and technology base
anticipated incident load
severity or complexity of incident reports
funding
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 4/40
Personal Skills
Technical Skill
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 5/40
Personal Skills
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 6/40
Communication
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 7/40
Presentation Skill
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 8/40
Diplomacy
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 9/40
Ability to follow
Policies and
Procedures
Compliance
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 10/40Team Skills
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 11/40
Integrity
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 12/40
Knowing One's Limits
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 13/40Coping with Stress
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 14/40
Problem Solving
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 15/40
Time Management
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 16/40
Technical Skills
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 17/40
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 18/40
Technical
Foundation
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 19/40
Security Principles
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 20/40
Security
Vulnerabilities/Weaknesses
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 21/40
The Internet
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 22/40
The Risks
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 23/40
Network Protocols
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 24/40Network Applications and Services
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 25/40
Network Security Issues
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 26/40
Host/System Security Issues
M li i C d
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 27/40
Malicious Code(Viruses, Worms, Trojan Horse programs)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 28/40
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 29/40
Incident
Handling
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 30/40
Local Team Policies and Procedures
U d di /Id if i
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 31/40
Understanding/Identifying
Intruder Techniques
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 32/40
Communicating with Sites
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 33/40
Incident
Analysis
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 34/40
Maintenance of Incident Records
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 35/40
P e r s o n
a l S k i l
l sCommunication
Presentation Skill
Diplomacy
Compliance
Team Skill
IntegrityKnow the limits
Coping with Stress
Problem Solving
Time Management T
e c h n i c a l S k i l
l sTechnical Foundation
• Security Principles
• Security Vulnerabilities/Weaknesses
• The Internet
• Risks
• Network Protocols
• Network Applications and Services
• Network Security Issues
• Host/System Security Issues
• Malicious Code (Viruses, Worms,Trojan Horse programs)
• Programming Skills
Incident Handling
• Local Team Policies and Procedures
• Understanding/Identifying IntruderTechniques
• Communicating with Sites
• Incident Analysis
• Maintenance of Incident Records
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 36/40
IT Security Roadmap
IT FundamentalsIT Security
Fundamentals
Role-basedSpecialist
• NetworkAdministrator
• IT Security Specialist
• IT Security Manager
0 – 1 Years
Experience
1 – 2 Years
Experience
> 3 Years
Experience
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 37/40
Function vs Certification
Security Design and
Compliance Skills
SpecializedSecurity Skills
Network
Security Skills
Basic Security
Concept
Foundation Security
Knowledge
Vendor Specific
Vendor Neutral
Information
Worker
IT Worker
IT Admin
IT Manager
IT Executive
Career Level Required Skills Certifications
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 38/40
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 39/40
DoD Information Assurance (IA)
Workforce Strategy
• Improved IA posture
• Increased confidence that personnel performing IA functions are capable of doing the job
• Mechanism in place to “raise the bar” on IA skills
Certify theWorkforce
• Ability to place trained/capable personnel in IA jobs
• Ability to define standard IA personnel requirements
Manage theWorkforce
• Personnel enabled to hone IA skills, keep up with latest technology, threats andvulnerabilities
Sustain theWorkforce
• Local commanders understand impact of IA on mission accomplishment
• Standard allies and coalition partners can emulate IA for other workforces(acquisition, legal, audit etc.)
Extend theDiscipline
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 40/40
Didik Partono Rudiarto
Tim Ahli ID-SIRTII
