The Sector CSIRT Framework: Developing Sector-Based Incident Response Capabilities
Abstract
The U.S. Department of State, Office of the Coordinator for Cyber Issues commissioned the Software Engineering Institute (SEI) to create the Sector CSIRT Framework for (1) developing a sector-based computer security incident response and coordination capability and (2) integrating this capability into a larger national cybersecurity ecosystem as applicable. The framework is a guide for helping interested parties develop the policies, processes, and procedures necessary to operationalize a sector Computer Security Incident Response Team (CSIRT), a uniquely adapted, specialized incident response team. The framework outlines a process that moves the sector CSIRT from concept to reality. The framework helps the team developing the sector CSIRT understand the current conditions of incident response in the sector (i.e., the as-is state) and how to move it to a robust operating state (i.e., the to-be state). It bridges the gap between these two states using a well-defined roadmap and implementation process.
Document Details
- Document Type
- Technical Report
- Publication Date
- Feb 01, 2021
- Accession Number
- AD1137187
Entities
People
- Angel L. Hueca
- Brittany Ann Manley
- David Mcintire
- Justin Novak
- Sharon Mudd
- Tracy A. Bills
Organizations
- Carnegie Mellon University