Building CSIRT and its competency

Building Security Incident Response Team and

Its CompetencyDidik Partono Rudiarto

Traditional Security No Longer Works

TECHNOLOGY SKILLS

PERSONAL SKILLS

Personal Skills

Communication

Presentation Skill

Diplomacy

Ability to Follow Policies and Procedures

Team Skills

Integrity

Knowing One's Limits

Coping with Stress

Problem Solving

Time Management

Technical Skills

Technical Foundation

Security Principles

Security Vulnerabilities/Weaknesses

Risk

Network Protocol

Network Application & Services

Network Security Issues

Host/System Security Issues

Malicious Code

Programming Skills

Incident Handling

Local Team Policies and Procedures

Understanding/Identifying Intruder Techniques

Communicating with Sites

Incident Analysis

Maintenance of Incident Records

Skills & Competency Requirements

FOUNDATION

INCIDENT HANDLING

FORENSIC

APPLICATION SECURITY

PENETRATION TESTING

NETWORK SECURITY

INTRUSION ANALYSIS

AUDIT& RISK

MANAGEMENT

SYSTEM ADMINISTRATION

MANAGEMENT LEGAL

Cyber Security Skills Framework

IT Security Roadmap

IT FundamentalsIT Security

Fundamentals

Role-based Specialist

•Network Administrator

• IT Security Specialist

• IT Security Manager

0 – 1 YearsExperience

1 – 2 YearsExperience

> 3 Years Experience

Standards

Information Security CertificationORGANIZATION CERTIFICATION

CompTIA Security+

EC-Council CEH, CHFI, ECSA, ECSP, ENSA, LPT

GIAC GSIF, GSEC, GCIA, GCFW, GCFA, GCIH, GPEN, GCUX, GCWN, GWAPT, GAWN, GREM, GSE

ISACA CISA, CISM, CGEIT, CRISC

(ISC)2 CAP, CISSP, CSSLP, ISSAP, ISSEP, ISSMP, SSCP

ISECOM OPST, OPSA, OPSE, OWSE

Offensive Security OSCP, OSCE

Mile2 CPTE, CPT Consultant

CREST CREST Consultant

IACRB CPT, CEPT

eLearnSecurity eCPPT

Security Certified SCNS, SCNP, SCNA

Brainbench BITSF, BISA

CIW CWSA, CWSS, CWSP

CWNP CWTS, CWNA, CWSP

Cisco Systems CCNA Security, CCSP, CCIE Security

Symantec SCS

CheckPoint CCSA, CCSE, CCMSE, CCSEPE, CCMA

Microsoft MCSA Security

Function vs Certification

Security Design andCompliance Skills

SpecializedSecurity Skills

NetworkSecurity Skills

Basic SecurityConcept

Foundation SecurityKnowledge

Vendor Specific

Vendor Neutral

InformationWorker

IT Worker

IT Admin

IT Manager

IT Executive

Career Level Required Skills Certifications

THANK YOU

Building CSIRT and its competency

Business

Transcript of Building CSIRT and its competency