What was the purpose of the study?
The major objective of this study is to examine the primary areas of needs for producing a
CSIRT model and creating a management model based on the areas of requirement analysis in
the existing CSIRT literature. Two views of the model are displayed: a tactical view and a
strategic one. Using a DSR (design science research) paradigm, building management models are
created. The business prerequisites required to create a CSIRT model are also covered.
What models did the authors evaluate? What models performed better and why?
Strategic view- It focuses on the needs of the business and the choices made by higher-level
managers. It indicates the starting point of the model, which mostly refers to the initial choices
made when developing the CSIRT model, including:
Choosing the CSIRT's target audience; and choosing the best funding strategy.
The tactical view- is concerned with the connections that the four Ps (People, Process, Partner,
and Products) still have with the environment. The "how" part of constructing the CSIRT is
covered by the view that is employed following the strategic view.
The tactical view is superior to the strategic view because it considers the interaction of people,
technologies, and processes. The environment and a constituency are utilized for the people,
services, processes, tools, and other domains, much like in the entry points. The connections
between the left regions are also included.
Assume you are assisting with IR planning for the Wilmington University Library. What
recommendations would you have Wilmington University Library for serving students and
faculty?
3
Protect the passwords – Both instructors and students should choose secure passwords and use
unique ones for each website. To safeguard the system against threats, do this is easy. Passwords
are stored in the password manager.
Limit the use of external devices- which are used to implant malware in computers and, if the
device becomes infected, infects the computers as well, further compromising the privacy of
their personal information. So, before using, these should be scanned.
Educating the staff regarding malware links or wrong websites – Employees must also be
made aware of the risks. It should be made clear to staff members that they should never open
attachments, links, or emails from senders they are unfamiliar with.
Assume you are assisting with IR planning for the Wilmington University Library. What
risks would you identify and what recommendations do you have for the Library's Incident
Response Plan?
Malware – Using USB drives can permit users to access the network system through which they
can access malware.
Ransomware – Malware is what encrypts the server or the entire computer's data. It is easily
propagated throughout the network. Mail attacks are one way it can attack and have an impact on
the system.
Remote work vulnerabilities – As the remote system includes the systems at their homes from
any other locations are less secure. They may be vulnerable to browser-based attacks and it
becomes difficult to fix once they occur.
Recommendations for the above risks are:
Secure configuration – Each device must be set up to ensure that services are only offered to
specific networks or systems. It will assist in lowering some devices' susceptibility.
4
Internet gateways and boundary firewall – To safeguard the systems, data, or applications
from unwanted access, network techniques such as boundary firewalls, internet gateways, and
other devices are necessary. A border firewall manages all incoming and outgoing traffic and
stops frequent cyberattacks that can be easily launched from the internet.
5
References
William, D. (2021). Cybersecurity Checklist for When Your Library Reopens. Retrieved 29
January 2021, from https://blog.techsoup.org/posts/cybersecurity-checklist-for-when-
your-library-reopens