Implementing a Computer Incident Response Team in a Smaller, Limited Resource Organizational Setting

Information security risks are an ever-increasing threat; protecting your organization's information in today's environment is of great concern and importance and it presents a formidable task for organizations to undertake. Many organizations have established Security Programs and Plans to deal with the myriad of threats present for any infrastructure. Security Programs are essential to an organization and aid in protecting you from potential threats and vulnerabilities. However, Security Programs alone will not protect you and your organization from all incidents. Many organizations are developing their own Computer Incident Response Team (CIRT) or possibly outsourcing in this area. A CIRT provides an organization with a structured, clearly defined plan for dealing with threats and incidents. Smaller scale organizations or those with limited resources might think that a Computer Incident Response Team is not necessary or feasible. It is the intent of this study to focus on and discuss the challenges a smaller organization faces in implementing a Computer Incident Response Team, and offers a simple, practical approach to implementing a CIRT by outlining some basic steps involved in the implementation process given limited resources.