building the CSIRT team
Hello
I have gone through your post, and I would like to add a few points. There are specific steps which should be followed when building the CSIRT team (Ruefle et al., 2014). The step is always coming up with the decision. After an organization have come up with the decision, there is a need to discuss it with the right people. The discussion will help in analyzing the decision to ensure that it will benefit the organization. After discussing with the right people and getting the support required, the next step is to come up with a plan.
A plan will guide the person in charge when building the CSIRT team. The plan should include the budget and the type of members needed in the team. After coming up with the plan, the next step is recruiting the members. This step is the most critical and the people in charge should be very keen. There is a need not only to consider the educational qualifications only but also the skills needed in this job. The candidates for this job should be highly skilled when it comes to computer security. If possible, the candidates should have experience which will give the organization the confidence.
An organization can decide to take employees within the organization instead of hiring new members. The employees will be working as part-time employees. This approach will help in reducing the cost of employing new workers. The employees within the organization have experience working in the organization; hence they will not have a hard time adapting. However, there are some scenarios where attacks can occur while the employees are busy in other jobs. So, this means that the organization will suffer the effects. Therefore, there is a need to have both part-time and full-time employees as CSIRT team members.
References
Ruefle, R., Dorofee, A., Mundie, D., Householder, A., Murray, M., & Perl, S. (2014). Computer Security Incident Response Team Development and Evolution. IEEE Security & Privacy, 12(5), 16-26. doi: 10.1109/msp.2014.89