Abstract:
CSIRT is a group of skilled people who have core knowledge of information security and cyber security incidents. CSIRT team prepares for and responds to the computer security incidents. Almost all organizations take their online security soberly and thus acquire services from CSIRT to control their level of online security. Every CSIRT assists their constituency when a security incident happens and proposes solutions and remediation methodologies to protect them in future. The establishment of CSIRT isn’t an easy task to be developed by anyone, the detailed and hard activity requires expert people who specializes in this domain, understand the pros and cons for needed methodologies and processes. This research study describes the establishment of CSIRT and also the issues and challenges that people face while establishing CSIRT. Moreover, the concepts, methodologies, needs and limitations of existing techniques that people of developing countries have experienced are discussed. This research has highlighted CSIRT high level policies, Pakistan’s cyber-crime law and presented the results of structured literature review investigating the business requirements for establishing a CSIRT. A survey has been conducted for CSIRT need and importance to achieve and understand the security posture of organizations working in the absence of CSIRT in Pakistan.
