Gesellschaft fr Informatik e.V.

Lecture Notes in Informatics


IT-Incident Management & IT-Forensics - IMF 2006, Conference Proceedings October, 18th - 19th, 2006, Stuttgart P-97, 67-81 (2006).


2006


Editors

Oliver Göbel, Dirk Schadt, Sandra Frings, Hardo Hase, Detlef Günther, Jens Nedon (eds.)


Contents

Effectiveness of proactive CSIRT services

Johannes Wiik , Jose J. Gonzalez and Klaus-Peter Kossakowski

Abstract


Many authors have suggested that Computer Security Incident Response Teams (CSIRTs) need to deliver more proactive services to stay effective, but there are hardly any studies investigating to what extent existing proactive services are indeed effective or how to make them more effective. We view the proactive services as cross-organisational learning processes, where CSIRTs facilitate learning between information providers (i. e. vendors of commercial off-the-shelfsoftware) and users of these information (i. e. users of such products) in the CSIRT constituency. Cross-organisational learning processes carry the promise of avoiding incidents and the hope of saving considerable resources, but only if the constituents are enabled to learn from the experiences of the past and from others effectively.


Full Text: PDF

ISBN 978-3-88579-191-1


Last changed 24.01.2012 21:56:43