Page 217 - Shaping smarter and more sustainable cities - Striving for sustainable development goals
P. 217
CERT/CSIRT Stakeholders
IT and Network
Team
Legal Business
Department Management
Human
Resources Physical Security
CSIRT
Risk Security
Management Operation Center
Incident Handling and response is not a self contained process.
Relationship, communication channels, data sharing agreements , policies and procedures must
be established across the organization.
Strong commitment is needed from High Management .
CERT/CSIRT Manager is the prime actor to work on this specific task.
Suggested Services
Alert and Warning
CERT/CSIRT responsibilities includes:
In collaboration with SOC and Risk Team CSERT/CSIRT will collect share all the latest
security alerts/information from internet sites with the main goal of:
Coordinating with different teams to maintain highest security level at ISMD.
Patch Management, Anti Virus Management etc.
Trend Analysis for possible emergency scenarios .
Problem Management Security Update report.
Security Assurance audit reports.
Vulnerability Handling and Artifact Handling
CERT/CSIRT responsibilities includes:
In collaboration with Risk Team CSERT/CSIRT will:
Identify the relevance of the information to the City ICT.
Conduct impact analysis of the identified/reported vulnerability.
Gather information about systems vulnerable to identified/reported
vulnerability.
Support the involved team in implementing controls based on priority.
Artifact Handling
CERT/CSIRT responsibilities includes:
Technical examination and analysis of any artifact found on a system.
ITU‐T's Technical Reports And Specifications 207
