CIR Team
Skill Sets for Managing CIR
The employees know their roles and responsibilities, but cyber security incident management is nothing without the right professionals having the right skill sets to execute them. The selection of the cyber security team is critical in ensuring that, when the time comes for an incident, the chosen members will adequately handle it effectively.
It is noted that specific roles require certain traits, which facilitate the development and performance of the previously mentioned processes and functions. These are some of the views on skill set acquisition.
It includes the professionals being able to "look forward," "communicate effectively," and "Upgrade themselves to be competent".
1. Look Forward
The team members must be strategic to protect their technological infrastructure well. Technologies are constantly evolving, leading to advancements in the complexity of cyber security threats and the development of new security measures.
Hence, members must be aware of these changes and prepare accordingly.
2. Communicate Effectively
The team members must communicate effectively with one another and stakeholders/clients. The effective exchange of information is necessary within the organization to facilitate the development of the cyber security program.
This applies to communicating with Senior Management or peers.
3. Update Oneself to be Technically Competent
The team members must be equipped with the latest technical skills and knowledge to immediately assess the current situation and identify technical issues to resolve.
Challenges
Effective cyber security management is not easy for any organization to maintain. There will be incidents, there will be obstacles, there will be challenges both internal and external – and many of these challenges will impede an organization's ability to handle cyber security incidents efficiently.
However, proper guidance and a mindset of resilience first is the first step every organization should take to overcome the obstacles mentioned below. These are some of the critical initiatives to be implemented.
1. Create Awareness Among the Employees Within the Organisation
Many employees are unaware of the implications that cyber security threats pose. The team has to develop a culture that ensures that all employees are regularly updated and notified of the latest development in cyberspace.
2. Manage Third-Parties Relationships
Organizations utilize services from third-party vendors to carry out daily operations. They may not be directly under the organization, but cybercriminals can use them as a platform to attack the organization.
Therefore, the organization has to include these third-party vendors as part of the considerations during the development of the cyber security program.
3. Dynamic Nature of Technology
Technology is ‘alive’; organizations have no fixed formula to prepare for cyber security threats. Furthermore, technology is constantly updating, and an organization can't plan for every situation.
4. Working with the BCM Team
Lastly, the need to work closely with the BCM team on the reduction and response strategy when an organization requires a CIR plan. The team responsible for cyber security needs to understand how the BCM team continues (recover, resume, restore and return) the CBFs of the organization when the IT resources are denied access due to a cyber security incident or attack.
Related Concept to Cybersecurity Coverage by IT Teams
Type of Coverage by IT Team | Team Composition | Maintain Strong Cybersecurity Processes and Functions | Skill Sets and Long-Term Challenges | Back To: Team Handling CIR |
Do You Want to Continue BCM Training onsite or online?
Goh, M. H. (2017). A Manager's Guide to Business Continuity Management for Cyber Security Incidents, 2nd Edition. GMH Pte Ltd.
Reference: Chapter 3 What Are the Typical IT Teams Handling Security for IT? 3.6 Skill Sets and 3.7 Challenges
Note: This version was the draft 2nd Edition being updated in 2023. The numeric in the square bracket [X-X] cross-refers to the actual chapter and section in the 1st Edition.