Table of contents exchange of letters with the minister executive summary



Download 5.91 Mb.
View original pdf
Page320/329
Date27.11.2023
Size5.91 Mb.
#62728
1   ...   316   317   318   319   320   321   322   323   ...   329
Report of the COI into the Cyber Attack on SingHealth 10 Jan 2019

COI Report – Part VII
Page 410 of 425

(b) The CERT was not trained to understand the tactics, techniques, and procedures (“TTPs”) of advanced attacks. Benjamin had previously never encountered malware that called back to a remote C server – a rather common TTP used by advanced attackers.
1190. Recommendations for improvement of CERT training. Vivek’s expert recommendation was that the CERT should be expanded and trained to detect and respond to advanced attacker activity. Practical goals for training should beset and the CERT should be provided with access to experts they can tap on as needed. Members of the CERT should possess a comprehensive understanding of attack methods, vulnerabilities, and the impact of attacks on IT systems and networks.
1191. Training should focus on building the competencies required in members of a CERT. To build a CERT with capable incident handlers, one needs individuals with a) Relevant technical knowledge and expertise b) The ability to recognise indicators of attack, collect forensic evidence, perform analysis and arrive at reasoned conclusions and c) The ability to communicate effectively within the team and with others across the organisation.
1192. The Skills Framework for Infocomm Technology
117
provides a useful reference on the skills and domain knowledge that CERT members should consider acquiring or upgrading. In addition, CERT members ought to be sent This framework has identified cybersecurity as an emerging trend which requires skills such as cyber forensics, cyber incident management and cyber risk management.


COI Report – Part VII
Page 411 of 425

for proper training conducted by reputable training providers like the SANS institute.
1193. The overall skill-set required of computer security incident responders can include:
118
(a) Personal skills - i) Communication (written and oral ii) Presentation iii) Diplomacy iv) Ability to follow policies and procedures v) Team skills vi) Integrity vii) Knowing one’s limits viii) Coping with stress ix) Problem solving and x) Time management. b) Technical skills – Software Engineering Institute, Carnegie Mellon University, What skills are needed when staffing your CSIRT?”.


Download 5.91 Mb.

Share with your friends:
1   ...   316   317   318   319   320   321   322   323   ...   329



The database is protected by copyright ©ininet.org 2024
send message
    Main page
united states
total number
vast majority
federal government
other side
next generation
supreme court
information contained
current state
executive director
national association
middle east
east coast
general assembly
private sector
same time
west coast
united kingdom
united nations
total amount
full range
highest level
soviet union
european union
national academy