NIST Calls for Suggestions to Speed Computer Incident Teams Responses

Posted on July 1, 2013

The National Institute of Standards and Technology (NIST) has issued a Request for Information (RFI)* seeking guidance for a new special publication focused on improving coordination between Computer Security Incident Response Teams (CSIRTs) and reducing delays when reacting to computer security incidents.

Even though government and industry defend their information systems against hackers, attacks are sometimes successful. When that happens, speed is of the essence.

NIST’s existing Computer Security Incident Handling Guide** provides guidance on organizing a CSIRT, detecting attacks, preventing ongoing damage, repairing systems, restarting operations and reporting breaches.

The RFI calls for input for a new publication, Computer Security Incident Coordination, which will supply guidance, methodologies, procedures and processes to cut response time and limit information loss when multiple organizations are involved.

NIST requests information about best practices, impediments to information sharing and response, risks of collaborative incident response, successful technical standards and technologies, and viewpoints on incident coordination objectives. Authors will use results from the RFI and other information from agencies and stakeholders to draft the new publication.

Source: NIST