New America - GPPi Report on Computer Security Incident Response Teams Provides a Baseline Understanding of CSIRTs for Policy-Makers

WASHINGTON DC - New America's Cybersecurity Initiative and the Global Public Policy Institute (GPPi) released the first paper in a series of publications examining the role of CSIRTs in cybersecurity.

Concurrent with cybersecurity’s ascension up the political agenda over the course of the last decade, CSIRTs have undergone a transformation. As more and more sophisticated threats come online, more countries have sought the ability to combat them. Indeed, many transnational and regional organizations have begun to suggest the creation of national CSIRTs in their efforts to spread capacity and encourage confidence in cyberspace.  

In recent months, leading thinkers in cybersecurity have noted the disconnect between the technology and policy-communities and the need to convene multiple groups to discuss critical tensions in this space. “For these reasons and more, we hope that this report will help provide policy-makers with a better understanding of the underlying principles and culture that are the foundation of the technical incident response community,” said Robert Morgus, one of the report’s authors. “The technical CSIRT community, part of which is becoming increasingly embedded in government structures, is a natural place to begin fostering this understanding.” This new paper seeks to stimulate this dialogue by providing a high-level primer on what CSIRTs are, examining the different types that exist, and evaluating the important principles that underlie CSIRT effectiveness.  

To read the full report, please click here.