L’agence europénne de cyber-sécurité ENISA vient de publier une méthode pour apprécier la maturité de sa gestion des incidents et son Computer Security Incident Response Team (CSIRT) en particulier.
CSIRTs will find in ENISA’s new report a comprehensive overview about assessment parameters which was also translated into an online survey tool for a direct maturity self-assessment. The CSIRT maturity improvement process includes a survey with questions and answers for all the parameters of the commonly used SIM3 (Security Incident Management Maturity Model) model, which makes it considerably easier for any CSIRT team to self-assess their maturity in the terms of SIM3.
Pour en savoir plus, voici le détail des critères d’appréciation CSIRT dans ce document:
Cliquer pour accéder à WP2017-O-3-1-1-Update-on-CSIRT-Baseline-capabilities-report.pdf
A noter que cette démarche propose également un questionnaire d’auto-évaluation en ligne.
Le communiqué est disponible ici:
CSIRT maturity evaluation process – How is CSIRT maturity assessed?
ENISA has published a new practical guide for CSIRTs so that they are better prepared to protect their constituencies and improve team’s maturity.
3 commentaires
Commentaires désactivés.