Group administrators:
Survey on automated reporting from Janet CSIRT
The environment that Janet CSIRT works in is changing. Almost a decade ago, most of the incidents we dealt with would start with a complaint emailed to us by a human; this would result in a team member having five or ten open incidents, maybe even twenty on a busy day. Nowadays the majority of information we receive is sent to us from automated systems run by third parties; this means that much of our current work is relaying this information and chasing acknowledgements to and from customers.
Other CSIRTs are successfully using increased automation to deliver security intelligence to their respective constituencies, so instead of responding directly to every event, teams route information on malware and vulnerable services in real time to the people who can act upon it.
The work that Janet CSIRT does is moving more in this direction. Increased automation will allow us more time and involvement when important events occur.
This will also allow us to:
- Develop new products, services and intelligence sources that allow customers to improve their own incident response capabilities
- Improve communications with the community by writing and publishing further guidance on security issues
- Increase work with other CSIRTs to develop best practices in incident response
We want to apply our expertise where it can provide the most value to you. By completing this short survey, you will provide us with invaluable feedback which will help shape the future of Janet CSIRT.
Please note that the survey will close on Tuesday 12 August 2014.