The IT Law Wiki
The IT Law Wiki

Definitions[]

A Computer Security Incident Response Team (CSIRT) (also called a Computer Incident Response Team (CIRT) or a Computer Incident Response Center, or a Computer Incident Response Capability) (CIRC) is

[a] capability set up for the purpose of assisting in responding to computer security-related incidents.[1]
[a]n organization "that coordinates and supports the response to security incidents that involve sites within a defined constituency."[2]

Overview[]

The job of a Computer Security Incident Response Team (CSIRT) is to detect that an attack occurred, prevent ongoing damage, repair the damage to the extent possible, reconstitute the affected system functions, and report as appropriate to the United States Computer Emergency Readiness Team (US-CERT) and to other affected parties according to governing regulation and law.

"To be considered a CSIRT, an organization must do as follows:

References[]

Source[]

See also[]