CSIRTs protect cybersecurity; expand job opportunities

In This Story

People Mentioned in This Story

Cybersecurity is a growing concern for anyone using technology—which is pretty much everyone. It’s an area that has seen tremendous research since the first global attacks surfaced in the late 1980s and early 1990s. 

Low-income countries can have challenges with getting appropriate cybersecurity protective measures in place and developing much-needed cybersecurity talents. To address this concern, George Mason Information Sciences and Technology professor Sherif Hashem was part of a team that produced a report ‘Cyber Incident Management in Low-Income Countries.’ The report was funded by Global Affairs Canada, and presented last month in an international webinar by the Global Forum on Cyber Expertise. 

According to Hashem, having Computer Security Incidence Response Teams (CSIRTs) in place can greatly help in handling and preventing cyber attacks. He says Computer Incidence Response is a term that popped up globally about 30 years ago, and it is associated with professionals who respond to the threats made over computer systems and networks.  

“Established CSIRTs can help detect a cyber attack when it happens, and greatly minimize its impact,” Hashem says. “Cyber attacks against critical national infrastructure can be some of the most impactful as they can potentially affect everyone in society.” 

One recent example is the Colonial Pipeline ransomware attack in 2021, the largest cyber attack on an oil infrastructure target in U.S. history, says Hashem. 

“CSIRTs across the globe work together to mitigate such cyber attacks and help bring the criminals to justice,” he says. “Without CSIRTs in situations like this, the aftermath of a cyber attack can be devastating. It’s better to be prepared and minimize any losses; recover quickly.”  

The ‘Cyber Incident Management in Low-Income Countries’ report showcases CSIRT models and structures that are workable within limited budgets. The report also provides guidance on developing technical skills within CSIRTs and highlights a wide range of training programs and tools. 

“Our research findings can be used holistically by any entity looking to establish CSIRTs, whether there is a limited budget or not,” says Hashem. 

The first CSIRT was created by Carnegie Mellon University over thirty years ago, says Hashem. Since then, the cybersecurity space has become an area rich with job opportunities. An estimated 400,000 open cybersecurity jobs are available today in the United States alone. 

“I hope this motivates students to consider information security as a part of their education and career plan,” says Hashem. “The opportunities are endless.” 

The full webinar is available to view on You Tube.  Part 1 and part 2 of the report are also available to view.