TRANSITS Workshop 2023 Summer Participation Report
Introduction
Hello, Morino from KINTO Technologies CSIRT here.
I participated in the Japan Ceasert Association's TRANSITS Workshop in Summer 2023, which ran for three days from July 12 2023 (Wed) to 14 (Fri). TRANSITS provides training content from Europe on the establishment and operation of CSIRT. In this workshop, I learned about the four modules: Organization, Operations, Technology and Law.
CSIRT stands for Computer Security Incident Response Team, referring to a team that responds to computer security incidents. Computer security incidents include leakage of confidential information, unauthorized intrusion into computer systems, and malware infections, etc.
Organization Module
In the Organizational Module, I learned about the role of the CSIRT, the services it provides, and the structure, etc. of its team. There was also an incident scenario exercise in which each team played the roles of a CSIRT member, an attacker, etc. In this exercise, I experienced the flow of incident response and the importance of communication.
Operations Module
In the Operations module, I learned about incident response and incident handling. "Incident response" refers to addressing incidents such as analysis and containment of incidents, etc. whereas "incident handling" refers to the overall response to incidents. There was also an exercise for each team to examine the incident handling process. This exercise taught me about the importance of preparing an incident response procedure in advance.
Technology Module
In the technical module, I learned about the attackers' techniques and methods, etc. During the lecture, there was a talk from a security vendor who is involved in the analysis of incidents that occur in various organizations. In almost every incident in which the security vendor was involved in, they claimed that the attacks could have been detected if properly monitored. I was also impressed by the following words, which were described as the foundation of security.
- Close doors after you have opened them
- Tidy up after you
- If you start a system, always put maintenance measures in place
Law module
In the law module, I learned about cybersecurity laws and regulations. The legal requirements and precautions for capturing and storing logs were specifically discussed in detail. Along with an introduction to the eDiscovery system, a security service provider also explained how to cooperate with the police.
Summary
The TRANSITS Workshop in Summer 2023 was an unforgettable experience. I was able to deepen my knowledge and skills related to CSIRT through the lectures I attended. Furthermore, participating in exercises allowed me to interact with fellow participants, enriching the overall experience. I highly recommend this workshop for those who are establishing or operating a CSIRT.
関連記事 | Related Posts
Cybersecurity Symposium in Dogo 2023 Report
Working for tech companies in Japan
Information Security Workshop in Echigo Yuzawa 2022 Report
Sharing How Great Was Our Group Reading Session 'Learning from GitLab: How to Create the World's Most Advanced Remote Organization'.
第28回サイバー犯罪に関する白浜シンポジウム 参加レポート
Initial Challenges in the Website Restructuring Project
We are hiring!
サイバーセキュリティコンサルタント(国内)(メンバー〜リーダークラス)/セキュリティ・プライバシーG/東京・名古屋・大阪
セキュリティ・プライバシーグループについてセキュリティチームは当社におけるセキュリティ専任組織として以下のような取り組みを行っております。
セキュリティ/コーポレートエンジニア(オープンポジション)/IT/IS部/東京・名古屋・大阪
IT/IS部についてKINTOテクノロジーズという開発組織の「より開発に専念できる技術・セキュリティ環境」を創るため、2024年4月に新たに設立された部です。それぞれ専門領域を持った各組織が連携し、全社員に向けた価値を創出しています。