International Journal on Advanced Science, Engineering and Information Technology, Vol. 8 (2018) No. 6, pages: 2620-2626, DOI:10.18517/ijaseit.8.6.6692

A Model for Afghanistan’s Cyber Security Incident Response Team

Islahuddin Jalal, Maryati Mohd Yusof, Zarina Shukur, Mohd. Rosmadi Mokhtar


Persistent cyber threats require effective and efficient mitigation techniques. The cyber security incident response team (CSIRT) is expected to respond to external and internal cyber threats or incidents. Various organizational, national, and international level CSIRTs have been developed for defending and protecting such kinds of threats. Developing countries like Afghanistan have also formed a Computer Emergency Response Team for handling national cyber incidents although it provides limited services to only a few constituencies and depends on funding from foreign donors. Therefore, a new organizational model was proposed to provide guidelines for a specific country, instead of a provision from a constitutional context. Five national CSIRTs were compared to identify their features and characteristics to provide basis for the proposed framework.  The study presented the proposed model based on two CSIRT organizational models that incorporated a new funding strategy to achieve a Sustainable National CSIRT for developing countries. Our model combined coordinate and security teams; if consists of constituency’s mission, services, resources, organizational framework, and funding strategy. This study employed qualitative method by using document analysis and interview techniques. CSIRT for Afghanistan known as AFCERT was evaluated in terms of structure, services, resources, and funding.  AFCERT services level were below the standard of a national CSIRT. Therefore, a more sustainable service need to be provided based on the proposed model components. Findings showed the suitability and potential of the model in controlling and mitigating cyber-attacks, more specifically in the context of Afghanistan.


CSIRT; cyber security, cyber-attacks, cyber policy.

Viewed: 1080 times (since abstract online)

cite this paper     download