DOI : https://doi.org/10.18517/ijaseit.8.6.6692

A Model for Afghanistan’s Cyber Security Incident Response Team

Islahuddin Jalal (1), Maryati Mohd Yusof (2), Zarina Shukur (3), Mohd. Rosmadi Mokhtar (4)
(1) Universiti Kebangsaan Malaysia
(2) Universiti Kebangsaan Malaysia
(3) Universiti Kebangsaan Malaysia
(4) Universiti Kebangsaan Malaysia
Fulltext View | Download
How to cite (IJASEIT) :
Jalal, Islahuddin, et al. “A Model for Afghanistan’s Cyber Security Incident Response Team”. International Journal on Advanced Science, Engineering and Information Technology, vol. 8, no. 6, Dec. 2018, pp. 2620-6, doi:10.18517/ijaseit.8.6.6692.
Citation Format :
Persistent cyber threats require effective and efficient mitigation techniques. The cyber security incident response team (CSIRT) is expected to respond to external and internal cyber threats or incidents. Various organizational, national, and international level CSIRTs have been developed for defending and protecting such kinds of threats. Developing countries like Afghanistan have also formed a Computer Emergency Response Team for handling national cyber incidents although it provides limited services to only a few constituencies and depends on funding from foreign donors. Therefore, a new organizational model was proposed to provide guidelines for a specific country, instead of a provision from a constitutional context. Five national CSIRTs were compared to identify their features and characteristics to provide basis for the proposed framework.  The study presented the proposed model based on two CSIRT organizational models that incorporated a new funding strategy to achieve a Sustainable National CSIRT for developing countries. Our model combined coordinate and security teams; if consists of constituency’s mission, services, resources, organizational framework, and funding strategy. This study employed qualitative method by using document analysis and interview techniques. CSIRT for Afghanistan known as AFCERT was evaluated in terms of structure, services, resources, and funding.  AFCERT services level were below the standard of a national CSIRT. Therefore, a more sustainable service need to be provided based on the proposed model components. Findings showed the suitability and potential of the model in controlling and mitigating cyber-attacks, more specifically in the context of Afghanistan.

J.Govil (2007) Ramifications of Cyber Crime and Suggestive Preventive Measures. The 2007 IEEE EIT Proceeding, 610-615

A. Hammond. (2018). February 16, 2018. Three Issues to Address. The Data Center Journal Cybersecurity 2018 http://www.datacenterjournal.com/cybersecurity-2018-three-issues-address.

Profile, I. C. (n.d.). ITU. Retrieved 2014, from ITU [Online]. Available: http://www.itu.int/en/ITU-D/Cybersecurity/Pages/default.aspx

Information and Cyber Security Directorate Director Interview.

R. Ruefle, K.v. Wyk and L. Tosic (2013). New Zealand Security Incident Management Guide for Computer Security Incident Response Teams (CSIRTs). New Zealand National Cyber Security Centre Government Communication Security Bureau, Developed in cooperation with the CERT® Division of the Software Engineering Institute at Carnegie Mellon University.

G. Killcerce (2003). Organizational Models for Computer Security incident response Team (CSIRT). CMU/SEI-2003-HB-001.

M. Zajicek (2004). Creating and Managing: CSIRTs-notes. Creating and Managing Computer security incident response teams (CSIRTs) . United States of America: CERT/CC.

S. Bradshaw. (2015) Combatting Cyber Threats: CSIRTs and Fostering International Cooperation on Cybersecurity. Published by the Center for International Governance Innovation and Chatham House. Ourinternet.org.

Rick Van der Kleij, Geert Kleinhuis and Heather Young Computer Security Incident Response Team Effectiveness: A Needs AssessmentFrontiers in Psychology, Front. Psychol., 12 December 2017 https://doi.org/10.3389/fpsyg.2017.02179

FIRST/TF-CSIRT: The Changing Face of Cybersecurity By Kevin Meynell Published by Internet Society [Online]. Available: https://www.internetsociety.org/blog/2018/02/first-tf-csirt-changing-face-cybersecurity

N. Brownlee (1998). ietf.org. Retrieved 2014, ISOC [Online]. Available: https://www.ietf.org/rfc/rfc2350.txt

[

G. Killcrece and R. Ruefle (2008). Creating and Managing Computer Security Incident Response Teams (CSIRTs). Carnegie Mellon University.

Kas Clark, D. S. (2014). A Dutch Approach to Cybersecurity through participation. Copublished by the IEEE Computer and Reliability Societies, 27-34.

I. Jalal, Z. Shukur and M.R. Mokhtar. (2017) 3C-CSIRT Model: A Sustainable National CSIRT For Afghanistan. The 2017 6th International Conference on Electrical Engineering and Informatics (ICEEI), 25-27 Nov 2017. Langkawi.

Y.M. Wara and D.Sing. (2015) A Guide to Establishing Computer Security Incident Response Team (CSIRT) For National Research and Education Network (NREN). The 2015 African Journal of Computing & ICT.

I.S.M.H.a.T.M Rober Morgus, “National CSIRTs and Their Role In Computer Security Incident Response, “ GPPi, 2015

CERT-In. http://www.cert-india.com/(2014). Retrieved 2014, from CERT-In website.

CNCERT. About us: CNCERT website. Retrieved 12 23, 2014, from CNCERT website: http://www.cert.org.cn/

J. Carpenter and J. Haller (2010). Establishing a National Computer Security Incident Response Team (CSIRT) . (J. Allen, Interviewer)

European CyberSecurity Journal : Strategic Perspective on CyberSecurity Management and Public Policies A Multistakeholder Approach To Cybersecurity Policy Development Lea Kaspar and Matthew Shears Volume 3 (2017)â–ª ISSUE 3

K. Salamzada. Z. Shukur and M. Abu Bakar (2015). A Framework for Cybersecurity Strategy for Developing Countries: Case Study of Afghanistan. Asia-Pacific Journal of Infrmation Technology and Multimedia, Vol(4), No 1 (2015)

CERT Australia (website). Retrieved 21 Feb, 2018 [Online]. Available: https://www.cert.gov.au/news/cyber-security-challenges-2018

Benjamin Dean and Rose McDermott, A Research Agenda to Improve Decision Making in Cyber Security Policy, 5 Penn. St. J.L. & Int'l Aff. 29. Available at: http://elibrary.law.psu.edu/jlia/vol5/iss1/4

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Authors who publish with this journal agree to the following terms:

    1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
    2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
    3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).