Security business menu
Security business
HOME
To be elected
cause
Service
Handling Manufacturer
Examples/reports/
Blog/Glossary
Seminar/
video on demand
Event/Seminar
video on demand

Macnica

Macnica

The increasing number of cyber security crimes has become one of the management issues, and from the perspective of security governance and requests from stakeholders, the CSIRT/SOC system has been established to ensure smooth security operations during normal times and emergencies, mainly for listed companies. is becoming commonplace.

CSIRT and SOC are complementary. SOC is usually outsourced to security specialist analysts who have special knowledge to collect, understand, analyze, and deal with incident information that occurs in cyberspace. On the other hand, CSIRTs need to understand their own organization and environment, create an environment in which incidents are unlikely to occur during normal times, and carry out activities to minimize risks during emergencies (incidents).

The following elements are necessary for the CSIRT to conduct its activities smoothly.

  1. Develop a functional system that matches your company's security sufficiency level and organizational structure
  2. Preparation of procedure manuals and flows for emergencies (when an incident occurs)
  3. A tabletop exercise to check if the CSIRT works as designed
  4. System for consulting with security experts on issues in CSIRT operations during normal times and countermeasures against changes in security risks
  5. Consider and implement measures to be implemented on a regular basis to improve employee literacy

It can be said that by regularly turning these, you can protect your company from cyber attacks and have a security operation system that can respond quickly in the event of an emergency.

Macnica provides services from the construction of your CSIRT to its smooth operation.

1. Develop a functional system that matches your company's security sufficiency level and organizational structure

CSIRT and group security management system design support

In order to respond quickly when an incident occurs, we will clarify the roles and departments necessary for incident response and provide support to strengthen CSIRT activities.

item content
Purpose In order to respond quickly when an incident occurs, we will clarify the roles and departments necessary for incident response and provide support to strengthen CSIRT activities.
By clarifying the security management system of the entire group, it will lead to prompt cooperation in the event of an incident and strengthening of daily security operations.
Implementation content
  1. We would like to hear about your company's current incident response system and group security management system.
  2. We will sort out the current system and extract issues in building a CSIRT and group security management system.
  3. After examining the CSIRT and group security management system, we create a management system diagram and roles for the CSIRT and the entire group.
  4. Review the created document.

*Internal approval will be implemented by the customer according to the customer's internal rules.
Coverage Group security management system
Artifact CSIRT and group security management system chart

Image of deliverables for CSIRT and group security management system design support

CSIRT sample CSIRT sample

CSIRT sample

role sample role sample

role sample

Group security management system sample Group security management system sample

Group security management system sample

2. Preparation of procedure manuals and flows for emergencies (when an incident occurs)

Incident response procedure manual and incident response flow creation support

item content
Purpose In operating the CSIRT, the procedures for responding to incidents are summarized in a procedure manual, and support is provided so that the CSIRT can operate smoothly in the event of an emergency.In addition, by creating an incident response flow, the flow of incident response can be visualized. It will also lead to an improvement in the level of CSIRTs that will start operation.
Implementation content
  1. We would like to hear about your company's current incident response activities.
  2. We will organize the current response method, the procedure, and extract the issues.
  3. Create an incident response procedure manual and an incident response flow.
  4. Review the procedure manual and flow plan.

*Internal approval will be implemented by the customer according to the customer's internal rules.
Coverage Incident response procedures and incident response flow
Artifact Incident response procedures and incident response flow

Deliverable image of incident response procedure creation support

Incident Response / Sample Operating Procedures for CSIRT during Normal Times

Incident Response / Sample Operating Procedures for CSIRT during Normal Times

Incident response flow sample

Incident response flow sample

3. A tabletop exercise to check if the CSIRT works as designed

CSIRT enhancement exercise

4. System for consulting with security experts on issues in CSIRT operations during normal times and countermeasures against changes in security risks

security advisory

5. Consider and implement measures to be implemented on a regular basis to improve employee literacy

Suspicious email training

Inquiry/Document request

In charge of Macnica Security Service Co., Ltd.

inquiry Document request

Mon-Fri 8:45-17:30