Workshop 11 - Building a Computer Security Incident Response Team (CSIRT)
|Speaker:||Mr. Don Stikvoort||
|HKPC Building, 78 Tat Chee Avenue, Kowloon, Hong Kong|
|Date:||10 - 12 Oct 2018 (3 days)||
|09:30 - 17:00|
||HK$9,990 (Early Bird: HK$9,650)|
|Member Fee for Organizer/Supporting Organization||HK$9,650 (Early Bird: HK$9,350)|
Medium of Instruction
Nature & Objectives
CSIRT introduction training
CSIRT = cyber security incident response team : the fire brigades of the Internet
Topics covered: organisation maturity, operational aspects, technical introduction, communication and exercises.
The objective is to become aware of the most important aspects in setting-up, running and improving a CSIRT.
- Organisational module
- Legal module (to be taught together with SC Leung because of specific legal aspects of Hong Kong)
- Operational module
- Technical introduction module (to be taught by local technical staff – Don Stikvoort offers a free 1-day trainer training before the training course to enhance the trainer skills of local staff)
- Exercises embedded in modules plus roleplay
- Communication aspects
- CSIRT maturity (SIM3)
Who Should Attend
- Those setting up a CSIRT in their organization.
- New CSIRT team members.
- CSIRT managers and communication staff who want to understand more about the CSIRT framework.
Requirement for Participant
Each participant is required to bring a laptop and power cord. Participants will receive the training materials prior to the workshop.
Mr. Don Stikvoort
CEO & Master Trainer
Don Stikvoort is Partner of m7, and director and co-founder of the companies “S-CURE” and “AVALON Coaching & NLP”. S-CURE is a member of the m7 consortium: m7 offers high level consultancy in the areas of identity management, and information and Internet security – in the latter area specialising in security incident management (CERT), governance/policy matters and translating theories and policies to real life! AVALON offers life & executive coaching and certification trainings in NLP, Coaching, Time Line Therapy® and Hypnotherapy. The companies are based in The Netherlands, yet Don’s client base is international (Europe, North America, Caribbean region, Asia-Pacific, Africa).
Don has worked in the security area for over 25 years. After his academic years that led to a Masters degree (with highest honours) in Physics, he became Infantry platoon commander in the Dutch Army. In 1988 he joined the Dutch national research network. In that capacity he was among the pioneers who created the European Internet, RIPE, the European cooperation of CERTs (TF-CSIRT) and the NL domain registry from 1989 onwards. He was chairman of CERT-NL (now SURFcert) from 1992-1998.
In 1998 he started his first company. A major first assignment was to build the network connecting over 10,000 schools in The Netherlands. Many CERTs were created with his help and guidance, among which the Dutch national team NCSC-NL, and teams for universities (e.g. CERT-RU), major hospitals (CERT-AMC) and multinationals like Philips. Second opinions, audits and maturity assessments in this field have become a speciality – and in that capacity Don developed SIM3, a maturity model for CERTs which is used to certify such teams in Europe today, but is also used by the European Union, and by NCA, the Japanese cooperation of CSIRTs.
Don was deeply involved in the IETF and RIPE in the past, and since 1992 he is on the forefront of the global incident response community, and as such a member of FIRST and TF-CSIRT. Together with Dr. Klaus-Peter Kossakowski he initiated and fostered the closer cooperation of European CERTs. In 1998 he finished the "Handbook for Computer Security Incident Response Teams (CSIRTs)" together with Kossakowski and Moira J. West-Brown of CERT/CC. Don was chairman of the Program Committee for the 1999 FIRST conference in Brisbane, Australia, and kickstarted the international FIRST Secretariat in the same year. Don authored and taught several training modules for the CERT community, some of which are being used worldwide today. He wrote the SIM3 maturity model for CSIRTs, and recently authored the “CSIRT Maturity Kit” on behalf of NCSC-NL (see check.ncsc.nl).
At this moment, Don is actively involved in building and improving the CERT community in Europe and beyond, via TF-CSIRT and the Trusted Introducer, and cooperating with FIRST, APCERT and AfricaCERT. He has been and is the consortium leader for several EU ENISA information security projects. Board/management consultancy on information security, policies, governance and cybercrime issues complete his security portfolio.
Starting this path in 1999, Don is certified as master practitioner and trainer in NLP, coaching, Time Line Therapy® and hypnotherapy - and started AVALON as a result. AVALON’s portfolio is life & executive coaching, and workshops and intensive training courses in NLP and related areas, leading to internationally recognized certifications such as NLP Master Practitioner.
Don’s work with AVALON directly benefits his security work, both in management consultancy and in newly developed workshops like “Reverse Social Engineering: the White Hat’s Gain”, as well as presentation and communication skills trainings. Recently Don was certified as “master trainer” which means he can now also train trainers in diverse areas. He already applies that in the information security area, where he gives “train the trainer” classes to a global audience. Don wrote ENISA’s best practice guide for trainers. Designing and giving trainings is one of his passions, and in that capacity Don has also been the head tutor for TRANSITS (European CERT training framework) since 2005.
Don is sought after to share his views on information security, cybercrime and how this affects business, economy, politics, ethics and human rights. He has discussed such topics in keynote talks on 3 continents. His goal is to challenge his audience to gain deeper insight and understanding, and motivate them to develop the best possible situations in their field and ecosystem.