I just read that the first companies have been given Cyber Incident Response Assistance (CIRA) accreditation by...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
the National Security Cyber Assistance Program (NSCAP). What is this program, and do certified organizations have more to offer than organizations that are not given the NSA's blessing?
While most people are aware of certain areas of the NSA, one of the lesser-known areas is the Information Assurance Directorate (IAD). The IAD is tasked with developing "mission-enhancing information assurance technologies, products and services that enable customers and clients to secure operational information and information systems." It developed SELinux along with other tools to improve "confidence in cyberspace."
One of the strategic initiatives of the IAD is the National Security Cyber Assistance Program, or NSCAP. This initiative created the Cyber Incident Response Assistance, or CIRA, accreditation, which leverages experience in the industry to improve incident response. It was designed to "meet the growing needs of the U.S. Government, supplementing the incident response and intrusion detection services that the NSA/IAD provides." Its main goal is "to identify companies qualified to provide rapid, on-site support to National Security Systems owner and operators in incident response and intrusion detection."
In May 2014, the IAD announced that seven companies were granted CIRA accreditation.
The information security industry has no shortages of certifications, security standards or approval programs. For example, the U.S. Federal Government has FEDRAMP, a cloud service provider approval program that relies on FISMA, and the General Services Administration has an approved full-disk encryption software list relying on NIST standards. Each is a component of an overall information security program, and adding in a new accreditation for incident response could certainly help form that overall program.
To become CIRA accredited, a company must be reviewed in 21 focused areas of incident response -- such as communications, data collection, incident analysis and reporting -- and deliver consistent services.
The high quality and consistent incident response processes associated with CIRA accreditation could make it a certification enterprises may want to strive to achieve, especially for organizations where incident response processes, communications and reporting are extremely important.
The accreditation also encourages enterprises and government agencies to choose an incident response service provider prior to an incident to ensure high quality and consistent incident response results when needed.
Ask the Expert!
Have a question about enterprise threats? Send it via email today! (All questions are anonymous.)
Learn more about security incident response planning.
Dig Deeper on Information Security Incident Response-Information
Related Q&A from Nick Lewis
When NSA cyberweapons went public, attackers bundled them into the EternalRocks malware. Nick Lewis takes a closer look at this new threat and ...continue reading
A Google Docs phishing attack used OAuth tokens to affect more than a million Gmail users. Nick Lewis explains how it happened, and how to defend ...continue reading
A vulnerability in Microsoft's Windows Defender antivirus tool left users open to remote code exploitation. Expert Nick Lewis explains how it ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.