Buy presentation: August 2019

Saturday, August 31, 2019

Chardham Yatra: Way to Moksha

The Hindu philosophy of life is, when a man attains salvation or mukti, only then he is able to release himself from the repeated cycle of lives and death or reincarnations. It is believed that to come out of this whirlpool of life the best way is -to accomplish moksha. Moksha is the final release from self . It is like loosening of all the bondages and attaining oneness with the one or the almighty. All the religion believes in attaining mocha or salvation . They have different ways to achieve it. The Hindu philosophy believes in four disciplines to achieve it. The first discipline is karma yoga that is working for supreme. The second discipline is Janna yoga that is realizing the supreme. The third way to achieve salvation or moksha is Raja yoga that is meditating for supreme and lastly is Bhakti yoga that is serving supreme with loving devotion. Bhakti yoga is most acceptable yoga to attain salvation and visit to Chardham certainly helps in realizing it. These are four major pilgrimages that is why it is called Chardham. They begin with Yamunotri, Gangotri, Kedarnath and Badrinath. It is believed that yatra or parikarma should always begin from Gangotri and should end at Badrinath . Ancient people believed that a visit to the Himalayas washes away all the sins . That belief still exists and therefore people who are believers come to visit Chardham at least once in their life time to attain inner peace and satisfaction. Situated closest to the nature these dhams are a sort of spiritual adventure. Away from the hustle bustle of city life, amid natureÃ¢â‚¬â„¢s tranquillity, is a time of introspection and a time to realize Supreme Being. That is the reason people visiting dhams become enriched and start looking at the life with a newer perspective.

Friday, August 30, 2019

Analyzing the effectiveness and drawbacks of current Land

Most of the prevailing laws or bills regarding land acquisition, resettlement, compensation, ululation seem inadequate and sources of lot of discordance. This research proposal seeks to analyze the impact of such acts and the reasons of protest and agitations by the affected people. It also aims to find out alternative solutions for such critical issues. In this research study the stakeholders are identified along with their stakes and various literature are analyzed to suggest a methodology for further research and to propose a common ground for amicable discussion and understanding of individual interests.Keywords Land acquisition, rehabilitation, resettlement, consent, compensation, voluntary acquisition, eminent domain, replacement value, public purpose, land valuation, market pricing 4 page Problem Description The 2011 Land Acquisition and Rehabilitation and Resettlement Bill , though well- intentioned, was seriously flawed. It attached an arbitrary mark-up to the historical mar ket price to determine compensation amounts.This will guarantee neither social justice nor the efficient use of resources. The Bill also place d unnecessary & strict conditions on land acquisition, like restrictions on the use of multi-cropped land and insistence on public purpose, all of which would hinder the pace of development thou promoting the interests of farmers. Many such flaws are tried to be addressed in ?The right to fair compensation and transparency in land acquisition, rehabilitation and resettlement act, 20131.While the process of industrialization is facing many problems that en De to be solved, the problem of land for industry and urban development is the most critical one. The fact is that people depend on land not only as title holders but also as landless laborers and share croppers, for natural resources and cultural inputs, for preservation of artisans and age old technologies, for community and family congregation. Often land is taken away without adequate co mpensation or without adequate opportunities for affected people to grow and resettle with dignity.This is inhuman and leads to all kind of contentious issues that have surfaced within the people move into cities, a trend that cannot be stopped, there has to be proper town planning and proper growth of our urban centre?a process that will increase the importance of land. 5 Page Problem Structuring Definitional Issues The experts felt that the bill does not clearly define what constitutes Ã¢â‚¬Ëœrural' and Ã¢â‚¬Ëœ urban' areas. This omission is bound to lead to litigation. It is essential to plug this loophole. The law still does not define or elaborate ?public purposes and again gives the State a free hand on this.Without defining the term ?urgency it makes special provisions for compensation if land is acquired under the ?urgencyÃ¢â‚¬ provision. Also terms like ?eminent domain] (vests sovereign ownership of all land and natural resources embodied in the state, felicitating compul sory takings), ?replacement value], ?willing/unwilling seller] are ambiguous. Consent Consent' to sell?both in government and private and public-partnership projects APP)?is among the most contentious issues in land acquisition. What percentage of landowners consent is required?Should it be required from all land users (e. G. Those dependent on land like agricultural workers, wage laborers, artisans and landless peasants) or only from the land losers? Compensation The current scheme of compensation that the bill has laid down is two times the market price for urban areas and four times the market price for rural areas. These figures were arrived at without any rationale, from a ?top down approach. Affected people have no say on any aspect of the transaction?whether they want to give up he land or what would be a fair price.Institutional Support To understand the position of stakeholders and their needs in order to device a fair solutions, a three-tier institutional structure was moo ted: one for suggesting proposals, one for dialogue and another for decision-making. First one would include think-tanks or academic research organizations which use data, analyses it and make recommendations. Second one would bring 6 Page stakeholders together to deliberate on their respective positions. Finally, the last institution would be given the authority, constitutionally or organizationally, to take final decisions.Transparency would facilitate better evaluation, selection and determination of the market price for land as well as sharing of incremental gain from land development with affected people. Process efficiency implies clarity in legislation which would result in less litigation and realistic deadlines for all parties involved. On viability, there is a need to reach a common ground between the acquirer's right to profit and compensation rights. The experts held that companies acquiring land for public- private partnerships should be given limited control rights. St akeholder map Farmers / Residents Politicians MediaShare croppers Fisherman/ boatman Agricultural laborers Land acquisition for industrial/ developmental/ mining projects Tribal Environmental activists Industrialists Local population Citizens Government 71 page Specific stakeholder and Stake identification Stakeholders Farmers, Residents Stakes Lose the most, as they gives away their land, and don't get future benefits; farmers lose their basic earning activity With not enough land on their own, they need others' land for cultivation Termed as unskilled labor, their livelihood is at stake with decreased agricultural land, more so as they are mainly landless laborsTheir whole livelihood and culture exist around the region they live, as they are mostly dependent on the natural resources; more ever they normally do not have title to land, thus losing out all the benefits Without land, they can't build new plant, also without mining they have to depend upon foreign industrialists Respon sible for both growth & development with restrained inflation and preservation of environmental balance, ecology & citizens' rights Face maximum brunt of degraded environment, inflation, land scarcity Local population/ Directly impacted by industrial waste and effluence, restricted movement wrought land, absence of grazing ground/water body, increased land price Environment Worried with increased industrial waste & pollution and adverse effect on activist nature & biodiversity due to mass land acquisition for mining/industry Main source of information dissipation since internal and local information is seldom spread by industry or Gobo. Cross the county A major influence in creating public opinion on this issue, plus their vote banks can be determined by how they handle such cases 8 | Page Displaced people BOOT graph Pollution Amount Land price Industrial growth Biodiversity Job for agricultural labor Time Literature review Maturities Ghats and Apparatchiks Gosh, in an article (Octo ber, 2011) have analyzed the land laws and current situations and in their opinion the use of market price for voluntary transactions as a proxy for owners' value in forced acquisitions is measured by experts but rather a subjective quantity Ã¢â‚¬â€œ it is whatever the owner deems it to be. They proposed an alternative approach allowing farmers to determine their land price, chose compensation in either cash or land and reallocate the remaining land in most efficient manner. It involves a land auction covering not only the project site but also the surrounding agricultural land.The advantages they put forward is that it is less coercive, it gives strong incentive to bid truthfully, it allows farmers to incorporate their own estimates of future land price inflation into their bids, thereby minimizing the chance of losing out compared to the neighborhood farmers. It also provides an option to leave the land remain as agricultural one incase acquisition effort fails. 9 | Page Vanish Ku mar in his June, 2011 article in PEP, has highlighted the violence in land acquisition by the government and UP government policy on this matter. According to him all episodes of agitation and demands are politicized and farmers find homeless entrapped in a situation where leaders encourage and support their agitations but do very little to tackle the problems. He considered State's role as a ?venture capitalist].He cited the UP policy as best among existing in the country. It introduced a process of negotiations in Greater Oneida with the local farmers leading to signing of a deed. The new policy makes land acquisition more profitable for the farmer defining the State as a mere facilitator. He provided scope for improvement, especially as small farmers and agricultural laborers have very little to gain in this hole procedure, but mentioned the fact that political parties have no intention to make consensus effort on this issue. Ashcan Inhaling and Edit Was (August, 2011)) mentioned the fact that often land-titles are unclear and identifying parties eligible for compensation is rendered difficult.All across the world, the state is gifted with the power to acquire land for public purpose by providing compensation to the landholders. This power directly vested in the constitution (in US, Australia and China) or, is specified in enacted legislation (in Hong Kong, Malaysia and Singapore). However the terms like _ public repose' are ambiguous. Countries like France, Japan, China, Mexico and India explicitly enumerate situations and projects under which land can be acquired or appropriated by the state for public use, whereas Malaysia, Brazil, US, UK and Singapore provide a more generic definition. Also the valuation and acquisition methods differ across the nations. In valuation, net income from land, original use, market value all such aspects are taken into consideration.Countries like Philippines where legal systems are not robust, land market is not well develo ped, or active reliable information in unavailable, 101 page ?replacement value (amount it would cost to replace the asset with a similar asset) technique. It is not easy to discern a set of international best practices with respect frameworks and philosophies laid down in the statutes should be treated as guidelines, incorporating flexibility into the land acquisition processes. Also they mentioned about the delaying in payment of the solarium to affected parties, which leads to dissatisfaction and consequent protests. They proposed negotiation in valuation, compensation, partnering, pool together (land pooling though farmers) many such methods.They cited the Pun example where 123 farmers pooled gather 400 acres of farmland along with a private limited company to build Magistrate city. Here the farmers continue to own the land, own shares in the company and collect dividends on these shares as well as rents from the tenants in the city (Magma, 2008). In an Editorial ? , Economic & Political Weekly] (PEP, August, 2011), the editor cited farmer agitation and state atrocities regarding land acquisition in Maharajah's. Farmers here had given land for Pun-Iambi express highway and similar projects in past, but they have grown steadily distrustful of the government's intentions due to unfulfilled promises.The state government's mishandling of the Naval farmers' agitation and the subsequent police firing causing death of three farmers was exceptionally inept. In Naval, they fear that they will no longer get water from the Pain dam which irrigates their land. Greater the fear about water meant for agriculture being diverted to industry or urban areas is also root-cause of their protests against the Sophia power project in Martial, which requires large amount of water from the Upper Ward dam. Going by the past record of most governments, people have a reason to be distrustful. Voluntarily surrender land for rejects provide no tangible benefits to them. A credible alte rnative to protect their livelihood and a proper compensation plan must be at place. 1 Page Augusta Marti (December, 2010) attempted to solve a key economic problem regarding land acquisition deals using some mathematical models incorporating the logic of an ?annuity or a ?royalty]. It has to do with the claim of the landowner over the future value of land once it is sold and put to alternative use. It also addressed to the adaptation of the so-called Ã¢â‚¬Å"HarlanÃ¢â‚¬ model that relies on predetermined annual payments to the farmers. His argument is that the government will tax a portion of the increased value from the buyer and redistribute it to the landowner acting as a legal taxing authority and not as a negotiator. In this case though the seller will forfeit his property right to the buyer, but will have a rightful claim on the capital gain tax.He also proposed to make this _claim paper' as traceable in market. He suggested for using a part of the taxation infrastructure at the central level for evaluating capital-gains on land and creating accounts exclusively for this purpose taking the buyer, the seller, the government and the option trader into confederacy to ensure that funds raised do not go towards other kinds of fiscal replenishments. Also one can track the transactions between the seller and the option trader. This option as a traceable instrument can satisfy the poor farmers without binding the buyers of land. Stowage Karakas (October, 2011) has seen the market exchange process acting as the main domain of mediating social relationships.He deciphered three interrelated problems with this political/policy position: absence of market for a particular land, non-availability of quantitative standard or reference to measure against Just and fair imposition, consent is not always a natural will as it has political significance beyond liberalism. According to him state must stay away from creating political condition to receive individual consent, rather it should accept the limitations of law and policy in resolving certain contentious issues, and remain open to contingency, by conferring priority to the democratic values of disagreement, dissent and 121 page plurality of modes of existence, only then it will learn to withdraw from prior commitment to any particular rationality and ideology. Ram Sings (May, 2012) has focused on laws that govern the acquisition and transfer f agricultural land for other purposes.He cited the history of eminent domain in India as unmitigated abuses of the law, which remains archaic and ambiguous. Also the callous approach taken by land acquisition collectors (LAG) to determine compensation is a point of discordant. In current situation lot of institutional hurdles like change-in-land-use (CLUB) clearance from the state government, other regulatory clearances from local authorities are there that thwart voluntary transactions. He argued that this is the reason the project developers are better- off bribing the powers that get them to acquire the needed land. He also mentioned poor land records and high transaction cost of individual land transfer.He suggested collective bargaining with the owners or their representatives, cost of compensation be paid by the entity benefiting from the acquisition, initial compensation itself should be determined in light of all of the relevant information, such as type of land, its future value, records of the sale deeds etc. He also argued for the reduction of compulsory acquisition. Colic Gonzales (August, 2010) has indicated the states' prerogative in becoming an estate agent of the companies for acquiring land for them. He analyzed land acts and the outcomes in chronological phases. According to him the Judiciary appears to have misread the mood in the country, providing _ public interest' the widest possible scope. Instead of mass protest, superior Judiciary remained unmoved, stuck to their notions of development unresponsive to the di stress of farmers, tenants and agricultural laborers.According to him, the way forward for Judiciary is to hold that irrespective of the contribution by government, all acquisitions for companies must follow Part VII of the Land Acquisition Act (ALA), which is 131 page acquisition for a company. This is understandable since State governments have come under total corporate control that their first priority is to spend large sums of state funds to assist corporations in the acquisition of lands using the Act. Cantata Lair-Duty, Radii Krishna, Ensnare Mad (February, 2012) in an article in owned companies for resource extraction in Shorthand and sighted that cosmetic changes in mineral governance laws are inadequate to protect the interests of the poor.Granting of mining blocks to private companies for ?captive] coal mining has thoroughly neglected the rights of the tribal. The state equates coal with national placement, energy security and hence strategic sovereignty to avoid the mora l quandary. By virtue of Coal Bearing Areas (Acquisition and Development) Act (CUBA), coal mining generally supersedes the community rights. Thus states change to ?broker states from the old developmental state. Coercion by both company representatives and state agencies is a characteristic of land acquisition in Shorthand. Apart from changes in land-use pattern and the creation of wastelands, mining causes large number of physical and occupational displacement, a fact that state seldom document correctly or address.Environment impact assessment (EIA) remains a toothless safeguard, not documenting possible impacts on local water availability nor assessing the ground-level impact of air pollution on surrounding communities and vegetation. The procedure never takes into account the tribal history, identity and livelihood entwined with the land. It has pushed many tribes into the verge of extinction. According to the authors, only a convoluted logic can equate coal mining by private co mpanies with public purpose or national interest. They asked for a new mineral extractive paradigm, one that does not inflict deep mounds on nature and people. They also asked for the consultation with gram Kasbah and consent of tribal communities for any mining project, 141 Page with the view of optimizing the level of royalties and consequent benefits to impacted communities.OSHA Rampant (November, 2011) has observed that by beginning with the premise that acquisition is inevitable and priority for industrialization, arbitration and infrastructure development, the LARK Bill 2011 has neglected the interest of the land losers. She raised question about state's legitimacy in facilitating the land rangers the way it does. She questions state's relationship with the land, whether it is a landlord, an owner, a trustee, a holder of land, a manager or what? She argued for the _affected families' who are dependent on forests or water bodies and which includes gatherers of forest produce, h unters, fisheries and boatmen and (those whose) livelihood is affected due to acquisition of land. Infant families who got land under any government scheme are also included.She also cited the effect of diluting Ã¢â‚¬ËœThe Forest Rights Act 2006Ã¢â‚¬ ² which helps in land acquisition through change of public repose -where acquisition is based on one purpose but it is used for another purpose. Another bill, _ The Land Titling Bill 2011' shifts the onus of keeping the records updated, even loss of acknowledgement of title to the land or interest in the land from the state to the individual. According to the author this bill is an attempt at communications of land, making it traceable in the land market. Michael Levine (March, 2011) has highlighted the controversies over Sees and large private mining projects in eastern India. According to him, the proposed amendments to the Land

Thursday, August 29, 2019

Behavioral and Cognitive Learning

In behavioral theory, learning involves changes or modifications in our behavior which had in turn been influenced, strengthened or weakened by the environment or other external influences. The introduction of reinforcers greatly impacts behavior. Cognitive theory, on the other hand, posits that individuals are actively involved in the learning process. Rather than external influences, learning depends on already existing prior knowledge.Following this logic, this means that each student after a straight lecture will leave the room carrying with him different sets of new knowledge. A major difference between the two theories is that proponents of behaviorists suggest that learning is involuntary while cognitive learning contends that people are in control of their own learning. For believers of the behavioral theory, the approach to training would be the regular use of contiguity and reinforcers.Contiguity is based on association of experiences that occur in sequence. This is much li ke PavlovÃ¢â‚¬â„¢s dog which salivates in the presence of food. When food was preceded by the ringing of a bell, the dog soon salivates at the ring of the bell. Introduction of reinforcers is another method employed by the behaviorists. This involves a reward-and-punishment scheme on ending or strengthening behavior. Hence, if you do well as a participant, you would probably receive a positive reinforcement so as to further strengthen such behavior.For trainers who employ the cognitive learning theories, they will most likely provide lessons organized in a way that would take into consideration a studentÃ¢â‚¬â„¢s experience and stage of development such that prerequisite trainings may have to be recommended to be taken first before moving on into an advanced stage. General skills will be taught first, reasons and motivations for tasks will usually be provided and group work promoted. Reference Michigan State University. (2005). Teach online. Retrieved January 15, 2008, from http://t eachvu. vu. msu. edu/public/designers/what_is_learning/index. php? page_num=5. Behavioral And Cognitive Learning In behavioral theory, learning involves changes or modifications in our behavior which had in turn been influenced, strengthened or weakened by the environment or other external influences. The introduction of reinforcers greatly impacts behavior. Cognitive theory, on the other hand, posits that individuals are actively involved in the learning process. Rather than external influences, learning depends on already existing prior knowledge.Following this logic, this means that each student after a straight lecture will leave the room carrying with him different sets of new knowledge. A major difference between the two theories is that proponents of behaviorists suggest that learning is involuntary while cognitive learning contends that people are in control of their own learning. For believers of the behavioral theory, the approach to training would be the regular use of contiguity and reinforcers.Contiguity is based on association of experiences that occur in sequence. This is much li ke PavlovÃ¢â‚¬â„¢s dog which salivates in the presence of food. When food was preceded by the ringing of a bell, the dog soon salivates at the ring of the bell. Introduction of reinforcers is another method employed by the behaviorists. This involves a reward-and-punishment scheme on ending or strengthening behavior. Hence, if you do well as a participant, you would probably receive a positive reinforcement so as to further strengthen such behavior.For trainers who employ the cognitive learning theories, they will most likely provide lessons organized in a way that would take into consideration a studentÃ¢â‚¬â„¢s experience and stage of development such that prerequisite trainings may have to be recommended to be taken first before moving on into an advanced stage. General skills will be taught first, reasons and motivations for tasks will usually be provided and group work promoted. Reference Michigan State University. (2005). Teach online. Retrieved January 15, 2008, from http://t eachvu. vu. msu. edu/public/design

Wednesday, August 28, 2019

Privacy and Security in E-Commerce Assignment Example | Topics and Well Written Essays - 1000 words

Privacy and Security in E-Commerce - Assignment Example An overly secure environment looks into the security of the transaction by creating passwords and logins in order to ensure privacy and confidentiality of the details of the transactions. In cases where e-commerce involves financial transactions, the risk of loss of money becomes high hence making security issues key to e-commerce. However, both open and overly secure environments have both advantages and disadvantages. There are various advantages of conducting business in open environments. First, users will not require login and passwords in order to navigate on the websites. Paying for items or making orders will not require one to give login for identification purposes. This makes the process easy and faster compared to a secure environment where login is required. The graphical user interface of open environments is simpler and easy to use hence cause customer satisfaction and convenience (Becker, 2008). Cost advantage also arises in an open environment. There is no cost involv ed in developing a secure environment thereby reducing the need to engage experts in developing the site. The costs of hosting such a website are also lower compared to that of an over security environment which requires shrewd experts to develop. However, the cost may arise where customers sue the business for protection purposes. On the other hand, browsing in an insecure open environment is characterized by various drawbacks. To begin with, the computers can be hacked thus infringing on private information. This may make the future transactions insecure and further cause loss of resources. Moreover, it would be easier to get computer virus attacks, which could stall operations and further cause loss of data that may be expensive to acquire. In addition, a company can be faced with innumerable cases from customers for violation of privacy. Because of the multiple suits, the company risks spending colossal amounts in compensating the customers. In instances that the transactions in volve payment of money or transfers of money, open environments are inappropriate because unauthorized third parties might access the customersÃ¢â‚¬â„¢ private information. There are cases in which customers have been defrauded money hence causing panic and financial losses to the parties. If this happens, the customersÃ¢â‚¬â„¢ confidence and trust are lost hence making open environments riskier and disadvantageous. Similar to an open environment, an overly secure environment also has several advantages and drawbacks. On the side of the advantages, overly secure environment makes customers feel secure therefore promoting online sales. The high number of sales increases the revenues and reduces transaction cost associated with physical transactions. The businesses in ensuring security further achieve their fiduciary obligations of making their customers secure and hence get shielded from legal cases that may arise. A feeling of security encourages repeat purchases. Secondly, overly s ecure environment ensures that the business information is protected from hackers and crackers. When online purchases are made in an open environment, the business equipment and information will remain confidential from being stolen.Ã‚

Tuesday, August 27, 2019

Assignment Example | Topics and Well Written Essays - 500 words - 67

Assignment Example This movie shows that Child health care has been changing over the past centuries, in Brazil. It has been influenced by a number of factors, which include the historical period, guideline of social policies, scientific and technological advances, and the involvement of different social segments and agents (Bailes et al. 1990). According to the movie, disease characteristics and populationÃ¢â‚¬â„¢s differential health are vital for research in Brazilian communities. For example, epidemiological studies in maternal-child health usually address neonatal and perinatal health that illustrate that there are significant relationships between health and disease processes such as nutrition, sanitation, medical care, and income among other health-disease processes (Stanhope & Lancaster, 2012). According to this movie, the unexpected appearance of a strange and fatal pediatric disease, in 1980, alarmed Brazilian public health officials and clinicians to conduct a number of collaborative assessm ents to find the cause this disease. Collaboration between the U.S. Centers for Disease Control and Prevention and the Sao Paulo Secretariat identified that this disease is caused by Haemophilus influenza biogroup aegyptius bacteremia, and eventually named Brazilian purpuric fever (BPF) (Bailes et al. 1990). The movie also presents that the current epidemiological process is based on the concept of risk (Bailes et al. 1990). Medical practitioners, including nurses, are advised to focus on health risk factors to ensure quality health care delivery to the community. In addition, they should primarily focus on risk factors that affects a large number of people like a whole community, but not on an individual. This will enhance the establishment of health service priorities and approximate preventive care needs and community health promotion. For instance,

The Ultimate Reality of the Good God Essay Example | Topics and Well Written Essays - 750 words

The Ultimate Reality of the Good God - Essay Example The Ultimate Reality of Good and Bad Taoism proposes that Yin Yang is the cosmic symbol of primordial unity and harmony and manifest phenomenal quality; the two great regulating forces of cosmic order in the unparalleled world. If Lao Tzu, the founder of Taoism, is correct in his notion as regards the coexistence of good and bad in one body to attain balance, God then is not wholly good, or rather God does not manifest balance. God is good can be understood as a twofold claim: Ã¢â‚¬Å"God is wholly goodÃ¢â‚¬â€there is no defect or blemish in God or in his actions for He never does anything which is ultimately wrong or evil, and God is necessarily good because He is utterly invulnerable to evilÃ¢â‚¬ (Morris 48). As each of us perceives good and evil differently, there can be no definite meaning to both. What one sees as good can be evil in the eyes of another, or what appears to be a bad inception can yield a good result. Nonetheless, man has the tendency to accept a thing as good only if it satisfies his desires. God at times relates to man in ways that cannot be deduced by an ordinary mind, yet His purpose is incontestably good however it affects man. God gives us opportunities to rejoice and grieve, to triumph and suffer defeat, to love and hate for reasons that do not often come out on the surface. As in the story of Job when he was sardonically urged by his wife to curse God for all the mishaps that b efell him, he retorted Ã¢â‚¬Å"Shall we accept good from God and not trouble?Ã¢â‚¬ (Job 2:10 NIV). ... As in the story of Job when he was sardonically urged by his wife to curse God for all the mishaps that befell him, he retorted Ã¢â‚¬Å"Shall we accept good from God and not trouble?Ã¢â‚¬ (Job 2:10 NIV). Good and bad are Ã¢â‚¬Å"at one and the same time a division and reunion, and if they are spoken of as contending forces, they are also co-operating powers and the tension in which they are held is that of harmony, of the mutual play of creation, not of conflictÃ¢â‚¬ (Cooper, Fitzgerald and Stoddart 20). Apart from the nature of God, this is also evident in the way children are reared. The intention of a mother is constantly disposed at what begets good for her offspring, thus will put into practice again the approaches that proved favourable on her first. Despite growing up under the same roof and direction though, children do not grow to be identical in character, nor in fate. Good and bad demonstrates balance in the art of healing. Patients suffering from the same illness may be prescribed different doses of medicine, or different types of medication, for that matter. While a certain remedy benefits one, does not create a firm basis that it will not harm the other. It is true that good and bad are in two distant poles; yet the poles are not separate but bent towards each other to form a connection; that without the combined perception of good and bad, there lies no success in an endeavour. Balancing Reality in Pursuit of Holism Author Brian Luke Seaward (146) states that balance does not necessarily mean a 50/50 ration with whatever sits on either side of the scale. Rather, it might be proportional to a 60/40, 30/70 split, or any combination that equals to a whole (146). The opposites which Taoists suppose as contents of a whole are but merely stages in

Monday, August 26, 2019

Should similar systems of free enterprise, would their most likely Essay

Should similar systems of free enterprise, would their most likely LONGEST TERM outcomes be forms of a permanent worker democracy of communism - Essay Example The free enterprise economy is characterized by monetary sovereignty, altruistic exchange, private chattels and choice of getting maximum profits in the business. People decide ways in which they earn and use their funds they get in the business. Most successful countries that have strong and stable economy apply free enterprise economy system, as it is the worldÃ¢â‚¬â„¢s leading economic structure. Consequently, should similar systems of free enterprise degenerate; I think that their longest term outcomes will be forms of a permanent worker democracy of communism. There are two factors to be noted before it becomes a realism Firstly, every person should be literate and exceptionally knowledgeable, since communism system does not need ignorant, selfish, and greedy individuals. It is established that communism works better among individuals who are aware of the benefits of an exemplary leadership and concerned with assisting the common individuals. Consequently, informed leaders who h ave the skills of leading a country to a successful economic progress can be good in ruling a communist country. Secondly, I think individuals ought to be satisfied with whatever they own instead of wanting to augment themselves; hence, larceny public wealth. Leaders are expected to reach a personal satisfaction that is immeasurable in order to make outstanding leadership. It is difficult for innumerable personalities, since it requires leaders to get satisfied with the positive impacts they put in when governing a country instead of what they gain. Leaders should be able to measure their level of happiness without considering or comparing their happiness with the happenings of the surrounding environment. People should learn to be contented with whatever they have, to achieve social maturity and work harder to ensure that favorable competition prevails through their efforts they put in work. It is

Sunday, August 25, 2019

The John F. Kennedy Assassination Essay Example | Topics and Well Written Essays - 1750 words

The John F. Kennedy Assassination - Essay Example That moment in American history has lived on in popular memory, not just because of the shocking nature of an assassination a serving President in the middle of the Cold War, but also because there were many questions raised about the way the police, FBI, CIA, the justice system and the press handled the event. Many people believed then that there was more behind this event than the official verdict that the President was killed by a gunman acting alone, and in the years since then theories, and also large amounts of new evidence, have been put forward to support the view that some kind of conspiracy lies at the heart of this tragic event. The day began as usual for the President and his entourage with a morning arrival by plane into Dallas airport followed by a visit to his hotel, and then a journey by motorcade towards a lunch appointment at the Trade Mart. The car carrying the President came under fire when it turned into Elm Street, and many witnesses who were present confirmed t hat several shots were heard. One gunman was observed in a nearby building and he was quickly arrested and taken away for questioning. That man was Lee Harvey Oswald, born in 1939 in New Orleans some two months after his fatherÃ¢â‚¬â„¢s death. ... (Benson: 1993, pp229-330) With two older brothers pursuing careers in the military, Lee Harvey Oswald had similar ambitions and from the age of about 17 he developed an interest in all things communist: Ã¢â‚¬Å"It is suspected that, even at this early age, Oswald was already preparing himself for a life in the world of counterintelligence.Ã¢â‚¬ (Benson: 1993, p. 331) He was accepted into the Marine Air Control Squadron at Atsugi Air Force Base in Japan, as a radar operator, and from there continued his interest in Russia. This background lends weight to suspicions that there was a political motivation, and perhaps even some kind of conspiracy involving espionage and international intelligence forces with whom Oswald had contact over the years before the assassination, and many researchers conclude that Oswald was involved at some level in espionage. (Marrs, 1989, p. 189) The subsequent shooting of Lee Harvey Oswald has also been construed by many as further evidence that there was a conspiracy afoot, since it conveniently removes the one person who could give information to the authorities on involvement of other individuals, and provides a scapegoat who can attract all of the responsibility and blame, thus releasing any other co-conspirators from being hunted down and prosecuted. It is astonishing that such a high profile suspect as this one was left to the mercy of a raging mob, and another Ã¢â‚¬Å"lone gunmanÃ¢â‚¬ , and this extraordinary lapse in protocols adds to the mounting evidence that a number of agencies and individuals, including possibly also local police and other law enforcement agencies might have been involved in staging, or at the very least, condoning such an event. One piece of evidence has provided food for thought on the whole event on

Saturday, August 24, 2019

Critical discussion of verbal and non-verbal communication Essay

Critical discussion of verbal and non-verbal communication - Essay Example Poor communication constantly occurs in hospitals and is believed to be responsible for a majority of hospitals treatment errors that cause death to many patients (Harrison and Hart, 2006). These communication breakdowns are likely to occur at specific points especially when breaking news to patients regarding their health, when doctors are being informed by nurses about patientsÃ¢â‚¬â„¢ health, when there is a medical emergency that requires quick treatment and during diagnosis and prescription of treatment. Various reasons have been found to lead to these lapses of communication that leads to wrong diagnosis and treatment as well as patients not being informed of their condition properly (Shives, 2008). Poor communication in hospitals has occurred frequently due to a lack of proper hospital policy in place to ensure that there is a basic protocol followed in the general treatment, resulting to nurses using different methods of treating. These errors could occur during discharge pro cedures as well as the report methods used during admission of emergency cases (Minott, 2008), as both nurses and doctors use different standards of measurement in report filling, making prescriptions and document handling, errors of interpretation are likely to occur. ... Hence, a mental model framework is imperative for the comprehension of verbal and non-verbal cues as well as for staff to share meaning and be able to develop common knowledge (Davidson and Blackman, n.d.). Lack of rules for face-to-face or any other verbal communication such as via telephone could also result in communication barriers forming during treatment especially while changing shifts. Different patients will respond differently to the rapport used by medical staff and although it is difficult to find a universal tone of conversation to use in conversation, it must be noted that it can result in patience feeling uncomfortable communicating as well as shutting down due to a feeling of disrespect or prying by the doctor. The use of vague language and unclear syntactic and pragmatics will also result in the misdiagnosis of patients and the inability of fellow staff members comprehending the sincerity of the patientsÃ¢â‚¬â„¢ illness (Byrne and Byrne 1992; Morrissey and Callaghan, 2011). A differing opinion on what is necessary and what is not is a serious impediment to effective communication between both patient-staff and staff-staff briefing. This is because different opinions have often led to scenarios where vital patient information about welfare is left out as either the patient or the nurses available feel that it is not necessary to explain some details especially if the affected area is very private or if it appears that they are healing and do not want to seem petty. This is more common during oral communication and emergency treatments than when viewing their chart files as different people will have various thoughts on what is important and what is not and information can be forgotten or left out. Infrequent communication by

Friday, August 23, 2019

HW Assignment Example | Topics and Well Written Essays - 250 words - 15

HW - Assignment Example This idea is applicable to both work and residential places where people do not interact more often due to various reasons. People need diversity because it promotes social integration and the development of a strong bond in work or living places. Another idea that I would implement to improve the way I work or live is to observe the rules imposed by authorities. Being a law abiding citizen or worker enables one to concentrate on valuable activities that reduce imprisonment or suspensions from work. This implies that people should always follow the rules do not waste time in the courts or facing disciplinary committees, but concentrate on their activities. Encouraging colleagues and neighbors to observe rules helps in achieving objectives and promoting unity. This is because individuals are free to consult and share ideas in areas that require teamwork and offers a wider perspective of approaching issues. I believe introducing community projects for cultural appreciation and observing regulations are significant ideas that can improve the ways a person lives or works alongside

Thursday, August 22, 2019

Creative Photography Essay Example for Free

Creative Photography Essay What are three examples of forms of music? One example of forms of music Describe each form. What is form in music? Critical Thinking Questions Music has sometimes been referred to as a universal language. Why has this description been applied to music? Emotions are a common feeling shared among human beings. Music communicates so many things that everyone can understand without having to speak a word . It communicates love, frustration, hatred, war, friendship, commerce, marriage, separation, unity, confusion. Music is referred to as a Universal language Do you agree or disagree with this assessment? Yes I agree Why? Music is universal it provokes the same feelings no matter what kind or style it is music cultivates everyoneÃ¢â‚¬â„¢s inner feelings. and thoughts Why is musical notation important? Musical nation is important What benefits do musicians and others receive from being able to write down and note aspects of a musical piece? In the first part of the module, we discussed how music is everywhere in society. What are some of the ways that we use music? How do you use music in your own life? Music can help influence the mood or feeling in a place by the way in which it is played. What is a specific example of this that you have experienced? Discuss the experience (what was the song? how was it played? how did the mood/feeling change? ). For example, you might discuss an experience at a concert, religious service, or another place where music played a part in creating the mood.

Wednesday, August 21, 2019

Multiple Point Competition and Competitive Signaling Essay Example for Free

Multiple Point Competition and Competitive Signaling Essay This paper is the pre-assignment number 5 for course TU-91.2040 Global Strategic Management. The task was to answer three questions based on articles by Karnani, A. Wenerfelt B. (Multiple Point Competition, 1985) and Heil, O. Robertson, T. (Toward a Theory of Competitive Market Signaling: A Research Agenda, 1991). The questions are as follows: 1) How would you define multiple market competition? 2) What are pros and cons of the four alternatives to respond to a competitive attack? 3) Why engage in competitive signaling? Multiple market competition means a situation where two companies compete with each other not only in one place with one product but in several locations and possibly with similar products which are substitutes to each other. A simple example would be two companies of the same industry operating in two countries with the same products. As Karnani and Wenerfelt put it: Ã¢â‚¬Å"The more obvious examples of multiple point competition refer to situations where firms compete simultaneously in different product markets or in different geographical markets for the same product.Ã¢â‚¬ Multiple market competition is characterized by four different situations: peace, limited war, mutual foothold and total war. Total peace is extremely rare if two companies operate in the same market. The more likely situation is limited competition where two companies for example suppress the prices of a single product but do not challenge the competitors on other areas, leading the competition to being limited and not total. Mutual foothold equilibrium means a situation where both companies have a small market share on each otherÃ¢â‚¬â„¢s home/core markets but their core markets are separate and they are not in a total war situation. Total war means a competition in (nearly) every market. This is often a result of an escalation from mutual foothold equilibrium. Total war is usually very costly for both companies and can also lead to weakening and destruction of both companies. If company A comes under a competitive attack by company B, there are basically four ways how company A can react. Say that B lowers the price of product P on a mutual market. The first option is to do nothing. This naturally leads to B getting what it wanted: market share on the product P. The positive side is that there is no competition but the downside is that B won. Doing nothing also indicates weakness which might lead B to attack A on other markets also. The second option is to defend by also lowering the price of product P. This way there is limited competition equilibrium when both companies try to gain market share by suppressing prices. However, this might lead eventually to unprofitability in this product-segment and thus do harm to both companies. The third option for company A is to counterattack by lowering the price of product Q which is also produced by company B. Another example would be that the companies gain new products and penetrate new markets with them to start competing with each other. This way both companies have a foothold in each otherÃ¢â‚¬â„¢s core markets and the situation is thus called mutual foothold equilibrium. Mutual foothold is quite stable as both companies can easily counterattack if another makes a move toward the other. If this happens, the companies are very near to total war which is the fourth option for company A. If the companies end up in total war the companies start to imitate each other with their product portfolio and market presence. The prices and costs are cut in all product lines which leads to lower profits for both companies. The only good thing resulting from a total war is for customers: the momentary price cut. However, a long lasting total war drains the companiesÃ¢â‚¬â„¢ cash and resources for RD which might make the products inferior and the companies vulnerable for new entrants with high-quality technology. Companies can also indicate their future intentions by signaling to other companies. There are basically two reasons for companies to engage in competitive signaling: conveying information or gaining information based on the reactions of the signal-receiving companies. Often the information delivered through different public signals would be illegal to directly communicate to competitors (e.g. a coming price increase) but the signals enable companies to exchange this kind of information. The usual reason for competitive market signaling is for the signal sender to get a pre-emption and to discourage the competitors for following. The message needs to be both clear and packed with a high level of perceived commitment in order for the target companies to take it seriously. The message could be for example an intention of increasing production capacity or expanding to other market. This way the signaling company can gain pre-emptions and read their competitorsÃ¢â‚¬â„¢ reactions and countersignals. Through competitive signaling, companies can exchange information that would otherwise be illegal to convey. One example of such information would be making agreements on price increases. According to Heil and Robertson, this has been evident in airline industry where competing companies agreed on certain types of ticketsÃ¢â‚¬â„¢ pricing by changing their own prices on these tickets. This way other companies could get clear indications for other companiesÃ¢â‚¬â„¢ intension and willingness to raise prices. Exchanging this kind of information would lead to sanctions if the companies were to get caught in it. This kind of information is referred to as competitive norms of conduct. To conclude this, by competitive market signaling, companies might gain important competitor information, pre-emption, mislead competitors or agree on norms of conduct with its competitors.

Tuesday, August 20, 2019

Security Incident Handling Service

Security Incident Handling Service EXECUTIVE SUMMARY 1 INTRODUCTION Expect the unexpected. As soon as a crisis erupts, it should be immediately handled to reduce its potential impact on critical business operations. Such undesirable incidents occur unanticipated and when they do take place, damage or harm is the result. In most aspects of life, it is better to stop something disastrous happening than it is to deal with it after it has happened and IT security is no exception. If possible, security incidents should be dealt accordingly from occurring in the first place. Yet, it is unachievable to prevent security incidents. When an incident does happen, its impact needs to be brought down to adequate recommended level. Security incident handling outlines the actions to follow in an event that an electronic information system is compromised. An event is declared an incident when the confidentiality, integrity or availability (CIA) elements of a system is compromised. Significant commodities such as information and knowledge must be safeguarded at all c osts. Communications within an organization and its interactions to its customer base are regarded as the life blood in this IT intensive fast paced world. If an organization is inoperative for any period of time, it may cost millions in lost business or loss of reputation. Size of an organization does not matter. Unexpected downtime influences organizations of all sizes impacting revenue, customer satisfaction and overall production. It is vital that they quickly recover from such downtime and restore operation and re-establish their presence to ensure survival. Consequently, many firms have realized the importance of setting up incident handling procedures. One of the drawbacks is that many organizations learn how to respond to security incidents only after suffering from them. In the course of time, incidents often become much more costly. Proper incident response should be an integral part of the overall security policy and risk mitigation strategy. Incident handling procedures that are in place in an organization improves to maintain the business continuity of critical operations. In todays competitive economy, a company cant afford to cease critical business operations and remain idle for long period of time because of lack of incident handing procedures. Thus, an organization needs to be well prepared for continuity or recovery of systems. This typically requires a considerable investment of time and money with the aim of ensuring minimal losses in the event of a disruptive event. The goal of setting up incident handling procedures is to know exactly what to do when an incident breaks out. This means anticipating scenarios before they occur and making appropriate decisions about them in advance. Those assessments typically demand consultation and senior management support, hence these people are needed early immediately after an incident has been confirmed. For example, just deciding who to tell when an incident occurs can be hard to determine. Manageme nt needs to provide input to respond quickly and this embarks into issues like after hours support and mixed project/support roles. External support may also be sought, resulting in additional cost, time and effort to select partners. 1.1 PURPOSE OF THE DOCUMENT This document provides guidance to identify and record the nature and scope of a computer security incident handling service. This paper discusses the functions that support the service, how those functions interrelate and the tools, procedures and roles necessary to implement the service. It also concentrates on incident analysis. For example, we can make a comparison between a fire that broke off in an apartment and a computer security incident that happened in an organization. Similarly as a fire department will investigate a fire to know where it originated from, a Computer Security Incident Response Team (CSIRT) tries to figure out how the security incident occurred. Both the fire department and CSIRT operate in the same approach. A fire department needs to get along with other fire departments on it can depend on for additional support in peak times or to tackle a serious catastrophe. It must cooperate with other emergency units to react promptly and provide law enforcement. Th is document will discuss how CSIRTs interact with other organizations, such as the department that reported the security incident to it, other CSIRTs, law enforcement and the media. Both fire department and CSIRT need to properly handle information, some of which is sensitive and relevant to the individual held responsible for the crime. Information handling is considered to be an indispensable discussion subject in this paper. CSIRTs propose client confidentiality in the same manner that many emergency units do, safeguarding reporters and victims from public disclosure. CSIRT survival depends on handling confidential information appropriately, because if it cant be trusted, nobody will report to it, thus making it almost useless. CSIRTs have committed permanent staff as well as part-time, volunteer staff and reliable security experts to handle an unexpected security emergency. Its staff is at the frontline in event of a crisis, CSIRT achievement depends on their interaction with th e outside world and the image that they project by the way of performing their duties and the service quality that they provide. To attain such high level of success, recruiting suitably competent staff seems to be a complicated process. People in charge of appointing CSIRT staff mistakenly look for unsuitable set of talent and ability in prospective employees. For that reason, this paper discusses staffing and hiring concerns and actions to guarantee that CSIRT staff offer reliable, pleasant and specialized service. Other services besides the incident handling service, such as the supply of intrusion detection assistance and vulnerability handling are also provided by CSIRT. The information in this paper is understandable in such a manner that is basic to the reader to put it into operation to any type of CSIRT setting, from in-house team for a company to an international coordination center. This document is intended to present a valuable foundation to both recently created teams and existing teams where there is a lack of clearly defined or documented services, policies and procedures. This paper is more appropriate to use during the early stages when a company has acquired management support and funding to set up a CSIRT, before the team becomes operational. Moreover, this paper can be still a valuable reference document for already operational teams. 1.2 INTENDED AUDIENCE The general CSIRT community who may require a better knowledge of the composition and objectives of their existing teams will benefit from this document. It also targets individuals and organizations who are likely to join the CSIRT community in the near future. It is precisely aimed at managers and other personnel who take part in the process of setting up and leading a CSIRT or managing incident crisis. The list may include Chief Information Officers, Chief Security Officers and Information Systems SecurityOfficers Project leaders and members in charge of creating the team CSIRT managers CSIRT staff IT managers [1] Higher management levels and all CSIRT staff can use this paper as a useful reference. This document can also be utilized by other individuals who work together with CSIRTs. This may include members of the CSIRT constituency law enforcement community systems and network administrator community CSIRT parent organization or other departments within the parent organization such as legal, media or public relations, human resources, audits and risk management investigations and crisis management [2] 2 MAIN CONTENT Definition of Security Incident The Information Security Management Handbook defines an incident as any unexpected action that has an immediate or potential effect on the organization [3]. Whenever the safety and stability of an information system is compromised, such instance can be referred to as a security incident. There are several different definitions of security incidents; one is A violation or imminent threat of violation of computer security policies, acceptable use policies, or standard computer security practices [4], another definition describes the security incident as any event that may threaten or compromise the security, operation or integrity of computing resources [5]. In other words, a security incident is a state of violation of security policy in an organization and the security of their information system. Security incident refers to a common term that encompasses any type of security breach regardless of location, the level of the threat or the magnitude of it. The commonly known factors of security incidents are events and actions that expose one or more basic elements of information security: confidentiality, integrity and availability (CIA) of information systems. An incident can be caused by authorized or unauthorized personnel, process, hardware or software. It can be an accident as well as a planned malicious action. Handling security incidents In the course of a crisis, time runs short in terms of about what to do, who will do it or how it will get done, therefore it is vital to arrange for a response in advance. The better prepared you are for an incident, the more likely you are to respond correctly. Proper set-up of an incident handling procedure can help to lessen impact of undesirable incidents. The objective of such procedure in place is to provide a framework for an orderly, coordinated response by appropriate resources within the organization. It is in a companys own benefit that it establishes a Computer Security Response Capability, a process that provides centralized response and reporting functions for security incidents. According to (Computer Security Incident Handling Guide, National Institute of Standards and Technology, March 2008), establishing an incident response capability should include the following actions: Creating an incident response policy plan Developing procedures for performing incident handling and reporting, based on the incident response policy Setting guidelines for communicating with outside parties regarding incidents Selecting a team structure and staffing model Establishing relationships between the incident response team and other groups, Determining what services the incident response team should provide Staffing and training the incident response team The Ã¢â‚¬Å"Cyberthreat Response and Reporting GuidelinesÃ¢â‚¬ report, jointly approved by the FBI and US Secret Service recommends that the better equipped a company is in the event of a security event, the better probability it has to reduce the impact of the crisis. This recommendation is actually one of the chief responsibilities of a CSIRT, to be well organized to successfully cope with an incident when they happen and to help prevent incidents from occurring in the first place. As a starting point, the team should have a strategy plan for incident handling. This plan should be supported with documented policies and procedures. According to (State of the Practice of Computer Security Incident Response Teams, October 2003), the incident response plan identifies the mission and goals of the team, the team roles and responsibilities; the services provided; and policies, procedures, processes, and guidelines related to incident handling. The incident response plan is not only inten ded for CSIRT employees, but also for community that they serve. From that viewpoint, both parties should be proficient about what to report, how to report it and to whom it should be reported. The plan should also describe the expected level of service that is reasonable. Staff who is accustomed with computer security incidents recognize the fact that these incidents vary in shape and size. Some are quite uncomplicated, easy to cope with and mitigate while other are extremely severe and very complicated or can have harsh impact on IT systems and necessitate proper authority to respond to effectively. In the event of a crisis, adhering to the plan in place will facilitate the organization to promptly isolate disruption cropping up on IT systems or networks as well as to assist to counteract to such events. It may alleviate potential risk such as loss of company reputation, trust or financial status. For existing CSIRTs who dont have a robust plan, they can still manage with some bas ic guidelines. They can make use of their current incident handling procedures as a guideline, in the meantime they can revise their existing documentation. They can rely on those basic guidelines namely the plan to handle incidents, areas of responsibility, general and specific procedures. Other typical guidelines can include an incident response checklist as well as procedures for what type of activity to report and how that information should be reported. A company needs to take into consideration several factors prior to planning an incident response capability. They include introducing a point of contact for reporting incidents pinpointing the aims and objectives of the team distinguishing and selecting the staff and necessary expertise offering direction for reporting and handling incident reports allocating proper security awareness and incident response training for CSIRT staff launching and promoting specific incident handling and security policies and procedures for the CSIRT exposing lessons learned with other colleagues designing a benchmark to monitor the effectiveness of the CSIRT devising strategy to allow coordination between the CSIRT and internal and external parties Organizations or the team typically approve policies and record them. It is crucial to know what these policies consist of and to ensure that they are properly implementable, enforceable in the workplace. Like the mission statement, senior management approves and enforces policies. The policies need to be openly expressed and well understood by each team member, technical, management or administrative. It will be a difficult task for the staff to appropriately execute and carry out their duties without a clear understanding of the policy. In order to write a clear policy, it is best to avoid excessive jargon. Whenever possible, consult someone who is not in security or IT to examine the policies. Rephrase the policies if not understood. Use very short sentences. A good policy is a short one. A security policy should be concise, well segregated between the management aspect (the policy) and the operational aspect (the procedures). Moreover, a policy must be both implementable and enfo rceable, or else it doesnt have any purpose. It is easier to implement a policy if it is well designed and relevant to the needs and goals of the CSIRT. Truly effective policies address genuine needs within a business, making the staff willing and even eager to implement them because they make operations smoother and give the business added reliability. Top management should execute appropriate actions or steps to enforce a policy. Policies must be enforceable; otherwise they are of little or no value. Usually when a policy ismplementable, it is normally also enforceable unless it contradicts itself. Concrete measures are needed to assess the usage of the policy. Example: An example of a contradictory policy is the security policy that ranks internal information security as priority number 1 but at the same time ensures absolute privacy for its staff; the latter makes it hard or even impossible to enforce security in case of an insider threat. To successfully develop and implement s ecurity policies, top management needs to be involved in and strongly support the project (Lam, 2005). A proposal with a report of external and internal requirements and a draft assessing budget can easily persuade managers to support the development and implementation of a security project. Having management support and authorization can resolve money and time issues. These managers can allocate the required budget and allow sufficient time for development and implementation. In addition, top management has power to affect processes by requiring employees to participate (Kearns Sabherwal, 2006). How to Implement Security Policies Successfully The implementation phase probably is the hardest phase in the life cycle of developing and maintaining security policies. Many organizations fail in this phase. To effectively and efficiently implementing security policies, teams first need to resolve many issues. Lack of strong management support (Fedor et al., 2003; Lam, 2005), lack of budget (Kearns Sabherwal, 2006; Martin, Pearson, Furumo, 2007), lack of implementation time (Walker Cavanaugh, 1998), lack of strong leadership (Fedor et al., 2003), lack of awareness of benefits of implementing security policiesÃ¢â‚¬â€Ã¢â‚¬Å"why forÃ¢â‚¬ (Hansche, Berti, Hare, 2004)Ã¢â‚¬â€, or ineffective communication with users (Jackson, Chow, Leitch, 1997; Walker Cavanaugh, 1998) may cause problems. Resolving all of the above issues can help in successfully implementing security policies. Computer Security Incident Response Team (CSIRT) A team is a focal component of incident response plan, policy and procedure creation so that incident response is dealt effectively, efficiently and consistently. The team should cooperate with other teams within the organization towards a central goal which encompasses the plan, policies and procedures. Outside parties such as law enforcement, the media and other incident response organizations can also be contacted. Computer Security Incident Response Team is regarded as the nerve center of an incident response plan. It is normally composed of a team manager, a management advisory board and other permanent and temporary team members. The temporary staff provides advice on technical, business, legal or administrative issues, depending on the nature and scope of the incident. The team assists the organization to identify and document the nature and scope of a computer security incident handling service. The team manager supervises labour of the team members, presents ongoing status i nformation to the Chief Information Officer (CIO) and other senior management and requests assistance on expert advice outside of IT department when needed. This role leader should be accustomed with computer security issues, the function of IT areas and staff, general company operations as well as the duty of other employees in the institution who may serve as resources for the CSIRT. Under challenging situations, the team manager must be able to coordinate teamwork with other staff and to deal properly with circumstances that necessitate discretion or confidentiality. The technical leaders role is to assess the characteristics and severity of an incident, propose recommendations on security control and recovery issues to the team manager and requests on additional technical resources if needed. This role should possess a broad understanding of operational and systems security. Other employees can join the team on a spontaneous basis and remain team members until closure of inciden t. Additional resources may be required to serve areas such as: law enforcement, legal, audit, human resources, public relations, facilities management or IT technical specialties. The table below shows a list of members who should be included in the CSIRT and their roles in the team. Table 1: Team members in IRT Source: table from page 4-2 of Incident Response Procedure for Account Compromise Version 1.2 2004 by Visa International Besides their technical expertise, CSIRT staff distinctive quality is their motivation and talent to stick to procedures and to present a professional image to customers and other parties working together with them. In other works, it is more convenient to appoint staff with less technical expertise and excellent interpersonal and communication skills and subsequently train them in a CSIRT-specific environment than vice versa. Communication of a team member who is a technical expert but has poor communication skills may brutally ruin the teams reputation while interactions that are dealt with competently will assist to improve the teams standing as a valued service provider. Possessing a broad range of interpersonal skills is significant since team members are frequently in contact with each other and other parties such as law enforcement, legal, human resources. T hus, these professional interactions that CSIRT employees adopt will influence the reputation of the team and special concern to an individuals interpersonal skills matters. Some interpersonal skills, required for incident handling staff, are listed below: logical judgment to formulate effective and suitable decisions in time of crisis or under pressure or strict time constraints effective oral and written communication skills for interaction with other parties discretion when dealing with the media aptitude to follow policies and procedures enthusiasm to learn new things challenge to work under pressure teamwork reliability to maintain teams reputation and status readiness to accept ones own mistakes problem solving skills to efficiently handle incidents time management skills for high priority tasks Apart from interpersonal skills, CSIRT staff should possess fundamental understanding of technology and issues on which they base their expertise. The following technical know-how is crucial for CSIRT staff: public data networks (telephone, ISDN, X.25, PBX, ATM, frame relay) the Internet (aspects ranging from architecture and history to future and philosophy) network protocols (IP, ICMP, TCP, UDP) network infrastructure elements (router, DNS, mail server) network applications, services and related protocols (SMTP, HTTP, HTTPS, FTP, TELNET, SSH, IMAP, POP3) basic security principles risks and threats to computers and networks security vulnerabilities/weakness and related attacks (IP spoofing, Internet sniffers, denial of service attacks and computer viruses) network security issues (firewalls and virtual private networks) encryption technologies (TripleDES, AES, IDEA), digital signatures (RSA, DSA, DH), cryptographic hash algorithms (MD5, SHA-1) host system security issues, from both a user and system administration perspective (backups, patches) [6] It is crucial that one division of the team possess a thorough understanding of the full range of technologies and issues used by the team. This contributes to expand and intensify the technical resource and capability of the team and train other team members through education and documentation. It also makes sure that the team can provide a full range of services. Besides an in-depth understanding of the technical skills listed above, the following specialist skills are required: technical skills such as programming, administration of networking components (e.g. routers, switches) and computer systems (UNIX, Linux, Windows, etc) interpersonal skills such as human communication, experience in presenting at conferences or managing a group work organization skills Obviously, a team will be unable to employ individuals who possess all the necessary interpersonal and technical skills. But there are opportunities to address such deficiency in those skills, such as training of staff to develop and retain such skills and support continuous progress. Hiring CSIRT Staff For any staff vacancy, the hiring process to select the most talented applicant is a complicated task. Even a candidate who appears on the surface to possess the right skill set might not be able to work within CSIRT setting. It is true when a crisis has been declared where the candidate may not be able to cope with the situation and inefficiently carry out their duties. Therefore, it is recommended to present the applicant to a hiring process, specifically designed to reveal the applicant strengths and weaknesses. Based upon the findings of the hiring process, the team will make up their mind to train the applicant in the specific skills that the candidate may require or decide not to employ the candidate. Compared to a regular hiring process, additional steps should be included in any CSIRT hiring process and they are: pre-interview document check pre-interview telephone screening interviews that cover topics from technical abilities to interpersonal skills candidate technical presentation reference checks, including criminal records The complete hiring process should be devised to detect potential employees who possess appropriate interpersonal skills and technical skills. Such candidates can undergo further training to acquire more competence. Before calling the applicant for a personal interview, the pre-interview document check and telephone screening determines in the first instance whether the candidate is an ideal match for the selection process. At this stage, more information is gathered about the applicants broad level of interest in computer security and other more specific details on items covered in his or her resume. The telephone screening will give a good impression of the candidates oral communication skills. Before CSIRT staff begin to interview potential candidates, its better to decide in advance what particular issues ranging from technical issues and ethical issues to social skills are most likely to be discussed during the interview process and select which existing staff are most suitable to talk about those issues with the candidate. Thus separate topic areas are covered by each of the various interviewers, saving any duplication of effort. Each interviewer will be in a position to review and consolidate feedback on the issues covered. Another strategy may be carried out where similar topics may be discussed by other team members involved in the interview process to agree on the candidates faculty about a particular topic and identify any weaknesses. To ensure proper recruitment, the applicant should have the opportunity to meet up with CSIRT team members through a lunch meeting or at the candidates technical presentation. A candidate, required to give a technical presentation, offers CSIRT an opportunity to measure other technical and interpersonal skills of the candidate. It also gives an idea how much common sense the candidate has and whether the applicant will be able to cope under stressful situations. Other qualities such as overall presentation skills, an ey e for detail, technical accuracy and ability to answer questions on the fly are also taken into account. After an individual has been appointed, there is also an enormous task to make them adapt to CSIRT. The new staff will need to undergo training for some period of time to get used to the CSIRT working environment as well as specific policies and procedures for the team. Some new recruits may be given access to limited information until relevant certificates or clearances such as government or military clearances are obtained. Staff training is compulsory in order to make the new recruits acquire the necessary skill level to take on their new responsibilities. Secondly, training is necessary to expand existing staff skills for personal career growth and overall team progress. Staff training also helps overall CSIRT skill set updated with emerging technologies and intruder trends. When considering the overall training needs of the team, it is necessary to spot out the overall skill s needed for each individual, as well as the common skill set required for the whole team. Obviously, new staff member should acquire immediate training in any deficient skills to perform effectively quickly. From a general viewpoint, the whole team should be assessed to determine any training that needs more attention to enlarge skill set exposure in the team. At the same time, this assessment focuses on an individuals skill set. Policies and procedures are a necessity and should be enforceable to support initial training of new team member and to guarantee ongoing training as policies and procedures get amended. Besides the interpersonal and technical skills discussed earlier, each team member should be trained in areas specific to the incident handling functions in a normal CSIRT work environment. Training should cover up the following issues: new technical developments CSIRT team policies and procedures incident analysis maintenance of incident records understanding and identifying intruder techniques work load distribution and organizational techniques Initial training is conducted through on-the-job training. Since incident handling profession is different in work nature from other professions, there is no formal educational path for CSIRT staff and limited documentation in the literature. Most printed materi Security Incident Handling Service Security Incident Handling Service EXECUTIVE SUMMARY 1 INTRODUCTION Expect the unexpected. As soon as a crisis erupts, it should be immediately handled to reduce its potential impact on critical business operations. Such undesirable incidents occur unanticipated and when they do take place, damage or harm is the result. In most aspects of life, it is better to stop something disastrous happening than it is to deal with it after it has happened and IT security is no exception. If possible, security incidents should be dealt accordingly from occurring in the first place. Yet, it is unachievable to prevent security incidents. When an incident does happen, its impact needs to be brought down to adequate recommended level. Security incident handling outlines the actions to follow in an event that an electronic information system is compromised. An event is declared an incident when the confidentiality, integrity or availability (CIA) elements of a system is compromised. Significant commodities such as information and knowledge must be safeguarded at all c osts. Communications within an organization and its interactions to its customer base are regarded as the life blood in this IT intensive fast paced world. If an organization is inoperative for any period of time, it may cost millions in lost business or loss of reputation. Size of an organization does not matter. Unexpected downtime influences organizations of all sizes impacting revenue, customer satisfaction and overall production. It is vital that they quickly recover from such downtime and restore operation and re-establish their presence to ensure survival. Consequently, many firms have realized the importance of setting up incident handling procedures. One of the drawbacks is that many organizations learn how to respond to security incidents only after suffering from them. In the course of time, incidents often become much more costly. Proper incident response should be an integral part of the overall security policy and risk mitigation strategy. Incident handling procedures that are in place in an organization improves to maintain the business continuity of critical operations. In todays competitive economy, a company cant afford to cease critical business operations and remain idle for long period of time because of lack of incident handing procedures. Thus, an organization needs to be well prepared for continuity or recovery of systems. This typically requires a considerable investment of time and money with the aim of ensuring minimal losses in the event of a disruptive event. The goal of setting up incident handling procedures is to know exactly what to do when an incident breaks out. This means anticipating scenarios before they occur and making appropriate decisions about them in advance. Those assessments typically demand consultation and senior management support, hence these people are needed early immediately after an incident has been confirmed. For example, just deciding who to tell when an incident occurs can be hard to determine. Manageme nt needs to provide input to respond quickly and this embarks into issues like after hours support and mixed project/support roles. External support may also be sought, resulting in additional cost, time and effort to select partners. 1.1 PURPOSE OF THE DOCUMENT This document provides guidance to identify and record the nature and scope of a computer security incident handling service. This paper discusses the functions that support the service, how those functions interrelate and the tools, procedures and roles necessary to implement the service. It also concentrates on incident analysis. For example, we can make a comparison between a fire that broke off in an apartment and a computer security incident that happened in an organization. Similarly as a fire department will investigate a fire to know where it originated from, a Computer Security Incident Response Team (CSIRT) tries to figure out how the security incident occurred. Both the fire department and CSIRT operate in the same approach. A fire department needs to get along with other fire departments on it can depend on for additional support in peak times or to tackle a serious catastrophe. It must cooperate with other emergency units to react promptly and provide law enforcement. Th is document will discuss how CSIRTs interact with other organizations, such as the department that reported the security incident to it, other CSIRTs, law enforcement and the media. Both fire department and CSIRT need to properly handle information, some of which is sensitive and relevant to the individual held responsible for the crime. Information handling is considered to be an indispensable discussion subject in this paper. CSIRTs propose client confidentiality in the same manner that many emergency units do, safeguarding reporters and victims from public disclosure. CSIRT survival depends on handling confidential information appropriately, because if it cant be trusted, nobody will report to it, thus making it almost useless. CSIRTs have committed permanent staff as well as part-time, volunteer staff and reliable security experts to handle an unexpected security emergency. Its staff is at the frontline in event of a crisis, CSIRT achievement depends on their interaction with th e outside world and the image that they project by the way of performing their duties and the service quality that they provide. To attain such high level of success, recruiting suitably competent staff seems to be a complicated process. People in charge of appointing CSIRT staff mistakenly look for unsuitable set of talent and ability in prospective employees. For that reason, this paper discusses staffing and hiring concerns and actions to guarantee that CSIRT staff offer reliable, pleasant and specialized service. Other services besides the incident handling service, such as the supply of intrusion detection assistance and vulnerability handling are also provided by CSIRT. The information in this paper is understandable in such a manner that is basic to the reader to put it into operation to any type of CSIRT setting, from in-house team for a company to an international coordination center. This document is intended to present a valuable foundation to both recently created teams and existing teams where there is a lack of clearly defined or documented services, policies and procedures. This paper is more appropriate to use during the early stages when a company has acquired management support and funding to set up a CSIRT, before the team becomes operational. Moreover, this paper can be still a valuable reference document for already operational teams. 1.2 INTENDED AUDIENCE The general CSIRT community who may require a better knowledge of the composition and objectives of their existing teams will benefit from this document. It also targets individuals and organizations who are likely to join the CSIRT community in the near future. It is precisely aimed at managers and other personnel who take part in the process of setting up and leading a CSIRT or managing incident crisis. The list may include Chief Information Officers, Chief Security Officers and Information Systems SecurityOfficers Project leaders and members in charge of creating the team CSIRT managers CSIRT staff IT managers [1] Higher management levels and all CSIRT staff can use this paper as a useful reference. This document can also be utilized by other individuals who work together with CSIRTs. This may include members of the CSIRT constituency law enforcement community systems and network administrator community CSIRT parent organization or other departments within the parent organization such as legal, media or public relations, human resources, audits and risk management investigations and crisis management [2] 2 MAIN CONTENT Definition of Security Incident The Information Security Management Handbook defines an incident as any unexpected action that has an immediate or potential effect on the organization [3]. Whenever the safety and stability of an information system is compromised, such instance can be referred to as a security incident. There are several different definitions of security incidents; one is A violation or imminent threat of violation of computer security policies, acceptable use policies, or standard computer security practices [4], another definition describes the security incident as any event that may threaten or compromise the security, operation or integrity of computing resources [5]. In other words, a security incident is a state of violation of security policy in an organization and the security of their information system. Security incident refers to a common term that encompasses any type of security breach regardless of location, the level of the threat or the magnitude of it. The commonly known factors of security incidents are events and actions that expose one or more basic elements of information security: confidentiality, integrity and availability (CIA) of information systems. An incident can be caused by authorized or unauthorized personnel, process, hardware or software. It can be an accident as well as a planned malicious action. Handling security incidents In the course of a crisis, time runs short in terms of about what to do, who will do it or how it will get done, therefore it is vital to arrange for a response in advance. The better prepared you are for an incident, the more likely you are to respond correctly. Proper set-up of an incident handling procedure can help to lessen impact of undesirable incidents. The objective of such procedure in place is to provide a framework for an orderly, coordinated response by appropriate resources within the organization. It is in a companys own benefit that it establishes a Computer Security Response Capability, a process that provides centralized response and reporting functions for security incidents. According to (Computer Security Incident Handling Guide, National Institute of Standards and Technology, March 2008), establishing an incident response capability should include the following actions: Creating an incident response policy plan Developing procedures for performing incident handling and reporting, based on the incident response policy Setting guidelines for communicating with outside parties regarding incidents Selecting a team structure and staffing model Establishing relationships between the incident response team and other groups, Determining what services the incident response team should provide Staffing and training the incident response team The Ã¢â‚¬Å"Cyberthreat Response and Reporting GuidelinesÃ¢â‚¬ report, jointly approved by the FBI and US Secret Service recommends that the better equipped a company is in the event of a security event, the better probability it has to reduce the impact of the crisis. This recommendation is actually one of the chief responsibilities of a CSIRT, to be well organized to successfully cope with an incident when they happen and to help prevent incidents from occurring in the first place. As a starting point, the team should have a strategy plan for incident handling. This plan should be supported with documented policies and procedures. According to (State of the Practice of Computer Security Incident Response Teams, October 2003), the incident response plan identifies the mission and goals of the team, the team roles and responsibilities; the services provided; and policies, procedures, processes, and guidelines related to incident handling. The incident response plan is not only inten ded for CSIRT employees, but also for community that they serve. From that viewpoint, both parties should be proficient about what to report, how to report it and to whom it should be reported. The plan should also describe the expected level of service that is reasonable. Staff who is accustomed with computer security incidents recognize the fact that these incidents vary in shape and size. Some are quite uncomplicated, easy to cope with and mitigate while other are extremely severe and very complicated or can have harsh impact on IT systems and necessitate proper authority to respond to effectively. In the event of a crisis, adhering to the plan in place will facilitate the organization to promptly isolate disruption cropping up on IT systems or networks as well as to assist to counteract to such events. It may alleviate potential risk such as loss of company reputation, trust or financial status. For existing CSIRTs who dont have a robust plan, they can still manage with some bas ic guidelines. They can make use of their current incident handling procedures as a guideline, in the meantime they can revise their existing documentation. They can rely on those basic guidelines namely the plan to handle incidents, areas of responsibility, general and specific procedures. Other typical guidelines can include an incident response checklist as well as procedures for what type of activity to report and how that information should be reported. A company needs to take into consideration several factors prior to planning an incident response capability. They include introducing a point of contact for reporting incidents pinpointing the aims and objectives of the team distinguishing and selecting the staff and necessary expertise offering direction for reporting and handling incident reports allocating proper security awareness and incident response training for CSIRT staff launching and promoting specific incident handling and security policies and procedures for the CSIRT exposing lessons learned with other colleagues designing a benchmark to monitor the effectiveness of the CSIRT devising strategy to allow coordination between the CSIRT and internal and external parties Organizations or the team typically approve policies and record them. It is crucial to know what these policies consist of and to ensure that they are properly implementable, enforceable in the workplace. Like the mission statement, senior management approves and enforces policies. The policies need to be openly expressed and well understood by each team member, technical, management or administrative. It will be a difficult task for the staff to appropriately execute and carry out their duties without a clear understanding of the policy. In order to write a clear policy, it is best to avoid excessive jargon. Whenever possible, consult someone who is not in security or IT to examine the policies. Rephrase the policies if not understood. Use very short sentences. A good policy is a short one. A security policy should be concise, well segregated between the management aspect (the policy) and the operational aspect (the procedures). Moreover, a policy must be both implementable and enfo rceable, or else it doesnt have any purpose. It is easier to implement a policy if it is well designed and relevant to the needs and goals of the CSIRT. Truly effective policies address genuine needs within a business, making the staff willing and even eager to implement them because they make operations smoother and give the business added reliability. Top management should execute appropriate actions or steps to enforce a policy. Policies must be enforceable; otherwise they are of little or no value. Usually when a policy ismplementable, it is normally also enforceable unless it contradicts itself. Concrete measures are needed to assess the usage of the policy. Example: An example of a contradictory policy is the security policy that ranks internal information security as priority number 1 but at the same time ensures absolute privacy for its staff; the latter makes it hard or even impossible to enforce security in case of an insider threat. To successfully develop and implement s ecurity policies, top management needs to be involved in and strongly support the project (Lam, 2005). A proposal with a report of external and internal requirements and a draft assessing budget can easily persuade managers to support the development and implementation of a security project. Having management support and authorization can resolve money and time issues. These managers can allocate the required budget and allow sufficient time for development and implementation. In addition, top management has power to affect processes by requiring employees to participate (Kearns Sabherwal, 2006). How to Implement Security Policies Successfully The implementation phase probably is the hardest phase in the life cycle of developing and maintaining security policies. Many organizations fail in this phase. To effectively and efficiently implementing security policies, teams first need to resolve many issues. Lack of strong management support (Fedor et al., 2003; Lam, 2005), lack of budget (Kearns Sabherwal, 2006; Martin, Pearson, Furumo, 2007), lack of implementation time (Walker Cavanaugh, 1998), lack of strong leadership (Fedor et al., 2003), lack of awareness of benefits of implementing security policiesÃ¢â‚¬â€Ã¢â‚¬Å"why forÃ¢â‚¬ (Hansche, Berti, Hare, 2004)Ã¢â‚¬â€, or ineffective communication with users (Jackson, Chow, Leitch, 1997; Walker Cavanaugh, 1998) may cause problems. Resolving all of the above issues can help in successfully implementing security policies. Computer Security Incident Response Team (CSIRT) A team is a focal component of incident response plan, policy and procedure creation so that incident response is dealt effectively, efficiently and consistently. The team should cooperate with other teams within the organization towards a central goal which encompasses the plan, policies and procedures. Outside parties such as law enforcement, the media and other incident response organizations can also be contacted. Computer Security Incident Response Team is regarded as the nerve center of an incident response plan. It is normally composed of a team manager, a management advisory board and other permanent and temporary team members. The temporary staff provides advice on technical, business, legal or administrative issues, depending on the nature and scope of the incident. The team assists the organization to identify and document the nature and scope of a computer security incident handling service. The team manager supervises labour of the team members, presents ongoing status i nformation to the Chief Information Officer (CIO) and other senior management and requests assistance on expert advice outside of IT department when needed. This role leader should be accustomed with computer security issues, the function of IT areas and staff, general company operations as well as the duty of other employees in the institution who may serve as resources for the CSIRT. Under challenging situations, the team manager must be able to coordinate teamwork with other staff and to deal properly with circumstances that necessitate discretion or confidentiality. The technical leaders role is to assess the characteristics and severity of an incident, propose recommendations on security control and recovery issues to the team manager and requests on additional technical resources if needed. This role should possess a broad understanding of operational and systems security. Other employees can join the team on a spontaneous basis and remain team members until closure of inciden t. Additional resources may be required to serve areas such as: law enforcement, legal, audit, human resources, public relations, facilities management or IT technical specialties. The table below shows a list of members who should be included in the CSIRT and their roles in the team. Table 1: Team members in IRT Source: table from page 4-2 of Incident Response Procedure for Account Compromise Version 1.2 2004 by Visa International Besides their technical expertise, CSIRT staff distinctive quality is their motivation and talent to stick to procedures and to present a professional image to customers and other parties working together with them. In other works, it is more convenient to appoint staff with less technical expertise and excellent interpersonal and communication skills and subsequently train them in a CSIRT-specific environment than vice versa. Communication of a team member who is a technical expert but has poor communication skills may brutally ruin the teams reputation while interactions that are dealt with competently will assist to improve the teams standing as a valued service provider. Possessing a broad range of interpersonal skills is significant since team members are frequently in contact with each other and other parties such as law enforcement, legal, human resources. T hus, these professional interactions that CSIRT employees adopt will influence the reputation of the team and special concern to an individuals interpersonal skills matters. Some interpersonal skills, required for incident handling staff, are listed below: logical judgment to formulate effective and suitable decisions in time of crisis or under pressure or strict time constraints effective oral and written communication skills for interaction with other parties discretion when dealing with the media aptitude to follow policies and procedures enthusiasm to learn new things challenge to work under pressure teamwork reliability to maintain teams reputation and status readiness to accept ones own mistakes problem solving skills to efficiently handle incidents time management skills for high priority tasks Apart from interpersonal skills, CSIRT staff should possess fundamental understanding of technology and issues on which they base their expertise. The following technical know-how is crucial for CSIRT staff: public data networks (telephone, ISDN, X.25, PBX, ATM, frame relay) the Internet (aspects ranging from architecture and history to future and philosophy) network protocols (IP, ICMP, TCP, UDP) network infrastructure elements (router, DNS, mail server) network applications, services and related protocols (SMTP, HTTP, HTTPS, FTP, TELNET, SSH, IMAP, POP3) basic security principles risks and threats to computers and networks security vulnerabilities/weakness and related attacks (IP spoofing, Internet sniffers, denial of service attacks and computer viruses) network security issues (firewalls and virtual private networks) encryption technologies (TripleDES, AES, IDEA), digital signatures (RSA, DSA, DH), cryptographic hash algorithms (MD5, SHA-1) host system security issues, from both a user and system administration perspective (backups, patches) [6] It is crucial that one division of the team possess a thorough understanding of the full range of technologies and issues used by the team. This contributes to expand and intensify the technical resource and capability of the team and train other team members through education and documentation. It also makes sure that the team can provide a full range of services. Besides an in-depth understanding of the technical skills listed above, the following specialist skills are required: technical skills such as programming, administration of networking components (e.g. routers, switches) and computer systems (UNIX, Linux, Windows, etc) interpersonal skills such as human communication, experience in presenting at conferences or managing a group work organization skills Obviously, a team will be unable to employ individuals who possess all the necessary interpersonal and technical skills. But there are opportunities to address such deficiency in those skills, such as training of staff to develop and retain such skills and support continuous progress. Hiring CSIRT Staff For any staff vacancy, the hiring process to select the most talented applicant is a complicated task. Even a candidate who appears on the surface to possess the right skill set might not be able to work within CSIRT setting. It is true when a crisis has been declared where the candidate may not be able to cope with the situation and inefficiently carry out their duties. Therefore, it is recommended to present the applicant to a hiring process, specifically designed to reveal the applicant strengths and weaknesses. Based upon the findings of the hiring process, the team will make up their mind to train the applicant in the specific skills that the candidate may require or decide not to employ the candidate. Compared to a regular hiring process, additional steps should be included in any CSIRT hiring process and they are: pre-interview document check pre-interview telephone screening interviews that cover topics from technical abilities to interpersonal skills candidate technical presentation reference checks, including criminal records The complete hiring process should be devised to detect potential employees who possess appropriate interpersonal skills and technical skills. Such candidates can undergo further training to acquire more competence. Before calling the applicant for a personal interview, the pre-interview document check and telephone screening determines in the first instance whether the candidate is an ideal match for the selection process. At this stage, more information is gathered about the applicants broad level of interest in computer security and other more specific details on items covered in his or her resume. The telephone screening will give a good impression of the candidates oral communication skills. Before CSIRT staff begin to interview potential candidates, its better to decide in advance what particular issues ranging from technical issues and ethical issues to social skills are most likely to be discussed during the interview process and select which existing staff are most suitable to talk about those issues with the candidate. Thus separate topic areas are covered by each of the various interviewers, saving any duplication of effort. Each interviewer will be in a position to review and consolidate feedback on the issues covered. Another strategy may be carried out where similar topics may be discussed by other team members involved in the interview process to agree on the candidates faculty about a particular topic and identify any weaknesses. To ensure proper recruitment, the applicant should have the opportunity to meet up with CSIRT team members through a lunch meeting or at the candidates technical presentation. A candidate, required to give a technical presentation, offers CSIRT an opportunity to measure other technical and interpersonal skills of the candidate. It also gives an idea how much common sense the candidate has and whether the applicant will be able to cope under stressful situations. Other qualities such as overall presentation skills, an ey e for detail, technical accuracy and ability to answer questions on the fly are also taken into account. After an individual has been appointed, there is also an enormous task to make them adapt to CSIRT. The new staff will need to undergo training for some period of time to get used to the CSIRT working environment as well as specific policies and procedures for the team. Some new recruits may be given access to limited information until relevant certificates or clearances such as government or military clearances are obtained. Staff training is compulsory in order to make the new recruits acquire the necessary skill level to take on their new responsibilities. Secondly, training is necessary to expand existing staff skills for personal career growth and overall team progress. Staff training also helps overall CSIRT skill set updated with emerging technologies and intruder trends. When considering the overall training needs of the team, it is necessary to spot out the overall skill s needed for each individual, as well as the common skill set required for the whole team. Obviously, new staff member should acquire immediate training in any deficient skills to perform effectively quickly. From a general viewpoint, the whole team should be assessed to determine any training that needs more attention to enlarge skill set exposure in the team. At the same time, this assessment focuses on an individuals skill set. Policies and procedures are a necessity and should be enforceable to support initial training of new team member and to guarantee ongoing training as policies and procedures get amended. Besides the interpersonal and technical skills discussed earlier, each team member should be trained in areas specific to the incident handling functions in a normal CSIRT work environment. Training should cover up the following issues: new technical developments CSIRT team policies and procedures incident analysis maintenance of incident records understanding and identifying intruder techniques work load distribution and organizational techniques Initial training is conducted through on-the-job training. Since incident handling profession is different in work nature from other professions, there is no formal educational path for CSIRT staff and limited documentation in the literature. Most printed materi

Buy presentation

Featured Post

Learning German Adjectives and Colors