Product Security Incident Response Team (PSIRT) Overview – Video Course
This video course will provide you with a background history of PSIRT and enable you to recognize its importance for automotive organizations. Moreover, after completing the video course you will be able to understand the different PSIRT operation models, as well as its structured and all related activities and service areas based on state of the art procedures and methodologies.
Learn why and how correct PSIRT implementation leads to correct security incidents and vulnerabilities handling
Cyberattacks have been on the rise for decades. However, cyberattacks in the automotive industry has been on the rise since the previous decade. This is where the PSIRT framework becomes relevant for automotive organizations. In this “Product Security Incident Response Team PSIRT Overview” video course, you will get to know the PSIRT framework historical background, its importance, operation models, and structure.
Before we jump into the details of the PSIRT Framework, we will first provide you with background history on the events that led to the creation of the PSIRT framework. Moreover, we will highlight how the automotive industry has been affected by cyberattacks over the previous year, the importance of implementing the PSIRT framework in your organization, and how it can complement the Cybersecurity Management System (CSMS).
Once you understand what the PSIRT framework is and recognize its importance, we will continue to introduce the different PSIRT operating model proposed by the framework: distributed model, centralized model, and hybrid model. While you get a detailed explanation for each model, you will learn how each model fits different organizations based on various factors and what should be considered when selecting one.
Next, we will take a deep dive into the structure of PSIRT, related activities, and service areas including operational foundation, stakeholder ecosystem management, training and education, vulnerability discoveries, vulnerability triage and analysis, remediation, and vulnerability disclosure.
At last, we will provide you with an example of PSIRT usage in the automotive industry including the contained service areas, as well as how it relates or supports CSMS and SUMS processes.
Who the „Product Security Incident Response Team (PSIRT) Overview“ video course is made for
Professionals involved in automotive cybersecurity
Besides the implementation of a Cybersecurity Management System (CSMS), implementing the PSIRT framework in your organization helps handle security incidents and vulnerabilities. Therefore, learning about the PSIRT operation models and how it is structured, is highly beneficial for anyone involved in automotive cybersecurity.
All professionals in the organization
Perhaps you are not directly involved with automotive cybersecurity, but you are responsible for budgeting, forming teams, or allocating resources. In this video course, you will not only learn about the relevance of forming a capable PSIRT team, but also about the operational foundation service area that needs to be established at the organizational level.
Product Security Incident Response Team (PSIRT) Overview video course content
In this section, we will define the contents of the video course, the importance of PSIRT, and the learning objectives.
Learn what FIRST is and what its background is, as well as the series of events that led to the creation of the PSIRT framework.
III. Why is it important?
Recognize the importance of preparing for incidents based on the prevalence of cyberattacks in the automotive industry, as well as how exactly the PSIRT framework supports organizations.
IV. PSIRT Operation models
Understand the different PSIRT models including distributed, centralized, and hybrid models. An explanation and recommendations will be provided for each.
V. PSIRT Structure
Get an overview of the PSIRT structure, how each of them help define the inner workings of the PSIRT, and introduce the service areas including the operational foundation and vulnerability discovery.
VI. Operational foundation
Get a more detailed explanation on the PSIRT’S operational foundation, including what components it describes and how they are classified.
VII. Stakeholder ecosystem management
Learn what the stakeholder ecosystem management PSIRT’s service area describes, as well as important considerations.
Comprehend the importance of providing trainings and education, in addition to key considerations to keep in mind.
IX. Vulnerability Discovery
Here, you will learn what the vulnerability discovery service area describes, what must be collected, and how it supports vulnerability management.
X. Vulnerability Triage and Analysis
Understand the purpose of vulnerability triage and analysis, as well as recommendations for handling triage and further considerations.
Know the objective of the remediation service area, what it should include, and how it should be determined.
XII. Vulnerability disclosure
Recognize the importance of the vulnerability disclosure, how it is formed, and important considerations.
XIII. Example on PSIRT usage within the automotive industry
Get a visual overview of the PSIRT function in the automotive industry, considering the aforementioned steps and service areas, as well as how it is related to CSMS and SUMS processes.
XIV. Product Security Incident Response Team (PSIRT) Overview – Sum up
Get a summary of the main lessons learned during this Product Security Incident Response Team (PSIRT) video course.