Welcome to PA-CSIRT, the Commonwealth of Pennsylvania 's Computer Incident Response Team Website. The Commonwealth of Pennsylvania must respond quickly and effectively to computer security incidents. Timely and effective response can limit damage and lessen recovery costs. The PA-CSIRT in coordination with the Commonwealth's Information Security Office provides a rapid reporting and response capability to help mitigate and prevent future incidents. Cyber security has become an important issue at the Commonwealth as the government continues to provide more electronic services to citizens and perform more business processes using computerized equipment and the Internet. With the increased use of cyber processes comes the increased threats and risks associated with allowing access to computer systems and applications. Being able to react quickly, consistently and effectively to those threats and risks, as well as to actual attacks or breeches, is critical to maintaining the security of Commonwealth IT resources and citizen data.
Enterprise incident response for computer security incidents within the Commonwealth government is a critical component to protecting Commonwealth resources. The goal of PA-CSIRT is to assist and direct agencies in their handling of security incidents. Agencies will be required to notify PA-CSIRT of security incidents in order to ensure incidents are handled properly and security metrics can be collected. PA-CSIRT also provides a means for notifying agencies of threats, vulnerabilities and enterprise incidents.
PA-CSIRT offers many services to an organization, such as computer forensics, alerts & advisories, incident handling, vulnerability assessments, risk analysis, awareness training, product evaluation and more.
PA-CSIRT offers the following benefits:
- Allow agencies to be compliant with federal and state regulations and/or laws such as HIPAA.
- Allow the Commonwealth to respond to incidents systematically and consistently.
- Allow the Commonwealth to identify trends in incidents across agencies and use information gained during incident handling to better protect Commonwealth resources and prepare for handling future incidents.
- Allow the Commonwealth to recover quickly and efficiently from security incidents, minimizing loss or theft of information and disruption of services.
- Ensure effective communication and information sharing regarding threats and incidents to ensure appropriate parties are involved in the response. Ensure the
- Commonwealth is dealing properly with legal issues that may arise during incidents.