Cyber Social Maturity Assessment
Collaboration Triggering
|
1. My Analysts decide correctly that they should include other analysts in their incident mitigation efforts |
|
2. Members of my team proactively solicit help from other team members |
Average:0.00 |
|
3. My team solicits help from other teams in the CSIRT MTS |
|
4. My team asks other teams in the CSIRT MTS to help them resolve an incident when such help is neccessary. |
|
5. My team decides correctly that they should include other teams in the CSIRT MTS in their incident mitigation efforts. |
Average:0.00 |
Communication
|
1. Messages sent among my team members contains all critical information. |
|
2. Messages sent or received by the team are understood clearly |
|
3. My team members ask for clarification for messages received from others when they are unsure of something. |
|
4. My team members confirm receipt and understanding of critical communications |
|
5. Information is received on time when trying to address a cyber threat |
|
6. Messages are sent to the correct recipient during different phases of incident resolution. |
|
7. Information is complete and accurate during handoffs between different individuals in my team. |
|
8. My team members quickly resolve communication issues with individuals in their teams. |
|
9. My team members quickly resolve communication issues with team members from other cultues. |
Average:0.00 |
|
10. Messages sent between my team and other teams contain all critical information. |
|
11. My teams ask for clarification for messages received from other teams when they are unsure of something |
|
12. Confirmation of receipt and understanding of critical communications occur between teams. |
|
13. Information is complete or accurate during handoffs between different teams. |
|
14. My teams quickly resolve communication issues with other teams. |
|
15. My teams designate a point person to communicate with other teams or ext. parties. |
Average:0.00 |
Collaborative Problem Solving
|
1. Team members in my CSIRT proactively solicit help from each other. |
|
2. My team members get together to brainstorm and to consult each other about incident resolution. |
|
3. My team members use the knowledge they have gained from other team members in resolving a novel incident. |
|
4. My team members work together to determine the potential consequences of an event or threat to the cybersecurity of the organization or to constituents. |
Average:0.00 |
|
5. My team members incorporate the expertise of other teams into incident resolution. |
|
6. Teams in the CSIRT proactively solicit help from other teams. |
|
7. Multiple teams get togather to brainstorm and to consult each other about incident resolution. |
|
8. Multiple teams work together to determine the potential consequences of an event or threat to the cybersecurity of the organization or to constituents. |
Average:0.00 |
Shared knowledge of Unique Expertise (SKUE)
|
1. My team members know exactly who has the knowledge to handle a particular incident. |
|
2. My team members can explain "who knows what" within the team. |
|
3. Members of the team ask the right person for information. |
|
4. In team meetings, members appear to know what other people within the team know. |
|
5. Members of my team communicate what knowledge they possess to other team members. |
Average:0.00 |
|
6. My team members know exactly which teams have the right knowledge to handle a particular incident. |
|
7. My teams can explain "which teams know what" within the CSIRT MTS. |
|
8. Members of the team ask the right team in a CSIRT MTS for information |
|
9. Members of the team communicate what knowledge they possess to other teams in the CSIRT MTS. |
Average:0.00 |
Trust
|
1. My team members feel confident about the competence of other members. |
|
2. My team members feel comfortable relying on each other when resolving tough incidents. |
|
3. My team members feel confortable admitting mistakes or seeking advice without worrying about being judged or evaluated. |
|
4. My team members share learning oppurtunities with other members. |
|
5. My team members talk freely with each other about difficulties they are having incidents. |
|
6. My team members bring up tough problems and issues with each other. |
Average:0.00 |
|
7. My team feels confident about the competence of other teams in the CSIRT MTS. |
|
8. My team members feel comfortable relying on other teams in the CSIRT MTS when resolving tough incidents |
|
9. My team members share learning opportunities with members of other teams in the CSIRT MTS |
|
10. My team members talk freely with members from other teams in the MTS about difficulties they are having with incidents. |
|
11. My team members bring up tough problems and issues with members of other teams in the MTS. |
Average:0.00 |
Adaptation
|
1. Members of my CSIRT consider multiple viewpoints when resolving an incident. |
|
2. Members of my CSIRT are willing to switch to new kinds of solutions when existing ones may not be the best. |
|
3.Members of my CSIRT try new ways of thinking about novel events and incidents. |
|
4. Members of my CSIRT adopt new ways of resolving incidents. |
|
5. Members of my CSIRT are comfortable with deviating from normal or typical ways of resolving incidents. |
|
6. My team members change their behaviors or protocols as a result of previous incidents. |
|
7. Members of my team are likely to try new ideas and solutions when resolving incidents. |
Average:0.00 |
|
8. Teams in the CSIRT MTS change their ways of interacting with one another as a result of previous incidents. |
Average:0.00 |
Continuous Learning
|
1. Team members keep up-to-date with developments in cybersecurity. |
|
2. The design of cybersecurity personnel's work roles allows them to develop new skills. |
|
3. Team members engage others outside of the organization to gain new knowledge and skills. |
|
4. Team members maintain contacts with other cybersecurity professionals in order to learn new knowledge and skills. |
|
5. Team members have the opportunity to try out new ideas processes. |
Average:0.00 |
|
6. Teams discuss how they should interact differently as a result of previous incidents (e.g., in after action reviews). |
|
7. Thinking about "lessons learned" regarding team interactions or after-action reviews occur in a timely manner after events. |
|
8. Multiple teams working together have the opportunity to try new ideas or processes. |
|
9. Teams participate in activities where they can make errors and learn from mistakes without errors being detrimental to the CSIRT's performance (e.g. during training sessions). |
|
10. Multiteam information databses(e.g, a Wiki information board) are used in events. |
|
11. Multiteam information databases (e.g, a Wiki information board) are used in training. |
Average:0.00 |
Conflict Management
|
1. Members of my team manage differences of opinion without creating tension. |
|
2. Members of my team resolve disagreements about incident mitigation. |
|
3. Members of my team are comfortable having debates about different approaches to incident mitigation. |
|
4. Tension and anger among my team members are well managed. |
Average:0.00 |
|
5. My team manages differences of opinion with other teams in the CSIRT MTS without creating tension. |
|
6. My team resolves disagreements with other teams in the CSIRT MTS about incident mitigation. |
|
7. Tension and anger are well-managed between teams in the CSIRT MTS. |
Average:0.00 |