We probably all know the situation. It is when we reach out for help, to share information, or just to chat. At the other end you don't get that warm cosy feeling. Your National/Organizational/Local CERT/SIRT/CSIRT... doesn't appear to care or have time for you. They are supposed to support the constituency you represent, excepting that there seems to be a discrepancy in between how you perceive it and they do. What to do?
Option 1: Completely ignore them. Stop sending any incident data, stop answering their calls. You know it isn't the best way to behave but you don't feel you have a choice.
Option 2: Smile and nod. Slowly stop sending them any data, but politely answer their calls.
Option 3: Grin and bear it. Not the most fun option. Although you might not receive anything of perceived value in return you still feed data and hope for a better day.
You actually do have a choice, and I urge you to use it. Always voice your concerns to your local, organizational, association, national and law enforcement representation. They might not always immediately pay you back, but I do believe that good turns do pay back dividends.Serge Responds:
I saw your diary entry about "Your National/Organizational/Local
CERT/SIRT/CSIRT" and feel this is only half the truth.
We operate a CERT for the Swiss Universities and for the government program MELANI (www.melani.admin.ch). In the later function we are the Swiss national CERT.
In that function we often get requests, from organizations that charge money for their services. Many of these request could be solved without our involvement. Having us look after this incident essentially means the requester has given us his homework to do, diverting our resources away from other important work. Usually we reply saying we are happy to help, if their attempts to fix the problem failed. Most of the time, having helped, we don't even get an acknowledgment and much less a "Thank you".
At other times we get very rather rude (automated?) request "To fix this", but never get a replay when asking back, what it is, that we should fix.
It always takes two to a tango. We are happy to help if we can and feel the request is something where we can make a difference. We have a hard time reacting, when we feel someone else is outsourcing his work to us, of course free of charge. That's a message you should get out too.
I will be teaching next: Advanced Web App Penetration Testing, Ethical Hacking, and Exploitation Techniques - SANS Pen Test & Offensive Training 2021
Adrien de Beaupre
Jan 23rd 2007
|Thread locked Subscribe||
Jan 23rd 2007
1 decade ago