[RSSAC Caucus] Security Incident Reporting Work Party Update
Robert Story
rstory at ant.isi.edu
Tue Apr 16 12:03:17 UTC 2024
On Tue 2024-04-16 10:06:59+0000 Andrew wrote:
> -In Section 4.5 we reduced the number of categories from 5 to 3 by
> removing Catastrophic and Informational. The remaining incident
> categories are Low, Medium and Major. We also renamed the section
> "Incident Severity Guidelines".
We also tried to make them less proscriptive (ie removed references to
the number of RSOs involved).
A random thought popped into my head while typing this response. I just
added a comment in section 5 (What to report): Thoughts on having two
severity impact fields: RSS impact, and RSO impact?
> Please add any Suggestions into the document prior to our next work
> party call on April 22nd 15:00 UTC.
It's also ok to comment or start discussions on the list. I feel like
the lists are less used since we stopped having per-work-party lists.
If you generally aren't able to make the zoom calls (or don't want to),
start a thread on the list, prefixing the subject with 'SIR wp:' or
something like that.
Regards,
Robert
--
USC Information Sciences Institute <http://www.isi.edu/>
Networking and Cybersecurity Division
More information about the rssac-caucus
mailing list