1.Responsibility Of The Head Of Department
The Department Agency Head must play an important role in ensuring compliance to orders concerning incident management in accordance with the Pahang CERT ICT Security Incident Reporting Work at agencies under their respective control. Agency Department Heads must ensure that departments and agencies under their control to improve compliance on any acts, directives, regulations and procedures related to ICT security.
2.Responsibilities Of Pahang CERT
2.1 The responsibilities of Pahang CERT covers all areas in handling security incident management tasks experienced by agencies under its control as follows :
- To receive and track complaints on ICT security and assess the types of incident
To record and conduct initial investigation on incidents received;
To address response of ICT security incidents and taking minimum level of remedial actions;
To contact and report the incident to MAMPU GCERT either as input or for further action;
To advise the agencies under its control to take remedial actions and perform enhancements;
To disseminate information related to the agency under its control and
To conduct assessment to ensure the ICT security level and to take remedial actions or perform enhancements to strengthen the security level of the ICT infrastructure to avoid future incidents.
2.2 When an event occurs, the Pahang CERT Director / Manager will mobilise Pahang CERT members to take the following actions :
- To manage and take action on the incident that occurs until the situation is restored;
- To provide advice to the CIO activate the Business Continuity Planning (BCP) if necessary, and
- To determine whether the incident should be reported to law enforcement / security agencies.
3.GCERT Mampu Responsibility
MAMPU GCERT responsibilities in managing public sector ICT security incident handling are as follows:
To coordinate incident handling management at the agency or inter- agency levels and advise the agency to take remedial actions and perform enhancements
To take proactive or preventive actions such as running a security scan on the ICT infrastructure of the agencies and spread information about new threats from time to time;
To provide advice to the Agency CERT pertaining to the management and handling of security incidents, and
To coordinate information exchange and sharing programmes between Agency CERTs, the Malaysian Computer Emergency Response Team (MyCERT), suppliers, Internet Service Providers (ISPs) and the enforcement agencies