Implementación de un equipo de respuesta a incidentes de seguridad informática (CSIRT) en la Fiscalía General del Estado

Abstract

The present thesis aims to implement a Computer Security Incident Response Team (CSIRT) in the Fiscalía General del Estado (FGE), so, for the fulfillment of this objective, an analysis of the state of the art has initially been carried out, followed by a bibliographic review and the collection of information and documentary study of success stories in the implementation of CSIRT at the Latin American level, thus managing to determine the importance of cyber incident response centres in the field of cybersecurity in each of their countries, on the other hand, there was also a study of the current situation of the Fiscalía General del Estado focused on computer security, achieving a detail of the cyber threats that occur most often in the institution. Based on the information obtained with the documentary study of cyber incident response centers in Latin America, and the state of the current situation of the Fiscalía General del Estado on computer security issues, it is possible to have the baseline to work on the design of the FGE CSIRT according to the best practices defined by the Forum of Incident Response and Security Teams (FIRST) and RFC 2350 standard. This design defines, from the different points, the mission, vision, target community, policies, procedures, services, and the initial team with which the team will enter into operations. Finally, with the culmination of the design, proceeds with the implementation of this in the Fiscalía General del Estado, within this implementation is defined in the organic and functional structure, the technological infrastructure to be used at the hardware and software level, the budget necessary for its operation and the laws, regulations and regulations that must be met by the cybersecurity incident response center in the legal part.