Hyperthyroidism Research Paper Example | Topics and Well Written Essays - 250 words

Hyperthyroidism - Research Paper Example any causes which incorporate over movement of the thyroid organ as in Grave’s sickness or because of neoplasias of the thyroid organ which incorporate adenomas and carcinomas. It can likewise happen because of an adenoma in the front pituitary which prompts expanded emission of TSH which brings about overstimulation of the thyroid organ and henceforth expanded arrival of the thyroid hormone. Aggravation of the thyroid organ can likewise bring about hyperthyroidism. Thyroid hormone is fundamental for the completing of ordinary body procedures and it is a hormone which is significant for the guideline of digestion. In any case, an expansion in the hormone because of the infection can have numerous unfriendly impacts. The basal metabolic pace of the body can build 60 to 100 percent beyond what ordinary and this can represent the expanded perspiring and diminished resilience to warm. The thyroid hormone invigorates the focal sensory system yet expanded amounts can prompt mental issues and anxiety. The muscles become frail in view of the expanded catabolism of proteins. The expanded amounts lead to an expansion in the GIT motility prompting looseness of the bowels and the expanded digestion is the reason for weight reduction which might be of shifting degrees. The patient encounters. The cardiovascular framework is additionally influenced and expanded pulse and yield is noted. The eyeball is jutted and the skin feels hot. Hyperthyroidism is a neurotic condition which influences the thyroid organ itself as well as it upsets major physiological handled of the body. Clinical and careful mediation can enable an individual to beat the vast majority of the side effects related with the

(SMCR) Strategic Marketing- A Contemporary Review Essay

(SMCR) Strategic Marketing-A Contemporary Review - Essay Example A shop-window gives 24-hour publicizing and makes and character for the shop. Utilizing big names as models has likewise been a fruitful advertising methodology. Publicizing has consistently been a successful advertising procedure for design apparel. Making and utilizing infectious phrasing to depict style attire is an ongoing and compelling pattern in design showcasing. PR occasions, for example, press and business occasions assume a critical job in style advertising correspondences. Addressing sociological necessities of the individuals like overweight, age and utility is a developing pattern. A model is the promoting of originator garments for hefty size ladies. Building client connections can help make new clients and keep the old ones. A very much perceived brand name is the most significant resource of any business. This can build client reliability in the present moment just as hold significant worth long haul. In conclusion and in particular, guaranteeing representatives that the association esteems their information is significant for the achievement of any crusade. Showcasing design is a procedure that guarantees that the items, from the producers’ hands, come to the consumers’ hands by persuading the buyer to purchase the items. In any case, advertisers can't pressure clients into purchasing and this is particularly valid for the style business as confirm by the disappointment of the Woolworths womenswear retail chain (Bohdanowicz and Clamp 1994, p.2). Advertisers of style should consider all factors that impact the business to guarantee effective gathering of items. While purchaser inclinations and utility would be the primary components to be thought of while promoting design, with the expanding prominence for green items, social advertising systems will have expanded criticalness in style showcasing in the coming decades. This report expects to dissect all promoting issues including those identifying with

An Overview of Chronic Sleep Deprivation

An Overview of Chronic Sleep Deprivation October 04, 2019 Getty / fizkes More in Stress Management Effects on Health Management Techniques Situational Stress Job Stress Household Stress Relationship Stress In This Article Table of Contents Expand Overview Signs Causes Effects Treatment Coping Sleep Deprivation and Depression How to Get More Sleep Are you experiencing a case of chronic sleep deprivation? If so, you know that losing sleep is no joke. Accumulated sleep debt can lead to impairments in all areas of your life, and fixing the problem can be difficult depending on the cause. That being said, there are steps you can take to cope with sleep deprivation and ensure it does not lead to more serious issues. What Is Chronic Sleep Deprivation? In the simplest terms, chronic sleep deprivation refers to the case of getting insufficient sleep or experiencing sleeplessness over an extended period of time. Chronic sleep deprivation can vary in its severity. It may also be primary or secondary, meaning that it could be a problem in and of itself (e.g., caused by insomnia or anxiety) or caused by some other unrelated issue (e.g., a medical condition). Signs How do you know if what you are experiencing is chronic sleep deprivation? If you live with insomnia or work shifts, you may be painfully aware that youre not getting enough sleep. Some people living with undiagnosed sleep disorders, however, may not understand right away that sleep debt is the cause of what they are feeling. Below are some signs that you may be experiencing chronic sleep deprivation: waking up not feeling refreshedlacking energy for daily tasksfeeling sleepy during daytime hoursdark under eye circlestrouble concentratingfeeling irritableyawningrolling down your window or turning up your radio while driving your vehicle to try and stay awakedrifting out of your lane while drivingbeing unable to keep your eyes openhead nodding Causes What are the causes of chronic sleep deprivation? There are various potential causes, so not everyone who experiences itn will have the same underlying factors. Here are some common causes: life stress (e.g., marital, financial)working conditions (e.g., overwork, work stress, shift work)medical conditionssleep disorders (e.g., sleep apnea, insomnia)mental health issues (e.g., bipolar disorder, depression, anxiety, attention deficit hyperactivity disorder, restless legs syndrome)fatal familial insomnia (a neurodegenerative disease that results in eventual death due to the inability to experience sleep beyond stage 1 of NREM; this condition leads to panic, paranoia, phobias, hallucinations, dementia, weight loss, and death within three years)school schedules (e.g., teenagers need to sleep later and stay up later according to their physiology, but school schedules often conflict with this)using too much caffeine close to bedtimescreen use too close to bedtimefrustration or worry about being unable to fall asleep due to insomnia Effects The effects of chronic sleep deprivation are numerous. If youre dealing with this issue, it may have far-reaching effects on various areas of your life. Physical Effects The physical effects of sleep deprivation can range from decreased daily functioning to more long-term health issues. Below are several such effects: accidents in the workplacehigh blood pressurerisk of heart attack and strokeheart failureincreased risk of mortalityoverall fatiguetremors in the handsheadachesincreased risk of fibromyalgiaincreased risk of seizuresincreased appetite and related weight gain (due to hormone fluctuations)muscle soreness and achingincreased risk of type 2 diabeteslowered libidolowered fertility Mental Effects Some of the most significant negative effects of sleep debt may not obvious to an outside observer, but can cause severe impairment on a daily basis, including: failure to stay alertproblems with the ability to think clearlymemory impairmentsfalse memoriesincreased levels of stress hormoneshallucinationstriggering of maniasymptoms of psychosissymptoms similar to those of attention deficit hyperactivity disorder (ADHD)trouble sustaining attentionproblems processing information You may be at a higher risk of some of these effects if you are already dealing with a physical or mental health condition. Many of the effects of sleep deprivation can also have adverse secondary effects on your life, such as interfering with your relationship, impacting your judgment, and reducing your overall quality of life. Treatment Usually, treating chronic sleep deprivation will involve treating the underlying cause or causes. For example, in the case of insomnia, treatment might include cognitive-behavioral therapy to deal with the worrying component of being unable to fall asleep. Similarly, in the case of sleep apnea, this condition would be treated. In this way, it is important to figure out what the underlying case of chronic sleep deprivation is so that treatment can be tailored to that problem. Coping What is it going to take for you to cope better with chronic sleep deprivation? There are many different strategies that you can employ if you want to get more sleep and feel better. Below are some to get you started. Improve Sleep Habits Are you getting enough sleep? Adults aged 18 years and older need 7 to 8 hours of sleep per day for optimal functioning. If you arent getting this much sleep, here are some tips to help increase the odds that you will get to sleep, get better sleep, and feel more rested: Catch up on sleep on the weekends if you are unable to get enough sleep during the week. Go to bed when you feel tired and sleep until you wake up naturally (without an alarm clock). This could mean sleeping as much as 10 hours on the weekend.Avoid caffeine, alcohol, and nicotine, particularly in the hours close to bedtime.Get regular exercise but dont do vigorous exercise close to bedtimeMaintain a regular sleep schedule as much as possible (go to bed and get up at the same time every day)Only use the bedroom for sleeping and sex (i.e., no computers, television, or other activities)Ensure that your sleeping area is dark and cool enough to be comfortableIf you have trouble falling asleep, try relaxation techniques designed to help you calm down such as guided meditation, guided imagery, deep breathing, or progressive muscle relaxationIf you have insomnia, see a therapist for strategies on how to calm your anxious mind to make it easier to eventually fall asleepKeep a sleep log or dia ry where you write down the time that you fall asleep and wake up each day. This will help you track whether you are getting enough sleep, and will also help your doctor to understand your sleep patterns if you need to ask for advice.Attend a sleep study to evaluate whether you have a sleep disorder or medical condition that could be affecting your sleep.Avoid large meals before bedtime.Spend time outdoors whenever possible during the day to make it easier to sleep at night.Take a relaxing hot bath before bedtime.If you take naps, try to restrict them to 20 minutes or less, so that they dont interfere with your regular sleeping patterns.If you are a shift worker, try to limit shift changes, take naps to make up for lost sleep, and use curtains that block out daylight if you must sleep during off times.If you find yourself struggling to stay awake while driving, stop and take a 15 to 20 minute nap. Also, as much as possible, avoid driving alone between midnight and 6 am. Sleep Deprivation and Depression We know that sleep and mental health are intertwined, but its worth saying a few more things on the topic. First, it helps to understand exactly what happens when you are sleeping. There are two types of sleep: NonREM sleep and REM sleep. During NonREM sleep, everything in your body relaxes. This is the period during which your immune system is restored. its also called slow wave sleep. Then, during REM sleep, your body becomes in an alert state, similar to when you are awake. During REM sleep, you dream, and you discharge various neurotransmitters. Each night, you cycle through about 3 to 5 cycles of each of these types of sleep. The interesting part about this last fact is that because of this, chronic sleep deprivation may actually act as an antidepressant for some people experiencing clinical depression. We already know that people experiencing a manic episode as part of bipolar disorder appear to need less sleep. So, what researchers think happens is that in people who have clinical depression, when REM sleep is disrupted, there is improvement in mood because of increased serotonin, tryptophan, taurine, etc. In other words, the concentrations of these neurotransmitters build in the brain instead of being cleared out. Interestingly, this effect seems to be linked to a tendency for eveningness, or finding it easier to sleep later and go to bed later. However, the odds of relapse when using this treatment are high. Using light therapy may reduce the risk for relapse. How to Get More Sleep If you are living with chronic sleep deprivation, you know that it can disrupt all areas of your life. However, that does not mean that you have to live with this condition without relief. If you have not already, please go visit your doctor and tell him or her about the symptoms that you are experiencing. Its important that medical causes be ruled out before other options are explored. And, theres much that you can do on your own to cope with sleeping issues. Be sure that you are following best practices to get 8 hours of sleep. When thats not possible, try to get caught up on your sleep when you can, because lack of sleep accumulates in the same way that a debt snowballs. Finally, know that you are not alone living with chronic sleep deprivation. As our world has changed and people are working various schedules, glued to technology, and finding it harder and harder not to worry themselves to sleep at nightâ€"youre not the only one. If your doctor has ruled out any physical cause, its possible that talk therapy such as cognitive behavioral therapy could help you to regulate your worrying at night. Some simple tips to get started would include setting aside a worry time so that you dont have to go over your problems at night and instead deal with them at a set time each day. Another tip would be to keep a notebook beside the bed to jot down problems and issues as you think of them, so that your mind does not keep churning through them as you try to get to sleep. A Word From Verywell Have you made a plan to deal with your chronic sleep deprivation? Thats the best way to make sure that you are actually taking action and not just gathering information. At some point, its important to sit down alone or with your doctor to make an action plan with concrete steps that will help you to get your sleep deprivation under control. Whats more, you could find that once you start sleeping better, you have more energy and feel better able to deal with daily issues. It could be that you are more sleep deprived than you realize and that it will be only through changes to improve your sleep that youll finally notice a change during your daily waking hours. Whats your plan? Be sure to write one down now while you still have all this information fresh in your mind. And, if youre hoping to help a friend or family member, be sure to jot down notes on what might help that person so that you dont forget the next time you see them. How Exactly Does Stress Affect Sleep?

The Seven Habits of Highly Effective People - 3534 Words

The Seven Habits An Overview In 1989, Stephen Covey s book The 7 Habits of Highly Effective People started a landmark revolution in how we think about time and life management. In this book, Covey presents seven principles for developing effectiveness in our private and public lives. By developing these habits, one moves from being dependent on other people to being and acting independently. Then we learn how to move to the more advanced state of interdependence and successful Cooperation. As a part of the seven habits. Covey introduces important and powerful techniques of time management under the habit of Put First Things First. It is necessary to understand (and Practice) all seven habits so that the tools of time management can be†¦show more content†¦Habit 3 : Put First Things First. The habit of personal management. First Things are those things you find most worth doing according to your personal vision of your mission. We use these priorities to manage our time and events so that every day we ar e sure to keep these first things first in our lives. A key concept related to this habit is Quadrant II Planning. The diagram at the end of this section is what Covey calls a Time Management Matrix. The top of the matrix divides the blocks into things that are Urgent, and Not urgent, and the left side divides the matrix into Important and Not important. Here is a summary of the quadrants. Quadrant I : Urgent and important. This quadrant includes those items that represent true crises (your mother has a stroke and you need to bring her to the hospital), deadline driven projects (a paper that has a deadline that can not be moved, and represents a substantial part of your grade) and other such truly important and pressing items. Quadrant II : Not urgent but important. This quadrant includes items that are truly important in our lives (preparation, relationships, relaxation, self-renewal, etc.) that we truly need to do to maintain our PC abilities. Unfortunately, since they are not urg ent (Oh, I can put that off!) we tend not to do them. We procrastinate because they are not urgent. Unfortunately, if we do this long enough, this tends to create highly urgent crisesShow MoreRelatedThe Seven Habits Of Highly Effective People1652 Words   |  7 PagesIntroduction This paper takes the topics and theories discussed in the book; The Seven Habits of Highly Effective People and applies it to nursing practice. We will take a look at the book’s background and how the work is implemented in nursing. Throughout this paper, I will introduce a few of the relevant habits, what they represent and how they can be applied to different nursing roles. Furthermore, I will conduct a personal reflection on how the topics presented influenced my personal growthRead MoreThe Seven Habits Of Highly Effective People1860 Words   |  8 PagesKenny Sides Mr. Martin Principles of Management 17 November 2015 Word Count: 1877 The Seven Habits of Highly Effective People In the book, The Seven Habits of Highly Effective People, the writer Stephen Covey seeks to help the reader learn how they can better their life. Covey mentions a total of seven habits that he believes can lead to a more productive life and help the reader become more of a leader. He firmly believes that we have the power to become stronger and change ourselves for the betterRead MoreEssay on The Seven Habits Of Highly Effective People1782 Words   |  8 PagesThe book that I decided to read for this assignment was The 7 Habits of Highly Effective People, by Stephen R. Covey. Initially, my reason for selecting this book was because my boyfriend had begun to read it and I noticed a drastic change in his vocabulary, which was beginning to irritate me. He was explaining every word and action in terms of choices; I choose to do this or I chose to feel that. And, because I didnt understand where he was coming from, I got aggravated and asked him to quitRead More Seven Habits Of Highly Ef fective People Essay1073 Words   |  5 Pages THE 7 HABITS OF HIGHLY EFFECTIVE PEOPLE The 7 Habits of Highly Effective People was written by Stephen R. Covey in 1989. This book has been on the National Best Seller list for over 200 weeks. Many people have attended Covey’s seminars on the subject. Many companies have required top executives to read this book including AT amp; T, Dow Chemical, Ford, Deloitte and Touche, Marriott, Xerox and Ritz Carlton Hotels. This book proposes that there are seven habits that can be learned to improveRead MoreSummary of the Seven Habits of Highly Effective People2323 Words   |  10 PageslIn â€Å"The Seven Habits of Highly Effective People,† Stephen Covey helps people become more effective when dealing with the significant challenges of life. In details, Stephen Covey provides guidelines for managing time and balancing studies, social life, job, and other priorities. The first three habits are focused on personal victories. They teach how to develop self-mastery and dependence. Those three habits are: Be Proactive, Begin with the End in Mind, and Put First Things First. Habits four, fiveRead MoreThe Seven Habits of Highly Effective People Essay2414 Words   |  10 PagesThe Seven Habits of Highly Effective People When facing a problem, human nature looks for a â€Å"quick fix.† Whether it is the latest diet fad or a get rich scheme, almost all â€Å"quick fixes† produce the same short-lived results and often no results at all. As a society, we are drawn to the appeal of a quick and easy route which leads to immediate results. We have grown accustomed to an easy lifestyle that uses superficial tactics when interacting with others. The problem with these quick fixes is thatRead MoreThe Seven Habits of Highly Effective People Essay2323 Words   |  10 PagesThe Seven Habits of Highly Effective People (Covey, 2004) has become the cornerstone of leadership and management wisdom. The habits emphasize personal responsibility and personal leadership. There is challenge in living everyday under the guidance of the habits but there is also great benefit as living the habits can influence everything we do in life. I was introduced to Covey’s seven habits through a one day semin ar at my workplace several years ago. I learned some of the terminology and a fewRead MoreThe Seven Habits of Highly Effective People by Stephen Covey727 Words   |  3 Pages Stephen Covey was an American businessman, author, educator, and keynote speaker. â€Å"The Seven Habits of Highly Effective People† is known as being his most popular work and he has since written several other books, some of which have expanded on the seven habits. â€Å"The Seven Habits of Highly Effective People† does not only entertain the idea of becoming an entrepreneur and making money, but it is also a guide that can be used to find means of living a meaningful and fulfilled life. With that beingRead MoreBook Report: Seven Habits of Highly Effective People887 Words   |  4 PagesHayes-Morrison Seven Habits of Highly Effective People Seven Habits of Highly Effective People starts off with an introduction to the concept of Paradigm Shift which is, essentially, a change in basic assumptions. Author Stephen R. Covey prepares the reader to have a change in mindset. Covey explains that there exists a different perspective amongst individuals. Two people can see the same thing but each individual can have a very different understanding from one another. The first three habits introducedRead MoreThe Seven Habits Of Highly Effective People By Dr. Covey891 Words   |  4 PagesThe Seven Habits of Highly Effective People by Dr. Stephen Covey outlines seven behaviors of a successful leader. He called it Principle-Centered Leadership (2000, p. 13). The seven habits as described by Dr. Covey are: 1. Be proactive 2. Begin with the end in mind 3. Put first things first 4. Think win/win 5. Seek first to understand†¦ then to be understood 6. Synergize 7. Sharpen the Shaw The attached profile sheet reflects a panoramic view of my alignment to some of those principles. The seven

Occurrence Of Abuse On The Childhoods Of Serial Killers

Occurrence of Abuse in the Childhoods of Serial Killers Danielle E. Higgins University of Southern Indiana Abstract Many factors contribute to the inner workings of a serial killer. One of the most prominent seems to be the incidence of some type—or multiples types—of childhood abuse. This paper discusses the different types of child abuse that could contribute to qualities of a serial killer, including several well-known serial murderers. It also discusses the different types of serial killers and the characteristics that each type portrays. Occurrence of Abuse in the Childhoods of Serial Killers Serial murder is one of the most horrific acts that a person can commit. Multiple murder can be broken down into three different types: mass murder, spree murder, and serial murder (Knight, 2006). Mass murder involves killing three or more individuals in one place during one short time span, spree murder involves killing three or more individuals within a time period of 30 days, and serial murder is killing three or more individuals over a time span of more than 30 days with a cooling-off period between the murders, being anywhere from days, weeks, months, or even many years (Knight, 2006). In this paper, I am going to focus on the latter—serial killers. Many researchers are interested in serial killers, mainly to figure out why these people kill the way that they do. Anderson (1994), compares serial killers to addicts—alcoholics, gamblers, drug abusers, etc.—they all seem to haveShow MoreRelatedSerial Killers And The Serial Killer1566 Words   |  7 Pagesthe serial killer is ultimately unknown, many researchers agree about â€Å"one-half of 1%† of homicides are determined to be the product of serial killers (Homant Kennedy, 2014). In order to prevent future victims, improve the ability of law enforcement to detect and apprehend, potentially incorporate treatment for current serial killers, and increase the ability to detect potential future serial killers it is important to identify characteristics that may cause one to become a serial killer. TheRead MoreOur Understanding Of Sickness And Disease1242 Words   |  5 Pageswhat caused the disease and in ideal situations how to cure it. Recent scientists have begun to look at the desire to kill as a disease. This theory poses an interesting concept that if it is a disease, then maybe there is a cure that prevents serial killers from killing. In Christer Claus and Lars Lidberg’s article they look at the desire to kill as a disease. The article states that while using Schahriar Syndrome as a model, they are able to explain even the most vicious human behaviours, such asRead MoreSpeech On Animal Abuse1550 Words   |  7 Pagesand infamous serial killers in our society -- Ted Bundy, Richard Ramirez, Jeffrey Dahmer -- commonly engaged in animal abuse during childhood. Needed Information Who? Kids/children - killers What? How animal abuse affects children/kids. When? 1946 - now Where? United states Why? Because people don’t just kill/hurt people out the blue and what are the signs of a killer. How? Killers and murders start out when they are young. Thesis Statement: People/kids that abuse animals might abuse you in the futureRead MoreSpeech On Animal Abuse1577 Words   |  7 Pagesand infamous serial killers in our society -- Ted Bundy, Richard Ramirez, Jeffrey Dahmer -- commonly engaged in animal abuse during childhood. Needed Information Who? Kids/children - killers What? How animal abuse affects children/kids. When? 1946 - now Where? United states Why? Because people don’t just kill/hurt people out the blue and what are the signs of a killer. How? Killers and murders start out when they are young. Thesis Statement: People/kids that abuse animals might abuse you in the futureRead More The Life of Mass Murderer, Henry Lee Lucas Essay1037 Words   |  5 PagesBobit) He confessed to hundreds of murders to prove several points, as well as to delay his death sentence. Lucas lived through a childhood of abuse and neglect. If there is a case that proves a persons childhood is reflected in their later actions this could certainly be one. He was never taught that life had any value and perhaps this led him into a life of crime. (killer index) Henry Lee Lucas was born on August 23, 1936, in Blacksburg Virginia. Lucass mother was an abusive prostitute who forcedRead MoreEssay on The Mind of a Serial Killer2293 Words   |  10 Pagessuch wicked acts?   Ã‚  Ã‚  Ã‚  Ã‚  Serial killers always have aroused the curiosity and concern of the public. People seem to be both fascinated and repulsed by their horrendous crimes. The stories make newspaper headlines, and their gruesome murders are the subject of popular movies and best-selling books. In this paper, I will discuss what causes a human being to become a serial killer. Although social scientists have developed many theories to explain the mind of a serial killer, the scientific evidenceRead MoreThe Twisted Mind of a Serial Killer2301 Words   |  10 PagesThe Twisted Mind of a Serial Killer As police walk into an abandoned house, a foul stench overtakes them. The room is dim and looks as though no one has been here for months. They walk further into the house and begin to see spots of blood on the floor. They follow this trail down the stairs into the basement where the smell becomes overwhelming, causing some of the officers to gasp and run back up the stairs. In the basement, they find the remains of several young boys who have been molestedRead MoreLooking for the Drive of A Serial Killer Essay2886 Words   |  12 Pagesfor the Drive of a Serial Killer The minds and the inner workings of a serial killer have been analyzed, investigated, and pondered upon for many years. â€Å"Questions such as what makes his or her mind tick? Does he or she target one fitting victim? What are his or her motives?† are some of the most common that spring to mind. We all hold the power of being aggressive, of encompassing unthinkable and destructive thoughts of â€Å"torture, sadism and murder†, but we do not all become serial murderers (KnightRead MoreNature vs Nurture1880 Words   |  8 Pagesfascination with serial killers. Everything about them is interesting to us. There are so many questions that we have. It is incomprehensible to most people how someone can go out and kill dozens of people, seemingly without any remorse. Although we have such a deep interest in killers, we often do not know how to differentiate between them. All too often, we label anybody who has killed a few people as a serial killer, but that is not the c ase. There are many different typographies of killers, but theRead MoreUsing A Stratified Sampling Method1788 Words   |  8 Pagesaccuracy at any given cost. Research questions and hypotheses The main aspect of this research proposal is what factors will influence crime Occurrence. For this study, the following research questions are included: 1. Do demographic characteristics influence crime occurrence? 2. Does substance abuse impact crime occurrence? 3. Does abuse during a person’s childhood influence them to commit a crime? Using literature and the aforementioned research questions as a guide, several hypotheses were developed

The effect of the London 2012 olympic games Free Essays

As part of the London 2012 Olympic Games the Great British Government presented a legacy that they hoped would aid them to win the bid to host the games. This included what they hoped would become beneficial long-term effects socially and economically for Great Britain. One of the claims made the government was: ‘Harnessing the United Kingdom’s passion for sport to increase grass roots participation, particularly by young people – and to encourage the whole population to be more physically active’. We will write a custom essay sample on The effect of the London 2012 olympic games or any similar topic only for you Order Now Department for Culture, Media and Sport, 2010) Meaning that hosting the games would change the nation’s attitude towards physical ctivity, contributing to a hopeful increase in participation in sport. This investigation explores the link between hosting the Olympic Games and sports participation in the host country, in particular around the host city of London. The study focuses on measuring the legacy effects a year after the games began. This research is being created to gain a greater understanding about how the 2012 Olympic games has affected the nation – London in particular. With this information we also would like to make the results more specific and find out: how the Olympic legacy has inspired people and how distance of residency from the Olympic stadium ill affect their perceived perception of the games and finally what economic and social barriers may stand in the way of individuals becoming involved post- Olympic Games. METHODS DESIGN Data generation was carried out from the Opening Ceremony (27th July 2012) to exactly one year after the Opening Ceremony (27th July 2013). The approach taken was twofold, firstly a questionnaire was conducted. The first method of this study uses a self-completion questionnaire to determine a link between the London 2012 Olympic Games and the perceived impact on sports participation across England. This allows participants to self-evaluate the impact of this event, and thus provides a subjective evaluation, but still shows an important social indicator. The questionnaire includes close-ended questions for easier completion and so respondents do not tire, and therefore a larger response is more likely making the data more representative. The Likert scale will be used; respondent’s attitudes will be obtained by asking them to respond to a series of statements, in terms of the extent to which they agree with them, where 1 was ‘Strongly Disagree’ and 5 was ‘Strongly Agree’. The number of uestionnaire. Examples of positive statements are: ‘grassroots participation would be boosted. An already sports-mad nation would get fitter and healthier. ‘ (Department for Culture, Media and Sport, 2010). And, ‘These champions and potential champions provide an important inspiration forothers to ‘have a gd. McKay, 1991). Examples of negative statements for use in the questionnaire are: sports organisations need to ensure that marketing is sensitive to consumer resistance arising from an awareness of how difficult it is to emulate our sporting heroes and heroines. ‘ (Hindson et al. 1994). And, ‘It’s no good having a great Olympics in 2012 and inspiring many young people to take up sport if we don’t have the facilities, coaching and infrastructure to get them involved and keep them in sport. ‘ (Draper, 2003). Research conducted by Hindson et al. (1994) concluded that the Olympics had a positive effect on club membership. Conversely, Edcoms (2007) found no clear correlation between hosting the Olympic Games and sport participation as a long-term affect, however, may lead to short-term gains. The second part of the process involved another questionnaire. This part of the study involved obtaining socio-demographic information including age, gender and distance of residency from the Olympic Park, all of which could affect a residents perspective of the event. Previous research has indicated that reactions could be based on these key factors (Twynam Johnston, 2004). Research has indicated that in ethnic minorities, such as East London, barriers exist such as unaffordable facilities and unavailable childcare, high crime rates, fear for personal safety and culturally inappropriate activities are of primary importance and may influence willingness to articipate (Seefeldt et al. , 2002). The chosen technique to distribute the questionnaires was the ‘drop and collect’ method. This involves the hand delivery and collection of the questionnaires, providing a cost effective, reliable and very fast method to complete this research. Respondents are able to complete the questionnaire at their own pace therefore are more likely to complete it. The technique avoids interviewer bias and control over the selection process. How to cite The effect of the London 2012 olympic games, Papers

Cloning How Far Will It Go free essay sample

Essay, Research Paper Cloning: How far will it travel? Everyday people find themselves at a hamlets that requires a determination as to which way to follow. In the past few old ages, scientists have gained cognition about cloning that could impact our lives for centuries to come. As a society we are at a hamlets and we will hold to make up ones mind how to utilize this cognition. Will we take to increase our power over nature or will we develop a partnership? There are many benefits of cloning, but do they outweigh the possibility of losing familial diverseness, confronting familial favoritism, and the chilling effects portrayed in scientific discipline fiction books like Brave New World and 1984, and films like Gattaca and Planet of the Apes. ? Cloning is the production of a genetically indistinguishable extra of an being? ( Hawley 1 ) . In a sense, many workss, algae, unicellular beings, and even worlds of course produce indistinguishable progeny. For illustration, the blowball reproduces asexually to make a transcript of itself. As a species it has reached a tableland and can no longer advancement. Within the human species, indistinguishable twins are basically ringers. The division of the embryo produces two embryos with the exact same familial information. The effect of a species merely bring forthing asexually is the loss of familial diverseness, which can hold inauspicious effects on a species. There is a grey country between the benefits and the jobs of cloning. Some people may state that anything that improves the lives of worlds is a benefit, but I disagree. Human cloning demands to be restricted. If taken to the extreme, human cloning could be black to mankind. First of all, nonsexual reproduction creates a population with the same familial information which eliminates familial diverseness. Without diverseness, one disease could pass over out the whole population because no individual would be able to contend a disease any better than anyone else. In Brave New World, the writer writes about? doing 96 human existences turn where merely one grew before. ? Can you conceive of that many people walking around that look precisely like you? It is true that people today have lost some sense of individualism because of peoples? desires to accomplish society? s ideal image, but cloning would farther deter individuality. Both our biological and societal constructions could be in h azard if we allow cloning to acquire out of control. On the other manus, cloning can be good without holding to step in in the natural reproduction of worlds. The possible benefits of cloning include bettering farm animal for ingestion by worlds, bring arounding diseases, and bring forthing cells and variety meats that are compatible with a transplant patient. Cloning could drastically better the agricultural industry. Familial information of farm animal has already been altered so the farm animal produce biological proteins that help people with diseases like diabetes and Parkinson? s. Besides, it would be fantastic to bring around common diseases, but do we understand the impact of bring arounding diseases? Our population would skyrocket and new diseases would likely develop from mutants. Although, I know if I had malignant neoplastic disease or Alzheimer? s disease I would desire there to be a process to extinguish these diseases from my cistrons. Theoretically, utilizing cloning or more specifically, familial technology, to extingu ish diseases is similar to utilizing inoculations to forestall infantile paralysis, poulet syphilis, and rubeolas. This cognition could besides be used to develop? nervus cells for spinal cord hurts, skin cells for Burnss, and bone cells for osteoporosis? ( Meek ) . These cells are so used to replace the blemished cells. It is difficult to state where to pull the line on researching these techniques. As a society, we can? t dressed ore on salvaging the lives of a few people and bury to concern ourselves with the long term effects on the species as a whole. If we do, our hopes of bettering the our lives today may stop the lives of our posterities. There are many possibilities within the range of cloning, will we? play God? or be a spouse of nature? Now consider the possible jobs and ethical issues that could originate from cloning. Scientists are working to detect new techniques to better human life, but will these techniques be misused and who determines how they are used in the first topographic point? A normally discussed issue of cloning is if we are? playing God. ? The cognition of cloning allows us to step in with nature more than of all time thought possible. Alternatively of leting nature to work its rhythm of endurance of the fittest, worlds have chosen one time once more to rush the procedure along in hopes of making a better species of genetically enhanced worlds. First of wholly, people should non be allowed to take the sex of their babe. If we allow this to go a common process, so shortly parents will be bespeaking a certain tallness, weight, hair, and oculus colour, and doing certain the babe has no diseases. Journalist, Jennifer K. Nii, says, ? It may be through our best purposes that we create this brave new uni verse, but it may besides take to a universe where our kids become the ultimate shopping experience. ? It would be unfortunate to allow humanity be lost to the procedures associated with picking the right colour pigment or sofa for a room or the perfect auto to look cool in. These are material things, and nature and her procedures are corrupted by the thought of? manufactured goods. ? In Brave New World, cloning leads to a civilization with no sense of nature ; everything is developed on the production line. The civilization lacked regard for humanity because it treated worlds as machines whose parts could be put together in specified ways. It would be a sedate error to let society to utilize scientific discipline to accomplish its idealised image of flawlessness. Familial make-up will switch from the? unmanageable manus of destiny? to the determinations of parents woolgathering of a perfect kid ( Teich 311 ) . Other upseting processs could originate from cloning. For illustration, people might hold the ability to clone a deceasing household member or pet. This may decrease the compunction, but in actuality, the ringer will non be precisely like the original. The ringer has the same cistrons, but still may be a different tallness, weight, and have a different personality. Besides, the ringer would non be considered a different individual because the ringer would be make fulling the nothingness of the original individual. This is really immoral and scandalous to the human race. Human life would lose its costliness and go excessively manufactured and governable. Additionally, the thought of bring forthing a full homo ringer to supply variety meats and trim parts for the original individual has been mentioned. These processs change the significance of humanity. It shows a deficiency of regard for human life. Another effect of the cognition associated with the research of cloning is familial favoritism. From birth to decease personal familial information could hold profound effects on the lives of people. Would you like to cognize at birth that you have an 80 per centum opportunity of deceasing at age 30 of bosom disease? The ability to find a individual? s diseases would do it hard for a individual to have wellness insurance. For this ground, people could be rejected from occupations because the employer doesn? T want person with bosom disease or doesn? T want to pay the high insurance costs of an unhealthy individual. A new category construction would organize ; the morbid people and the healthy people. The thought of being predestined to a certain category is chilling because it eliminates geographic expedition, advancement, and chance. In Brave New World, the people non merely couldn? Ts decide their hereafter, but they couldn? T choose what they wanted to have on or who to be friends with. Bing predestined to a certain type of life is a world today, but alternatively of being classified by the socioeconomic group one is born into, scientific methods would find those who should win. Today, pigeonholing can be overcome, whereas something every bit absolute as an familial profile can non. The film Gattaca, reveals the possibility of cloning doing a division in society based upon the method of birth ; natural versus genetically cloned. The natural Born, Ethan Hawke, is considered weak and stupid. The minute he was conceived he was demarcated to a life as a janitor. On the other manus, his brother, whose cistrons were specifically chosen by his parents is destined for success. It would be unrighteous to extinguish the possibility of mounting to the top of society? s ladder by pinioning people to the lower category based on cistrons. Genes don? T tell the whole narrative because if they did so indistinguishable twins would hold the same personality, intelligence, and, of class, the same opportunity for success. It is obvious that the environment one lives in, significantly affects the route they will go through life. Do we desire a society in which cistrons dictate all that one is allowed to accomplish? This would intend a society in which people were? shackled by their lineage? ( Teich 313 ) . Besides, how does duty associate to one? s actions. If cistrons are used to find how successful one will be, so why can? t person say that it wasn? t his mistake that he murdered a individual, it was his bad cistrons that caused him to make it? The complexnesss of human life would be lost if we allowed cistrons to find one? s ability to win, alternatively of leting personality traits like leading, kindling, and passion to be the key to accomplishing success. Another signifier of favoritism that research of cloning could light is racism. Imagine a group similar to the Nazi? s taking to extinguish a race because of a minute insufficiency revealed by familial information. If it were found that one race normally had impaired motor accomplishments, so the whole race would be branded as inept. Who knows what race murder could be started by this information. It appears that we as a society demand to be reminded that merely because we have the ability to make something, doesn # 8217 ; t intend that we should or that the consequences will be positive. It is human nature to desire to detect new things. Discoveries can take to come on or arrested development, depending on who controls the information. Cloning, if used decently, can be effectual in heightening human life, but in the incorrect custodies cloning may take to the devastation of humanity as we know it today. Cloning has the possible to be far more important that the development of the atomic bomb? a tool that we knew how to do, but many people expressed concern about its development. And now we must populate mundane cognizing we killed 1000000s of guiltless people. It will be of import that we use this cognition about cloning in a manner that? cherishes our human ability to exceed biological science, that enshrines our spontaneousness, capriciousness, and single singularity? ( Te ich 313 ) . Science alterations society. Society must larn to command scientific discipline. Plants Cited Hawley, Aaron. ? Cloning. ? hypertext transfer protocol: //members.tripod.com/ cloning/cloning.txt Meek, James. ? Scientists Defend Clone Research. ? World Reporter 13 April 2000. Nii, Jennifer K. ? Biotechnology brings universe to eve of new age. ? Deseret News Publishing Company: 21 April 2000. Teich, Albert H. Technology and the Future. New York: St Martin? s Press, 1997.

Introduction to Sociology of Religion

The Judiciary Act of 1801 and the Midnight Judges

The Judiciary Act of 1801 and the Midnight Judges   The Judiciary Act of 1801 reorganized the federal judicial branch by creating the nation’s first circuit court judgeships. The act and the last-minute manner in which several so-called â€Å"midnight judges† were appointed resulted in a classic battle between the Federalists, who wanted a stronger federal government, and the weaker government Anti-Federalists for control of the still-developing U.S. court system. Background: The Election of 1800 Until ratification of the Twelfth Amendment to the Constitution in 1804, the electors of the Electoral College cast their votes for president and vice president separately. As a result, the sitting president and vice president could be from different political parties or factions. Such was the case in 1800  when incumbent Federalist President John Adams faced off against incumbent Republican Anti-Federalist Vice President Thomas Jefferson in the 1800 presidential election. In the election, sometimes called the â€Å"Revolution of 1800,† Jefferson defeated Adams. However, before Jefferson was inaugurated, the Federalist-controlled Congress passed, and still-President Adams  signed the Judiciary Act of 1801. After a year filled with political controversy over its enactment and implantation, the act was repealed in 1802. What Adams’ Judiciary Act of 1801 Did Among other provisions, the Judiciary Act of 1801, enacted along with the Organic Act for the District of Columbia, reduced the number of U.S. Supreme Court justices from six to five and eliminated the requirement that the Supreme Court justices also â€Å"ride circuit† to preside over cases in the lower courts of appeals. To take care of the circuit court duties, the law created 16 new presidentially-appointed judgeships spread over six judicial districts. In many ways the act’s further divisions of the states into more circuit and district courts served to make the federal courts even more powerful than the state courts, a move strongly opposed by the Anti-Federalists. The Congressional Debate Passage of the Judiciary Act of 1801 did not come easily. The legislative process in Congress came to a virtual halt during the debate between Federalists and Jefferson’s Anti-Federalist Republicans. Congressional Federalists and their incumbent President John Adams supported the act, arguing that more judges and courts would help protect the federal government from hostile state governments they called â€Å"the corrupters of public opinion,† in reference to their vocal opposition to the replacement of the Articles of Confederation by the Constitution.    Anti-Federalist Republicans and their incumbent vice president Thomas Jefferson argued that the act would further weaken the state governments and help Federalists gain influential appointed jobs or â€Å"political patronage positions† within the federal government.  The Republicans also argued against expanding the powers of the very courts that had prosecuted many of their immigrant supporters under the Alien and Sedition Acts. Passed by the Federalist-controlled Congress and signed by President Adams in 1789, the Alien and Sedition Acts were designed to silence and weaken the Anti-Federalist Republican Party. The laws gave the government the power to prosecute and deport foreigners, as well as limiting their right to vote. While an early version of the Judiciary Act of 1801 had been introduced before the 1800 presidential election, Federalist President John Adams signed the act into law on February 13, 1801. Less than three weeks later, Adams’ term and the Federalist’s majority in the Sixth Congress would end. When Anti-Federalist Republican President Thomas Jefferson took office on March 1, 1801, his first initiative was to see to it that the Republican-controlled Seventh Congress repealed the act he so passionately detested. The ‘Midnight Judges’ Controversy Aware that Anti-Federalist Republican Thomas Jefferson would soon sit as his desk, outgoing President John Adams had quickly- and controversially- filled the 16 new circuit judgeships, as well as several other new court-related offices created by the Judiciary Act of 1801, mostly with members of his own Federalist party. In 1801, the District of Columbia consisted of two counties, Washington (now Washington, D.C.) and Alexandria (now Alexandria, Virginia). On March 2, 1801, outgoing President Adams nominated 42 people to serve as justices of the peace in the two counties. The Senate, still controlled by Federalists, confirmed the nominations on March 3. Adams began signing the 42 new judges’ commissions  but did not complete the task until late in the night of his last official day in office. As a result, Adams’ controversial actions became known as the â€Å"midnight judges† affair, which was about to become even more controversial. Having just been named Chief Justice of the Supreme Court, former Secretary of State John Marshall placed the great seal of the United States on the commissions of all 42 of the â€Å"midnight justices.† However, under the law at the time, judicial commissions were not considered official until they were physically delivered to the new judges. Mere hours before Anti-Federalist Republican President-elect Jefferson took office, Chief Justice John Marshall’s brother James Marshall began delivering the commissions. But by the time President Adams left office at noon on March 4, 1801, only a handful of the new judges in Alexandria County had received their commissions. None of the commissions bound for the 23 new judges in Washington County had been delivered and President Jefferson would start his term with a judicial crisis. The Supreme Court Decides Marbury v. Madison When Anti-Federalist Republican President Thomas Jefferson first sat down in the Oval Office, he found the still undelivered â€Å"midnight judges† commissions issued by his rival Federalist predecessor John Adams waiting for him. Jefferson immediately reappointed the six Anti-Federalist Republicans who Adams had appointed, but refused to reappoint the remaining 11 Federalists. While most of the snubbed Federalists accepted Jefferson’s action, Mr. William Marbury, to say the least, did not. Marbury, an influential Federalist Party leader from Maryland, sued the federal government in an attempt to force the Jefferson administration to deliver his judicial commission and allow him to take his place on the bench. Marbury’s suit resulted in one of the most important decisions in the history of the U.S. Supreme Court, Marbury v. Madison. In its Marbury v. Madison decision, the Supreme Court established the principle that a federal court could declare a law enacted by Congress void if that law was found to be inconsistent with the U.S. Constitution. â€Å"A Law repugnant to the Constitution is void,† stated the ruling. In his suit, Marbury asked the courts to issue a writ of mandamus forcing President Jefferson to deliver all of the undelivered judicial commissions signed by former President Adams. A writ of mandamus is an order issued by a court to a government official ordering that official to properly carry out their official duty or correct an abuse or error in the application of their power. While finding that Marbury was entitled to his commission, the Supreme Court refused to issue the writ of mandamus. Chief Justice John Marshall, writing the Court’s unanimous decision, held that the Constitution did not give the Supreme Court the power to issue writs of mandamus. Marshall further held that a section of the Judiciary Act of 1801 providing that writs of mandamus might be issued was not consistent with the Constitution and was therefore void. While it specifically denied the Supreme Court the power to issue writs of mandamus, Marbury v. Madison greatly increased the Court’s overall power by establishing the rule that â€Å"it is emphatically the province and duty of the judicial department to say what the law is.† Indeed, since Marbury v. Madison, the power to decide the constitutionality of laws enacted by Congress has been reserved to the U.S. Supreme Court. Repeal of the Judiciary Act Of 1801 Anti-Federalist Republican President Jefferson moved swiftly to undo his Federalist predecessor’s expansion of the federal courts. In January 1802, Jefferson’s staunch supporter, Kentucky Senator John Breckinridge introduced a bill repealing the Judiciary Act of 1801. In February, the hotly debated bill was passed by the Senate in a narrow 16-15 vote. The Anti-Federalist Republican-controlled House of Representatives passed the Senate bill without amendment in March and after a year of controversy and political intrigue, the Judiciary Act of 1801 was no more.

To what extent does the British experience differ when compared Essay

To what extent does the British experience differ when compared against the major competitors - Essay Example The cause of the increase in unemployment is still associated with various issues that citizens claim to have resulted from poor decision making in the UK. They include the agreement to join the ERM, international economics, and the Lawson boom. However, the consequences were severely bitter in the intensity of unemployment, let alone deterioration in public finances. According to Mullard, â€Å"between 1990 and 1992 UK unemployment increased from 1.8 million to nearly 3 million, while public finances moved from a positive balance in 1990 to a public sector deficit of  £50 billion in 1993 – an equivalent of 8 per cent of GDP†.The situation occurred when most of the workforce in Britain was concentrated in manufacturing industries, especially in the northern cities where steel, coal, and engineering industries were common. Although the OECD countries accounted for almost 35 million job loss between 1970 and 2000, the UK experience which fluctuated between 2 and 3 milli on job loss exceeded Germany and France who accounted for 1.1 and 1.4 millions respectively; with Yorkshire, East Lancashire, and South Yorkshire holding 10 percent each, of the unemployment rate in 1980s in UK. It is evident that the employers in UK shed more labor to minimize losses that when the calm from recession was returning, the existing labour force was insufficient to run effectively. The average rate of unemployment between 1981 and 85 was 10.5, 5.6, 6.2, 9.0 and 8.3 in UK, Italy, Germany, France and USA respectively (Irvin, 2011, p. 5).The unemployment duration seemed to contribute significantly to the increase in unemployment in

Flying the flags Essay Example | Topics and Well Written Essays - 2250 words

Flying the flags - Essay Example The airline industry is significant considering that it is one of the largest capital intensive industry segments and in addition to its contribution to the GDP it also provides employment options to a large number of individuals. The airline industry is prone to various external aspects like oil price, government regulations and market distortions. However the airline industry has shown signs of revival with all the major economies in Europe being put back on the path of economic growth. A report by Mott McDonald pegs the present value of the airline market in Europe would increase by approximately 2.3 percent by the year 2025 (Mott McDonald, 2011). Another significant aspect that has changed the shape of the aviation industry is the advent of Low Cost Carriers (LCC) following the de regulation of the aviation industry by the European and US governments. These players have grabbed a significant market share owning to their aspect of low cost which has provided them with a competitiv e advantage (European Commission & United States Department of Transportation, 2010, p.3). Mergers and acquisitions have become one of the most vital strategies that have been adopted by market players across the world including Europe to increase their market share as a means to improve the product mix (Siebert, 1989, p.10-11). Review of the EU Airline industry Europe constitutes one of the most important markets for the participants of the airline industry. The mammoth size of the European aviation market can be analysed from the fact that there are approximately 450airpots in the region which ferried approximately 751 million passengers in 2009 alone. The market has about 150 scheduled airline companies including full service and low cost carriers. In addition to this fact the aviation industry provided direct employment to about 500000 individuals and had an approximate turnover amounting 100 billion Euros as of the year 2009. The aviation industry apart from being a significant contributor towards the economy and growth of the region also serves as a means to bring together people from different regions and provides integration or all the member states of Europe as well as with the rest of the world (European Commission, 2011, p.5). Figure 1: 20 Year forecast for the Airline Industry (Source: Mott McDonald, 2011) The figure above shows the forecasted growth rates in both cargo as well as passenger segments of the European aviation market. It is clear from the figure that the airlines industry in Europe is expected to show growth rates of 5 percent and 6.1 percent in the passenger and cargo sections respectively by the year 2026 on a year on year basis. This is even more significant considering the fact that the European airline market was severely impacted by the terrorist attacks in US in 2001 as well as the financial meltdown in the recent years. The recovery of nations in the European Union has again created hopes for the resurgence of the European air line industry. Figure 2: Major Market Players in Europe and their levels of consolidations (Source: Buttner & Burger, 2008, p.8) The major market players in the European Union are shown in the figure above. The major airlines of the EU are trying to aggressively expand their business by undertaking consolidations by using strategies like mergers and

Security Incident Handling Service

Security Incident Handling Service EXECUTIVE SUMMARY 1 INTRODUCTION Expect the unexpected. As soon as a crisis erupts, it should be immediately handled to reduce its potential impact on critical business operations. Such undesirable incidents occur unanticipated and when they do take place, damage or harm is the result. In most aspects of life, it is better to stop something disastrous happening than it is to deal with it after it has happened and IT security is no exception. If possible, security incidents should be dealt accordingly from occurring in the first place. Yet, it is unachievable to prevent security incidents. When an incident does happen, its impact needs to be brought down to adequate recommended level. Security incident handling outlines the actions to follow in an event that an electronic information system is compromised. An event is declared an incident when the confidentiality, integrity or availability (CIA) elements of a system is compromised. Significant commodities such as information and knowledge must be safeguarded at all c osts. Communications within an organization and its interactions to its customer base are regarded as the life blood in this IT intensive fast paced world. If an organization is inoperative for any period of time, it may cost millions in lost business or loss of reputation. Size of an organization does not matter. Unexpected downtime influences organizations of all sizes impacting revenue, customer satisfaction and overall production. It is vital that they quickly recover from such downtime and restore operation and re-establish their presence to ensure survival. Consequently, many firms have realized the importance of setting up incident handling procedures. One of the drawbacks is that many organizations learn how to respond to security incidents only after suffering from them. In the course of time, incidents often become much more costly. Proper incident response should be an integral part of the overall security policy and risk mitigation strategy. Incident handling procedures that are in place in an organization improves to maintain the business continuity of critical operations. In todays competitive economy, a company cant afford to cease critical business operations and remain idle for long period of time because of lack of incident handing procedures. Thus, an organization needs to be well prepared for continuity or recovery of systems. This typically requires a considerable investment of time and money with the aim of ensuring minimal losses in the event of a disruptive event. The goal of setting up incident handling procedures is to know exactly what to do when an incident breaks out. This means anticipating scenarios before they occur and making appropriate decisions about them in advance. Those assessments typically demand consultation and senior management support, hence these people are needed early immediately after an incident has been confirmed. For example, just deciding who to tell when an incident occurs can be hard to determine. Manageme nt needs to provide input to respond quickly and this embarks into issues like after hours support and mixed project/support roles. External support may also be sought, resulting in additional cost, time and effort to select partners. 1.1 PURPOSE OF THE DOCUMENT This document provides guidance to identify and record the nature and scope of a computer security incident handling service. This paper discusses the functions that support the service, how those functions interrelate and the tools, procedures and roles necessary to implement the service. It also concentrates on incident analysis. For example, we can make a comparison between a fire that broke off in an apartment and a computer security incident that happened in an organization. Similarly as a fire department will investigate a fire to know where it originated from, a Computer Security Incident Response Team (CSIRT) tries to figure out how the security incident occurred. Both the fire department and CSIRT operate in the same approach. A fire department needs to get along with other fire departments on it can depend on for additional support in peak times or to tackle a serious catastrophe. It must cooperate with other emergency units to react promptly and provide law enforcement. Th is document will discuss how CSIRTs interact with other organizations, such as the department that reported the security incident to it, other CSIRTs, law enforcement and the media. Both fire department and CSIRT need to properly handle information, some of which is sensitive and relevant to the individual held responsible for the crime. Information handling is considered to be an indispensable discussion subject in this paper. CSIRTs propose client confidentiality in the same manner that many emergency units do, safeguarding reporters and victims from public disclosure. CSIRT survival depends on handling confidential information appropriately, because if it cant be trusted, nobody will report to it, thus making it almost useless. CSIRTs have committed permanent staff as well as part-time, volunteer staff and reliable security experts to handle an unexpected security emergency. Its staff is at the frontline in event of a crisis, CSIRT achievement depends on their interaction with th e outside world and the image that they project by the way of performing their duties and the service quality that they provide. To attain such high level of success, recruiting suitably competent staff seems to be a complicated process. People in charge of appointing CSIRT staff mistakenly look for unsuitable set of talent and ability in prospective employees. For that reason, this paper discusses staffing and hiring concerns and actions to guarantee that CSIRT staff offer reliable, pleasant and specialized service. Other services besides the incident handling service, such as the supply of intrusion detection assistance and vulnerability handling are also provided by CSIRT. The information in this paper is understandable in such a manner that is basic to the reader to put it into operation to any type of CSIRT setting, from in-house team for a company to an international coordination center. This document is intended to present a valuable foundation to both recently created teams and existing teams where there is a lack of clearly defined or documented services, policies and procedures. This paper is more appropriate to use during the early stages when a company has acquired management support and funding to set up a CSIRT, before the team becomes operational. Moreover, this paper can be still a valuable reference document for already operational teams. 1.2 INTENDED AUDIENCE The general CSIRT community who may require a better knowledge of the composition and objectives of their existing teams will benefit from this document. It also targets individuals and organizations who are likely to join the CSIRT community in the near future. It is precisely aimed at managers and other personnel who take part in the process of setting up and leading a CSIRT or managing incident crisis. The list may include Chief Information Officers, Chief Security Officers and Information Systems SecurityOfficers Project leaders and members in charge of creating the team CSIRT managers CSIRT staff IT managers [1] Higher management levels and all CSIRT staff can use this paper as a useful reference. This document can also be utilized by other individuals who work together with CSIRTs. This may include members of the CSIRT constituency law enforcement community systems and network administrator community CSIRT parent organization or other departments within the parent organization such as legal, media or public relations, human resources, audits and risk management investigations and crisis management [2] 2 MAIN CONTENT Definition of Security Incident The Information Security Management Handbook defines an incident as any unexpected action that has an immediate or potential effect on the organization [3]. Whenever the safety and stability of an information system is compromised, such instance can be referred to as a security incident. There are several different definitions of security incidents; one is A violation or imminent threat of violation of computer security policies, acceptable use policies, or standard computer security practices [4], another definition describes the security incident as any event that may threaten or compromise the security, operation or integrity of computing resources [5]. In other words, a security incident is a state of violation of security policy in an organization and the security of their information system. Security incident refers to a common term that encompasses any type of security breach regardless of location, the level of the threat or the magnitude of it. The commonly known factors of security incidents are events and actions that expose one or more basic elements of information security: confidentiality, integrity and availability (CIA) of information systems. An incident can be caused by authorized or unauthorized personnel, process, hardware or software. It can be an accident as well as a planned malicious action. Handling security incidents In the course of a crisis, time runs short in terms of about what to do, who will do it or how it will get done, therefore it is vital to arrange for a response in advance. The better prepared you are for an incident, the more likely you are to respond correctly. Proper set-up of an incident handling procedure can help to lessen impact of undesirable incidents. The objective of such procedure in place is to provide a framework for an orderly, coordinated response by appropriate resources within the organization. It is in a companys own benefit that it establishes a Computer Security Response Capability, a process that provides centralized response and reporting functions for security incidents. According to (Computer Security Incident Handling Guide, National Institute of Standards and Technology, March 2008), establishing an incident response capability should include the following actions: Creating an incident response policy plan Developing procedures for performing incident handling and reporting, based on the incident response policy Setting guidelines for communicating with outside parties regarding incidents Selecting a team structure and staffing model Establishing relationships between the incident response team and other groups, Determining what services the incident response team should provide Staffing and training the incident response team The â€Å"Cyberthreat Response and Reporting Guidelines† report, jointly approved by the FBI and US Secret Service recommends that the better equipped a company is in the event of a security event, the better probability it has to reduce the impact of the crisis. This recommendation is actually one of the chief responsibilities of a CSIRT, to be well organized to successfully cope with an incident when they happen and to help prevent incidents from occurring in the first place. As a starting point, the team should have a strategy plan for incident handling. This plan should be supported with documented policies and procedures. According to (State of the Practice of Computer Security Incident Response Teams, October 2003), the incident response plan identifies the mission and goals of the team, the team roles and responsibilities; the services provided; and policies, procedures, processes, and guidelines related to incident handling. The incident response plan is not only inten ded for CSIRT employees, but also for community that they serve. From that viewpoint, both parties should be proficient about what to report, how to report it and to whom it should be reported. The plan should also describe the expected level of service that is reasonable. Staff who is accustomed with computer security incidents recognize the fact that these incidents vary in shape and size. Some are quite uncomplicated, easy to cope with and mitigate while other are extremely severe and very complicated or can have harsh impact on IT systems and necessitate proper authority to respond to effectively. In the event of a crisis, adhering to the plan in place will facilitate the organization to promptly isolate disruption cropping up on IT systems or networks as well as to assist to counteract to such events. It may alleviate potential risk such as loss of company reputation, trust or financial status. For existing CSIRTs who dont have a robust plan, they can still manage with some bas ic guidelines. They can make use of their current incident handling procedures as a guideline, in the meantime they can revise their existing documentation. They can rely on those basic guidelines namely the plan to handle incidents, areas of responsibility, general and specific procedures. Other typical guidelines can include an incident response checklist as well as procedures for what type of activity to report and how that information should be reported. A company needs to take into consideration several factors prior to planning an incident response capability. They include introducing a point of contact for reporting incidents pinpointing the aims and objectives of the team distinguishing and selecting the staff and necessary expertise offering direction for reporting and handling incident reports allocating proper security awareness and incident response training for CSIRT staff launching and promoting specific incident handling and security policies and procedures for the CSIRT exposing lessons learned with other colleagues designing a benchmark to monitor the effectiveness of the CSIRT devising strategy to allow coordination between the CSIRT and internal and external parties Organizations or the team typically approve policies and record them. It is crucial to know what these policies consist of and to ensure that they are properly implementable, enforceable in the workplace. Like the mission statement, senior management approves and enforces policies. The policies need to be openly expressed and well understood by each team member, technical, management or administrative. It will be a difficult task for the staff to appropriately execute and carry out their duties without a clear understanding of the policy. In order to write a clear policy, it is best to avoid excessive jargon. Whenever possible, consult someone who is not in security or IT to examine the policies. Rephrase the policies if not understood. Use very short sentences. A good policy is a short one. A security policy should be concise, well segregated between the management aspect (the policy) and the operational aspect (the procedures). Moreover, a policy must be both implementable and enfo rceable, or else it doesnt have any purpose. It is easier to implement a policy if it is well designed and relevant to the needs and goals of the CSIRT. Truly effective policies address genuine needs within a business, making the staff willing and even eager to implement them because they make operations smoother and give the business added reliability. Top management should execute appropriate actions or steps to enforce a policy. Policies must be enforceable; otherwise they are of little or no value. Usually when a policy ismplementable, it is normally also enforceable unless it contradicts itself. Concrete measures are needed to assess the usage of the policy. Example: An example of a contradictory policy is the security policy that ranks internal information security as priority number 1 but at the same time ensures absolute privacy for its staff; the latter makes it hard or even impossible to enforce security in case of an insider threat. To successfully develop and implement s ecurity policies, top management needs to be involved in and strongly support the project (Lam, 2005). A proposal with a report of external and internal requirements and a draft assessing budget can easily persuade managers to support the development and implementation of a security project. Having management support and authorization can resolve money and time issues. These managers can allocate the required budget and allow sufficient time for development and implementation. In addition, top management has power to affect processes by requiring employees to participate (Kearns Sabherwal, 2006). How to Implement Security Policies Successfully The implementation phase probably is the hardest phase in the life cycle of developing and maintaining security policies. Many organizations fail in this phase. To effectively and efficiently implementing security policies, teams first need to resolve many issues. Lack of strong management support (Fedor et al., 2003; Lam, 2005), lack of budget (Kearns Sabherwal, 2006; Martin, Pearson, Furumo, 2007), lack of implementation time (Walker Cavanaugh, 1998), lack of strong leadership (Fedor et al., 2003), lack of awareness of benefits of implementing security policies—â€Å"why for† (Hansche, Berti, Hare, 2004)—, or ineffective communication with users (Jackson, Chow, Leitch, 1997; Walker Cavanaugh, 1998) may cause problems. Resolving all of the above issues can help in successfully implementing security policies. Computer Security Incident Response Team (CSIRT) A team is a focal component of incident response plan, policy and procedure creation so that incident response is dealt effectively, efficiently and consistently. The team should cooperate with other teams within the organization towards a central goal which encompasses the plan, policies and procedures. Outside parties such as law enforcement, the media and other incident response organizations can also be contacted. Computer Security Incident Response Team is regarded as the nerve center of an incident response plan. It is normally composed of a team manager, a management advisory board and other permanent and temporary team members. The temporary staff provides advice on technical, business, legal or administrative issues, depending on the nature and scope of the incident. The team assists the organization to identify and document the nature and scope of a computer security incident handling service. The team manager supervises labour of the team members, presents ongoing status i nformation to the Chief Information Officer (CIO) and other senior management and requests assistance on expert advice outside of IT department when needed. This role leader should be accustomed with computer security issues, the function of IT areas and staff, general company operations as well as the duty of other employees in the institution who may serve as resources for the CSIRT. Under challenging situations, the team manager must be able to coordinate teamwork with other staff and to deal properly with circumstances that necessitate discretion or confidentiality. The technical leaders role is to assess the characteristics and severity of an incident, propose recommendations on security control and recovery issues to the team manager and requests on additional technical resources if needed. This role should possess a broad understanding of operational and systems security. Other employees can join the team on a spontaneous basis and remain team members until closure of inciden t. Additional resources may be required to serve areas such as: law enforcement, legal, audit, human resources, public relations, facilities management or IT technical specialties. The table below shows a list of members who should be included in the CSIRT and their roles in the team. Table 1: Team members in IRT Source: table from page 4-2 of Incident Response Procedure for Account Compromise Version 1.2 2004 by Visa International Besides their technical expertise, CSIRT staff distinctive quality is their motivation and talent to stick to procedures and to present a professional image to customers and other parties working together with them. In other works, it is more convenient to appoint staff with less technical expertise and excellent interpersonal and communication skills and subsequently train them in a CSIRT-specific environment than vice versa. Communication of a team member who is a technical expert but has poor communication skills may brutally ruin the teams reputation while interactions that are dealt with competently will assist to improve the teams standing as a valued service provider. Possessing a broad range of interpersonal skills is significant since team members are frequently in contact with each other and other parties such as law enforcement, legal, human resources. T hus, these professional interactions that CSIRT employees adopt will influence the reputation of the team and special concern to an individuals interpersonal skills matters. Some interpersonal skills, required for incident handling staff, are listed below: logical judgment to formulate effective and suitable decisions in time of crisis or under pressure or strict time constraints effective oral and written communication skills for interaction with other parties discretion when dealing with the media aptitude to follow policies and procedures enthusiasm to learn new things challenge to work under pressure teamwork reliability to maintain teams reputation and status readiness to accept ones own mistakes problem solving skills to efficiently handle incidents time management skills for high priority tasks Apart from interpersonal skills, CSIRT staff should possess fundamental understanding of technology and issues on which they base their expertise. The following technical know-how is crucial for CSIRT staff: public data networks (telephone, ISDN, X.25, PBX, ATM, frame relay) the Internet (aspects ranging from architecture and history to future and philosophy) network protocols (IP, ICMP, TCP, UDP) network infrastructure elements (router, DNS, mail server) network applications, services and related protocols (SMTP, HTTP, HTTPS, FTP, TELNET, SSH, IMAP, POP3) basic security principles risks and threats to computers and networks security vulnerabilities/weakness and related attacks (IP spoofing, Internet sniffers, denial of service attacks and computer viruses) network security issues (firewalls and virtual private networks) encryption technologies (TripleDES, AES, IDEA), digital signatures (RSA, DSA, DH), cryptographic hash algorithms (MD5, SHA-1) host system security issues, from both a user and system administration perspective (backups, patches) [6] It is crucial that one division of the team possess a thorough understanding of the full range of technologies and issues used by the team. This contributes to expand and intensify the technical resource and capability of the team and train other team members through education and documentation. It also makes sure that the team can provide a full range of services. Besides an in-depth understanding of the technical skills listed above, the following specialist skills are required: technical skills such as programming, administration of networking components (e.g. routers, switches) and computer systems (UNIX, Linux, Windows, etc) interpersonal skills such as human communication, experience in presenting at conferences or managing a group work organization skills Obviously, a team will be unable to employ individuals who possess all the necessary interpersonal and technical skills. But there are opportunities to address such deficiency in those skills, such as training of staff to develop and retain such skills and support continuous progress. Hiring CSIRT Staff For any staff vacancy, the hiring process to select the most talented applicant is a complicated task. Even a candidate who appears on the surface to possess the right skill set might not be able to work within CSIRT setting. It is true when a crisis has been declared where the candidate may not be able to cope with the situation and inefficiently carry out their duties. Therefore, it is recommended to present the applicant to a hiring process, specifically designed to reveal the applicant strengths and weaknesses. Based upon the findings of the hiring process, the team will make up their mind to train the applicant in the specific skills that the candidate may require or decide not to employ the candidate. Compared to a regular hiring process, additional steps should be included in any CSIRT hiring process and they are: pre-interview document check pre-interview telephone screening interviews that cover topics from technical abilities to interpersonal skills candidate technical presentation reference checks, including criminal records The complete hiring process should be devised to detect potential employees who possess appropriate interpersonal skills and technical skills. Such candidates can undergo further training to acquire more competence. Before calling the applicant for a personal interview, the pre-interview document check and telephone screening determines in the first instance whether the candidate is an ideal match for the selection process. At this stage, more information is gathered about the applicants broad level of interest in computer security and other more specific details on items covered in his or her resume. The telephone screening will give a good impression of the candidates oral communication skills. Before CSIRT staff begin to interview potential candidates, its better to decide in advance what particular issues ranging from technical issues and ethical issues to social skills are most likely to be discussed during the interview process and select which existing staff are most suitable to talk about those issues with the candidate. Thus separate topic areas are covered by each of the various interviewers, saving any duplication of effort. Each interviewer will be in a position to review and consolidate feedback on the issues covered. Another strategy may be carried out where similar topics may be discussed by other team members involved in the interview process to agree on the candidates faculty about a particular topic and identify any weaknesses. To ensure proper recruitment, the applicant should have the opportunity to meet up with CSIRT team members through a lunch meeting or at the candidates technical presentation. A candidate, required to give a technical presentation, offers CSIRT an opportunity to measure other technical and interpersonal skills of the candidate. It also gives an idea how much common sense the candidate has and whether the applicant will be able to cope under stressful situations. Other qualities such as overall presentation skills, an ey e for detail, technical accuracy and ability to answer questions on the fly are also taken into account. After an individual has been appointed, there is also an enormous task to make them adapt to CSIRT. The new staff will need to undergo training for some period of time to get used to the CSIRT working environment as well as specific policies and procedures for the team. Some new recruits may be given access to limited information until relevant certificates or clearances such as government or military clearances are obtained. Staff training is compulsory in order to make the new recruits acquire the necessary skill level to take on their new responsibilities. Secondly, training is necessary to expand existing staff skills for personal career growth and overall team progress. Staff training also helps overall CSIRT skill set updated with emerging technologies and intruder trends. When considering the overall training needs of the team, it is necessary to spot out the overall skill s needed for each individual, as well as the common skill set required for the whole team. Obviously, new staff member should acquire immediate training in any deficient skills to perform effectively quickly. From a general viewpoint, the whole team should be assessed to determine any training that needs more attention to enlarge skill set exposure in the team. At the same time, this assessment focuses on an individuals skill set. Policies and procedures are a necessity and should be enforceable to support initial training of new team member and to guarantee ongoing training as policies and procedures get amended. Besides the interpersonal and technical skills discussed earlier, each team member should be trained in areas specific to the incident handling functions in a normal CSIRT work environment. Training should cover up the following issues: new technical developments CSIRT team policies and procedures incident analysis maintenance of incident records understanding and identifying intruder techniques work load distribution and organizational techniques Initial training is conducted through on-the-job training. Since incident handling profession is different in work nature from other professions, there is no formal educational path for CSIRT staff and limited documentation in the literature. Most printed materi Security Incident Handling Service Security Incident Handling Service EXECUTIVE SUMMARY 1 INTRODUCTION Expect the unexpected. As soon as a crisis erupts, it should be immediately handled to reduce its potential impact on critical business operations. Such undesirable incidents occur unanticipated and when they do take place, damage or harm is the result. In most aspects of life, it is better to stop something disastrous happening than it is to deal with it after it has happened and IT security is no exception. If possible, security incidents should be dealt accordingly from occurring in the first place. Yet, it is unachievable to prevent security incidents. When an incident does happen, its impact needs to be brought down to adequate recommended level. Security incident handling outlines the actions to follow in an event that an electronic information system is compromised. An event is declared an incident when the confidentiality, integrity or availability (CIA) elements of a system is compromised. Significant commodities such as information and knowledge must be safeguarded at all c osts. Communications within an organization and its interactions to its customer base are regarded as the life blood in this IT intensive fast paced world. If an organization is inoperative for any period of time, it may cost millions in lost business or loss of reputation. Size of an organization does not matter. Unexpected downtime influences organizations of all sizes impacting revenue, customer satisfaction and overall production. It is vital that they quickly recover from such downtime and restore operation and re-establish their presence to ensure survival. Consequently, many firms have realized the importance of setting up incident handling procedures. One of the drawbacks is that many organizations learn how to respond to security incidents only after suffering from them. In the course of time, incidents often become much more costly. Proper incident response should be an integral part of the overall security policy and risk mitigation strategy. Incident handling procedures that are in place in an organization improves to maintain the business continuity of critical operations. In todays competitive economy, a company cant afford to cease critical business operations and remain idle for long period of time because of lack of incident handing procedures. Thus, an organization needs to be well prepared for continuity or recovery of systems. This typically requires a considerable investment of time and money with the aim of ensuring minimal losses in the event of a disruptive event. The goal of setting up incident handling procedures is to know exactly what to do when an incident breaks out. This means anticipating scenarios before they occur and making appropriate decisions about them in advance. Those assessments typically demand consultation and senior management support, hence these people are needed early immediately after an incident has been confirmed. For example, just deciding who to tell when an incident occurs can be hard to determine. Manageme nt needs to provide input to respond quickly and this embarks into issues like after hours support and mixed project/support roles. External support may also be sought, resulting in additional cost, time and effort to select partners. 1.1 PURPOSE OF THE DOCUMENT This document provides guidance to identify and record the nature and scope of a computer security incident handling service. This paper discusses the functions that support the service, how those functions interrelate and the tools, procedures and roles necessary to implement the service. It also concentrates on incident analysis. For example, we can make a comparison between a fire that broke off in an apartment and a computer security incident that happened in an organization. Similarly as a fire department will investigate a fire to know where it originated from, a Computer Security Incident Response Team (CSIRT) tries to figure out how the security incident occurred. Both the fire department and CSIRT operate in the same approach. A fire department needs to get along with other fire departments on it can depend on for additional support in peak times or to tackle a serious catastrophe. It must cooperate with other emergency units to react promptly and provide law enforcement. Th is document will discuss how CSIRTs interact with other organizations, such as the department that reported the security incident to it, other CSIRTs, law enforcement and the media. Both fire department and CSIRT need to properly handle information, some of which is sensitive and relevant to the individual held responsible for the crime. Information handling is considered to be an indispensable discussion subject in this paper. CSIRTs propose client confidentiality in the same manner that many emergency units do, safeguarding reporters and victims from public disclosure. CSIRT survival depends on handling confidential information appropriately, because if it cant be trusted, nobody will report to it, thus making it almost useless. CSIRTs have committed permanent staff as well as part-time, volunteer staff and reliable security experts to handle an unexpected security emergency. Its staff is at the frontline in event of a crisis, CSIRT achievement depends on their interaction with th e outside world and the image that they project by the way of performing their duties and the service quality that they provide. To attain such high level of success, recruiting suitably competent staff seems to be a complicated process. People in charge of appointing CSIRT staff mistakenly look for unsuitable set of talent and ability in prospective employees. For that reason, this paper discusses staffing and hiring concerns and actions to guarantee that CSIRT staff offer reliable, pleasant and specialized service. Other services besides the incident handling service, such as the supply of intrusion detection assistance and vulnerability handling are also provided by CSIRT. The information in this paper is understandable in such a manner that is basic to the reader to put it into operation to any type of CSIRT setting, from in-house team for a company to an international coordination center. This document is intended to present a valuable foundation to both recently created teams and existing teams where there is a lack of clearly defined or documented services, policies and procedures. This paper is more appropriate to use during the early stages when a company has acquired management support and funding to set up a CSIRT, before the team becomes operational. Moreover, this paper can be still a valuable reference document for already operational teams. 1.2 INTENDED AUDIENCE The general CSIRT community who may require a better knowledge of the composition and objectives of their existing teams will benefit from this document. It also targets individuals and organizations who are likely to join the CSIRT community in the near future. It is precisely aimed at managers and other personnel who take part in the process of setting up and leading a CSIRT or managing incident crisis. The list may include Chief Information Officers, Chief Security Officers and Information Systems SecurityOfficers Project leaders and members in charge of creating the team CSIRT managers CSIRT staff IT managers [1] Higher management levels and all CSIRT staff can use this paper as a useful reference. This document can also be utilized by other individuals who work together with CSIRTs. This may include members of the CSIRT constituency law enforcement community systems and network administrator community CSIRT parent organization or other departments within the parent organization such as legal, media or public relations, human resources, audits and risk management investigations and crisis management [2] 2 MAIN CONTENT Definition of Security Incident The Information Security Management Handbook defines an incident as any unexpected action that has an immediate or potential effect on the organization [3]. Whenever the safety and stability of an information system is compromised, such instance can be referred to as a security incident. There are several different definitions of security incidents; one is A violation or imminent threat of violation of computer security policies, acceptable use policies, or standard computer security practices [4], another definition describes the security incident as any event that may threaten or compromise the security, operation or integrity of computing resources [5]. In other words, a security incident is a state of violation of security policy in an organization and the security of their information system. Security incident refers to a common term that encompasses any type of security breach regardless of location, the level of the threat or the magnitude of it. The commonly known factors of security incidents are events and actions that expose one or more basic elements of information security: confidentiality, integrity and availability (CIA) of information systems. An incident can be caused by authorized or unauthorized personnel, process, hardware or software. It can be an accident as well as a planned malicious action. Handling security incidents In the course of a crisis, time runs short in terms of about what to do, who will do it or how it will get done, therefore it is vital to arrange for a response in advance. The better prepared you are for an incident, the more likely you are to respond correctly. Proper set-up of an incident handling procedure can help to lessen impact of undesirable incidents. The objective of such procedure in place is to provide a framework for an orderly, coordinated response by appropriate resources within the organization. It is in a companys own benefit that it establishes a Computer Security Response Capability, a process that provides centralized response and reporting functions for security incidents. According to (Computer Security Incident Handling Guide, National Institute of Standards and Technology, March 2008), establishing an incident response capability should include the following actions: Creating an incident response policy plan Developing procedures for performing incident handling and reporting, based on the incident response policy Setting guidelines for communicating with outside parties regarding incidents Selecting a team structure and staffing model Establishing relationships between the incident response team and other groups, Determining what services the incident response team should provide Staffing and training the incident response team The â€Å"Cyberthreat Response and Reporting Guidelines† report, jointly approved by the FBI and US Secret Service recommends that the better equipped a company is in the event of a security event, the better probability it has to reduce the impact of the crisis. This recommendation is actually one of the chief responsibilities of a CSIRT, to be well organized to successfully cope with an incident when they happen and to help prevent incidents from occurring in the first place. As a starting point, the team should have a strategy plan for incident handling. This plan should be supported with documented policies and procedures. According to (State of the Practice of Computer Security Incident Response Teams, October 2003), the incident response plan identifies the mission and goals of the team, the team roles and responsibilities; the services provided; and policies, procedures, processes, and guidelines related to incident handling. The incident response plan is not only inten ded for CSIRT employees, but also for community that they serve. From that viewpoint, both parties should be proficient about what to report, how to report it and to whom it should be reported. The plan should also describe the expected level of service that is reasonable. Staff who is accustomed with computer security incidents recognize the fact that these incidents vary in shape and size. Some are quite uncomplicated, easy to cope with and mitigate while other are extremely severe and very complicated or can have harsh impact on IT systems and necessitate proper authority to respond to effectively. In the event of a crisis, adhering to the plan in place will facilitate the organization to promptly isolate disruption cropping up on IT systems or networks as well as to assist to counteract to such events. It may alleviate potential risk such as loss of company reputation, trust or financial status. For existing CSIRTs who dont have a robust plan, they can still manage with some bas ic guidelines. They can make use of their current incident handling procedures as a guideline, in the meantime they can revise their existing documentation. They can rely on those basic guidelines namely the plan to handle incidents, areas of responsibility, general and specific procedures. Other typical guidelines can include an incident response checklist as well as procedures for what type of activity to report and how that information should be reported. A company needs to take into consideration several factors prior to planning an incident response capability. They include introducing a point of contact for reporting incidents pinpointing the aims and objectives of the team distinguishing and selecting the staff and necessary expertise offering direction for reporting and handling incident reports allocating proper security awareness and incident response training for CSIRT staff launching and promoting specific incident handling and security policies and procedures for the CSIRT exposing lessons learned with other colleagues designing a benchmark to monitor the effectiveness of the CSIRT devising strategy to allow coordination between the CSIRT and internal and external parties Organizations or the team typically approve policies and record them. It is crucial to know what these policies consist of and to ensure that they are properly implementable, enforceable in the workplace. Like the mission statement, senior management approves and enforces policies. The policies need to be openly expressed and well understood by each team member, technical, management or administrative. It will be a difficult task for the staff to appropriately execute and carry out their duties without a clear understanding of the policy. In order to write a clear policy, it is best to avoid excessive jargon. Whenever possible, consult someone who is not in security or IT to examine the policies. Rephrase the policies if not understood. Use very short sentences. A good policy is a short one. A security policy should be concise, well segregated between the management aspect (the policy) and the operational aspect (the procedures). Moreover, a policy must be both implementable and enfo rceable, or else it doesnt have any purpose. It is easier to implement a policy if it is well designed and relevant to the needs and goals of the CSIRT. Truly effective policies address genuine needs within a business, making the staff willing and even eager to implement them because they make operations smoother and give the business added reliability. Top management should execute appropriate actions or steps to enforce a policy. Policies must be enforceable; otherwise they are of little or no value. Usually when a policy ismplementable, it is normally also enforceable unless it contradicts itself. Concrete measures are needed to assess the usage of the policy. Example: An example of a contradictory policy is the security policy that ranks internal information security as priority number 1 but at the same time ensures absolute privacy for its staff; the latter makes it hard or even impossible to enforce security in case of an insider threat. To successfully develop and implement s ecurity policies, top management needs to be involved in and strongly support the project (Lam, 2005). A proposal with a report of external and internal requirements and a draft assessing budget can easily persuade managers to support the development and implementation of a security project. Having management support and authorization can resolve money and time issues. These managers can allocate the required budget and allow sufficient time for development and implementation. In addition, top management has power to affect processes by requiring employees to participate (Kearns Sabherwal, 2006). How to Implement Security Policies Successfully The implementation phase probably is the hardest phase in the life cycle of developing and maintaining security policies. Many organizations fail in this phase. To effectively and efficiently implementing security policies, teams first need to resolve many issues. Lack of strong management support (Fedor et al., 2003; Lam, 2005), lack of budget (Kearns Sabherwal, 2006; Martin, Pearson, Furumo, 2007), lack of implementation time (Walker Cavanaugh, 1998), lack of strong leadership (Fedor et al., 2003), lack of awareness of benefits of implementing security policies—â€Å"why for† (Hansche, Berti, Hare, 2004)—, or ineffective communication with users (Jackson, Chow, Leitch, 1997; Walker Cavanaugh, 1998) may cause problems. Resolving all of the above issues can help in successfully implementing security policies. Computer Security Incident Response Team (CSIRT) A team is a focal component of incident response plan, policy and procedure creation so that incident response is dealt effectively, efficiently and consistently. The team should cooperate with other teams within the organization towards a central goal which encompasses the plan, policies and procedures. Outside parties such as law enforcement, the media and other incident response organizations can also be contacted. Computer Security Incident Response Team is regarded as the nerve center of an incident response plan. It is normally composed of a team manager, a management advisory board and other permanent and temporary team members. The temporary staff provides advice on technical, business, legal or administrative issues, depending on the nature and scope of the incident. The team assists the organization to identify and document the nature and scope of a computer security incident handling service. The team manager supervises labour of the team members, presents ongoing status i nformation to the Chief Information Officer (CIO) and other senior management and requests assistance on expert advice outside of IT department when needed. This role leader should be accustomed with computer security issues, the function of IT areas and staff, general company operations as well as the duty of other employees in the institution who may serve as resources for the CSIRT. Under challenging situations, the team manager must be able to coordinate teamwork with other staff and to deal properly with circumstances that necessitate discretion or confidentiality. The technical leaders role is to assess the characteristics and severity of an incident, propose recommendations on security control and recovery issues to the team manager and requests on additional technical resources if needed. This role should possess a broad understanding of operational and systems security. Other employees can join the team on a spontaneous basis and remain team members until closure of inciden t. Additional resources may be required to serve areas such as: law enforcement, legal, audit, human resources, public relations, facilities management or IT technical specialties. The table below shows a list of members who should be included in the CSIRT and their roles in the team. Table 1: Team members in IRT Source: table from page 4-2 of Incident Response Procedure for Account Compromise Version 1.2 2004 by Visa International Besides their technical expertise, CSIRT staff distinctive quality is their motivation and talent to stick to procedures and to present a professional image to customers and other parties working together with them. In other works, it is more convenient to appoint staff with less technical expertise and excellent interpersonal and communication skills and subsequently train them in a CSIRT-specific environment than vice versa. Communication of a team member who is a technical expert but has poor communication skills may brutally ruin the teams reputation while interactions that are dealt with competently will assist to improve the teams standing as a valued service provider. Possessing a broad range of interpersonal skills is significant since team members are frequently in contact with each other and other parties such as law enforcement, legal, human resources. T hus, these professional interactions that CSIRT employees adopt will influence the reputation of the team and special concern to an individuals interpersonal skills matters. Some interpersonal skills, required for incident handling staff, are listed below: logical judgment to formulate effective and suitable decisions in time of crisis or under pressure or strict time constraints effective oral and written communication skills for interaction with other parties discretion when dealing with the media aptitude to follow policies and procedures enthusiasm to learn new things challenge to work under pressure teamwork reliability to maintain teams reputation and status readiness to accept ones own mistakes problem solving skills to efficiently handle incidents time management skills for high priority tasks Apart from interpersonal skills, CSIRT staff should possess fundamental understanding of technology and issues on which they base their expertise. The following technical know-how is crucial for CSIRT staff: public data networks (telephone, ISDN, X.25, PBX, ATM, frame relay) the Internet (aspects ranging from architecture and history to future and philosophy) network protocols (IP, ICMP, TCP, UDP) network infrastructure elements (router, DNS, mail server) network applications, services and related protocols (SMTP, HTTP, HTTPS, FTP, TELNET, SSH, IMAP, POP3) basic security principles risks and threats to computers and networks security vulnerabilities/weakness and related attacks (IP spoofing, Internet sniffers, denial of service attacks and computer viruses) network security issues (firewalls and virtual private networks) encryption technologies (TripleDES, AES, IDEA), digital signatures (RSA, DSA, DH), cryptographic hash algorithms (MD5, SHA-1) host system security issues, from both a user and system administration perspective (backups, patches) [6] It is crucial that one division of the team possess a thorough understanding of the full range of technologies and issues used by the team. This contributes to expand and intensify the technical resource and capability of the team and train other team members through education and documentation. It also makes sure that the team can provide a full range of services. Besides an in-depth understanding of the technical skills listed above, the following specialist skills are required: technical skills such as programming, administration of networking components (e.g. routers, switches) and computer systems (UNIX, Linux, Windows, etc) interpersonal skills such as human communication, experience in presenting at conferences or managing a group work organization skills Obviously, a team will be unable to employ individuals who possess all the necessary interpersonal and technical skills. But there are opportunities to address such deficiency in those skills, such as training of staff to develop and retain such skills and support continuous progress. Hiring CSIRT Staff For any staff vacancy, the hiring process to select the most talented applicant is a complicated task. Even a candidate who appears on the surface to possess the right skill set might not be able to work within CSIRT setting. It is true when a crisis has been declared where the candidate may not be able to cope with the situation and inefficiently carry out their duties. Therefore, it is recommended to present the applicant to a hiring process, specifically designed to reveal the applicant strengths and weaknesses. Based upon the findings of the hiring process, the team will make up their mind to train the applicant in the specific skills that the candidate may require or decide not to employ the candidate. Compared to a regular hiring process, additional steps should be included in any CSIRT hiring process and they are: pre-interview document check pre-interview telephone screening interviews that cover topics from technical abilities to interpersonal skills candidate technical presentation reference checks, including criminal records The complete hiring process should be devised to detect potential employees who possess appropriate interpersonal skills and technical skills. Such candidates can undergo further training to acquire more competence. Before calling the applicant for a personal interview, the pre-interview document check and telephone screening determines in the first instance whether the candidate is an ideal match for the selection process. At this stage, more information is gathered about the applicants broad level of interest in computer security and other more specific details on items covered in his or her resume. The telephone screening will give a good impression of the candidates oral communication skills. Before CSIRT staff begin to interview potential candidates, its better to decide in advance what particular issues ranging from technical issues and ethical issues to social skills are most likely to be discussed during the interview process and select which existing staff are most suitable to talk about those issues with the candidate. Thus separate topic areas are covered by each of the various interviewers, saving any duplication of effort. Each interviewer will be in a position to review and consolidate feedback on the issues covered. Another strategy may be carried out where similar topics may be discussed by other team members involved in the interview process to agree on the candidates faculty about a particular topic and identify any weaknesses. To ensure proper recruitment, the applicant should have the opportunity to meet up with CSIRT team members through a lunch meeting or at the candidates technical presentation. A candidate, required to give a technical presentation, offers CSIRT an opportunity to measure other technical and interpersonal skills of the candidate. It also gives an idea how much common sense the candidate has and whether the applicant will be able to cope under stressful situations. Other qualities such as overall presentation skills, an ey e for detail, technical accuracy and ability to answer questions on the fly are also taken into account. After an individual has been appointed, there is also an enormous task to make them adapt to CSIRT. The new staff will need to undergo training for some period of time to get used to the CSIRT working environment as well as specific policies and procedures for the team. Some new recruits may be given access to limited information until relevant certificates or clearances such as government or military clearances are obtained. Staff training is compulsory in order to make the new recruits acquire the necessary skill level to take on their new responsibilities. Secondly, training is necessary to expand existing staff skills for personal career growth and overall team progress. Staff training also helps overall CSIRT skill set updated with emerging technologies and intruder trends. When considering the overall training needs of the team, it is necessary to spot out the overall skill s needed for each individual, as well as the common skill set required for the whole team. Obviously, new staff member should acquire immediate training in any deficient skills to perform effectively quickly. From a general viewpoint, the whole team should be assessed to determine any training that needs more attention to enlarge skill set exposure in the team. At the same time, this assessment focuses on an individuals skill set. Policies and procedures are a necessity and should be enforceable to support initial training of new team member and to guarantee ongoing training as policies and procedures get amended. Besides the interpersonal and technical skills discussed earlier, each team member should be trained in areas specific to the incident handling functions in a normal CSIRT work environment. Training should cover up the following issues: new technical developments CSIRT team policies and procedures incident analysis maintenance of incident records understanding and identifying intruder techniques work load distribution and organizational techniques Initial training is conducted through on-the-job training. Since incident handling profession is different in work nature from other professions, there is no formal educational path for CSIRT staff and limited documentation in the literature. Most printed materi