(also computer security incident response team, cybersecurity incident response team, computer emergency response team, computer emergency readiness team)
A team of IT professionals responsible for detecting, controlling, and eliminating cyber incidents within an organization. Organizations can form their own CSIRT using internal resources or hire expert teams from the outside to handle problems. In addition to responding to incidents, CSIRTs develop the organization’s security policies, train staff in best practices, and analyze past incidents to deter future attacks.
The first computer security incident response team was assembled under a US government contract at Carnegie Mellon University. It was created in response to the 1988 Morris Worm incident that paralyzed a large portion of the early internet.