US-South Korean Relations: A New Era of Cooperation

President Carter stated in a secret memorandum at the beginning of his administration that â€Å"U. S. – Korean relations as determined by Congress and American people are at an all time low. † This statement, coupled with his iron determination to withdraw forces from South Korea, reflected the end of what is often known as the â€Å"Golden Age† of Korean-American relations. During Park Chung Hee†s 18-year authoritarian reign over South Korea, the late 1970s portray a complex web of alliance relations and tumultuous security commitment that threatened the overall strength of the two allies. Constant U. S. intervention and attempts to influence Korea†s political process were met with massive resistance and did not deter then president Park from steadfastly continuing his Yushin system of authoritarian rule until his sudden assassination in 1979 (Gleysteen 4). However, the decades following the 1970s portray yet another shift in Korean-American relations. Once opposed to Western style democracy, the government of the 1990s (namely, Kim Dae Jung) has shed its authoritarian foundation and now supports a policy that reflects the ideals of Western democracy. South Korea has effectively put into place a system of democracy that will now be difficult to overturn, if anyone should ever again try. Although unsuccessful in the 1970s, the U. S. has finally realized its primary goal of political liberalization in South Korea. In this paper, I will discuss the relations between Korea and the U. S. in the late 1970s and the factors that led to tensions in alliance; mainly, differing political ideologies. Then, I will elaborate on the great strides Korea has made in achieving democracy, therefore lessening the political gap between Korea and the Western nations. I will do so by presenting Kim Dae Jung†s strongly democratic vision of Korea among opposing viewpoints. By analyzing his response to Lew Kwan Yew†s generally anti-Western democracy stance, one is able to discern the similarities in political thought that bridged the seemingly irreparable gap rendered during the Park Chung Hee rule. The differences in these two political leaders effectively portray the opposite ends of the political spectrum and show the changes in government Korea has made during the governments of Park and Kim. Upon Park Chung Hee†s rise to power following the military coup of 1961, it was inevitable that Korea would not follow a trend towards democracy. Given Park†s military background, Confucian heritage and Japanese education, there was nothing in his history to suggest that he would embrace democracy American-style. In fact, he considered this practice to be â€Å"inconvenient and unproductive† (Oberdorfer 32). A U. S. military assessment noted: From the time he led the 1961 coup, it has been evident that President Park had little admiration for or interest in the craft of politics. His approach to his stewardship as ROK head of state has remained that of a general who desires that his orders be carried out without being subjected to the process of political debate (Oberdorfer 33). Although heavy U. S. ressure influenced Park to return to nominal civilian rule following his coup, one can see that from the beginning there were prominent factors that foreshadowed the clash of ideologies to come. Park began his most anti-democratic line of rule in 1972 with the advent of his â€Å"Yushin† system that disbanded the National Assembly, declared martial law, discarded the existing Constitution and prepared for indirect election of the president. To silence opposition, Park arrested many of the senior political leaders of the country. He justified this radical line of rule by declaring that they were â€Å"revitalizing reforms† that were necessary to strengthen and unify the nation to prepare for possible Northern invasion and maintain national independence (Oberdorfer 38). All pretense of a civilian government was thus ended by this blatant grab for complete authoritarian power. Following a policy that encouraged gradually lower levels of U. S. engagement with Korea, the U. S. responded to this maneuver by stating that they had not been consulted or involved in Park†s actions and would seek to avoid involvement in Korea†s internal affairs (Oberdorfer 41). In effect, the U. S. was attempting to not endorse the Yushin plan as a whole by following a policy of disassociation that diminished the role of the U. S. in Korea†s political system. U. S. involvement, while always present, became significantly more intrusive with President Carter†s rise to office in 1976. At this time, America†s reaction against military commitments abroad were seen for the first time since the Vietnam disaster when President Carter advocated the withdrawal of U. S. troops from Korea almost immediately following his inception into office. Korea was, of course, adamantly against this maneuver and Carter†s own government displayed opposition to such a drastic move. However, for undetermined reasons, Carter remained steadfast in this course of action for almost the entire duration of his office. Although the administration and Congress opposed the immediate withdrawal of U. S. forces, they were not against the idea of using the issue to induce a process of liberalization. However, they had to be careful in their suggestions so as to not provoke a nationalist and regressive reaction. The U. S. ought to do this by attempting to recover strained relations with Park, hoping it would lead to gradual democratization by a friendly and understated counsel. Park too hoped to end the awkward relations with the U. S. but sought to maintain U. S. support without changing his ruling style. He proposed a summit with Carter in January 1979 but rejected Western style democracy as unsuitable to Korea. Although both sides wanted to return to the friendly relations of the past, misperceptions regarding the other†s government led to escalating tensions (Gleysteen 6). The political interplay was such that Park believed that the U. S. policy toward Korea would shift from human rights and democratization to security, whereas the Carter administration gradually adopted a flexible status quo policy linked to a strategy of offensive intervention. These exchanges in misperceived intentions and mutual suspicions spiraled into political turmoil that culminated in the shocking assassination of Park in 1979. There can be no doubt that although the U. S. pparently had not direct involvement in the assassination, its public statements and support of the opposition helped to fuel and enhance the struggle for Park†s demise. The fall of the Park regime and the â€Å"Carter Chill† are interdependent, and the decline of the Triangular Alliance Security System (TASS) is apparent as Korean politics continued to deviate from U. S. interests. There is a fundamental lack of compromise and miscommunication between the Carter and Park administrations that led to the detrimental effect of unsteady alliance. With this level of tension and uncertainty, relations can only be strained and self-defeating, for they are only encouraging instability in the very region that both are trying to maintain peace in. Judging by the transition of Korean-American relations and the dismal conclusion in 1979, neither side was entirely successful in securing their interests and maintaining a cohesive alliance management. However, the shift to democracy (and consequently, united Korean-American interests) came in 1987 when Korea held its first popular ballot since Park Chung Hee†s narrow victory in 1971. Since then, Korea has been on a sometimes shaky but determined road to continue democracy that appears to have no end. We see this commitment to democracy in current President Kim Dae Jung, who has had a long and remarkable history in advocating democracy. Throughout his long and volatile political career, Kim has remained staunchly dedicated to his belief in democracy despite constant threat and repression. Kim came very close to winning the popular ballot in 1971 against Park Chung Hee and it was no secret that Park despised and feared him. He was abducted by Park†s KCIA in Tokyo and brought back to Seoul bound and gagged, after which he was placed under house arrests and later imprisoned. After Park, Chun continued the vengeance by having Kim arrested and sentenced to death. It was only with the influence of the Reagan administration that Chun reluctantly allowed Kim to live. Prior to 1987, there had been only 2 months since his kidnapping fourteen years earlier when he had been free of house arrest, prison, exile, or some other serious official restriction. In these years of adversity, Kim has had the opportunity to strengthen his convictions and answer major questions facing Korea (Oberdorfer 177). When Kim Dae Jung assumed power as President in 1997, many thought finally. After a political career that has spanned more than 4 decades, Kim was finally able to implement his democratic ideals. Kim was also a U. S. favorite for the presidency for it meant that Korea would strengthen its democratic government and Korea would have a president that the U. S. ould relate to – unlike Park Chung Hee in the 1970s. Overall, Kim†s ascension into the presidency signified increasingly harmonious Korean-American relations into the 21st century. There is perhaps no better assurance of Korean-American political compatibility in the 1990s than Kim Dae Jung†s article that appeared in Foreign Affairs magazine in late 1994. In order to understand Kim Dae Jung†s adamantly pro-democracy article titled, â€Å"Is Culture Destiny? † one must first understand the Lee Kwan Yew interview that provoked it. In his interview with Foreign Affairs in early 1994, Lee Kwan Yew, former Prime Minister of Singapore, stated his belief that the primary reason that Asian countries cannot adopt Western democracy is due to the inherent differences in culture. In response, Korean President Kim Dae Jung argues that Asian culture does not oppose the ideals of democracy, but rather, enhances it. He believes that Asian culture in no way hinders the progress of democracy and the resistance of authoritarian leaders and their supporters only obstructs incorporation of such a culture into democracy. And above all, Kim supports the ideals of democracy and promotes it fully throughout his article. Kim asserts that though Lee stresses cultural values throughout his interview, that alone does not determine a country†s fate. Furthermore, he believes that Lee†s view is not only unsupportable but also self-serving. Throughout the article, Kim disputes Lee†s arguments of incompatibility and implies that Lee†s â€Å"democracy is incompatible with Eastern culture† argument is only used to justify his personal anti-democratic beliefs. The effects of Kim†s history of political oppression and opposition against authoritarianism can be seen throughout this response. In reply to Lee†s view that an individual exists within the context of the family, Kim points out that industrialization has brought the inevitable consequence of self-centered individualism. Also, Lee†s statement that â€Å"the ruler or government does not try to provide for a person what the family best provides,† rejects what he perceives as the intrusive nature of Western governments. In it, Lee claims that this intrusiveness is not suited for family-oriented East Asia. However, Kim argues that this is not true, for East Asian government are much more intrusive than Western governments into the daily affairs of their people. Whereas Western people exercise much more individual liberties than Eastern people, the Eastern governments tend to limit individual behavior. Singapore, for example, strictly regulates activities such as gum chewing, spitting, and littering. Lee even dislikes the â€Å"one man, one vote† principle that Kim states is a fundamental part of democracy, saying that he is not â€Å"intellectually convinced† that it is best (Kim 190). Kim goes on to argue that though he cannot disagree with Lee†s objection to forcing an alien system indiscriminately upon societies in which it will not work, he questions the extent to which democracy is alien to Asian cultures. Contrary to Lee, Kim believes that Asian culture in fact enhances democracy and even contains underlying foundations that are essentially democratic in nature. Similar to the Lockean foundation of modern democracy that gives sovereign right to the people and leaders a mandate to govern through a social contract that the people can withdraw, Asia also has a similar philosophy. Chinese philosopher Meng-tzu preached that the king is the Son of Heaven and is given a Mandate of Heaven to provide government for the good of the people. If he did not do so, the people had the right to rebel and overthrow the government in the name of heaven. A native religion of Korea further advocated that â€Å"man is heaven† and one must serve man as he does heaven (Kim 190). Kim also describes the ancient political systems of China and Korea in which the government practiced the rule of law and saw to it that all citizens were treated fairly. Powerful boards of censors supported freedom of speech by checking imperial misrule and abuses by government officials. Therefore, he says, the fundamental ideas and traditions necessary for democracy exist in both Europe and Asia. Many Asian countries, including Singapore, became prosperous after they adopted a Western style of free-market economy, which is also an integral part of democracy. In countries where economic prosperity preceded political advancement, it was only a matter of time before democracy followed. The best proof that democracy can work in East Asia, Kim says, can be seen in the fact that despite the resistance of authoritarian leaders, Asia has achieved the most remarkable record of democratization of any region since 1974. This achievement has only been overshadowed by Asia†s tremendous economic success. Kim uses the finding of experts who claim that the new economic world order requires guaranteed freedom of information and creativity, things that are only possible within a democracy. Thus, Kim maintains, Asia has no alternative to democracy because it is also a matter of survival in an increasingly competitive world (Kim 192-193). Much to the U. S. â€Å"s pleasure, Kim suggests that Asia look towards the models of the democracy in the West and learn from their successes and failures. He advocates a â€Å"rebirth of democracy that promotes freedom, prosperity, and justice both within each country and among nations, (193)† and using the traditional strengths of Asian society to better the implementation of democracy. Kim says, â€Å"such a democracy is the only true expression of a people, but it requires the full participation of all elements of society. Only then will it have legitimacy and reflect a country†s vision. † Policies which strive to protect people from the negative effects of economic and social change will never be effective if imposed without consent, but those same policies will have the strength of Asia†s people if decided through public debate. Furthermore, Kim advocates the need to strive towards a new democracy that guarantees the right of personal development for all human beings and the wholesome existence of all living this. As a whole, Asia should firmly establish democracy and strengthen human rights. The biggest obstacle to democracy, Kim asserts, lies not within culture but within authoritarian governments. Coming at the brink of a political comeback, Kim†s article was in many ways pivotally timed to gain the support of the international community as well as the majority desiring Korean democracy. Through his support of public voice, direct elections, and humanitarian policies, one can clearly see the enormous change in Korean-American political interplay during the course of two decades. Judging by the strength of Korean-American relations in the 1990s in comparison to the faltering one of the late 1970s, one can reasonably conclude that similar principles (rule of law, popular elections, freedom of press and speech) prove successful in stabilizing alliance management. The more positive image of Korea to Americans as the Koreans democratize versus all the scandals (Koreagate) and human rights violations of the 1970s have also served to improve the image of Korea to Americans. Parallel trains of political thought and an enhanced Korean image in America have helped to make the Korean-American alliance far more beneficial and reliable than it was before Park†s demise, when it was feared that relations were irreparably deteriorated. More than any other president in Korea†s history, Kim Dae Jung personifies the ideals of Western style democracy. In direct contrast to Park Chung Hee†s rule in the 1970s, Kim Dae Jung supports a political policy that embraces Western ideology. The fundamental points within his argument are in line with primary U. S. interests of democratization, so it is easy to see why Americans would welcome Kim as Korea†s leader. Twice in his political history the U. S. intervened to save Kim†s life and they further showed their support more recently when they pledged economic aid and support for Kim†s reforms. Thus, the 1990s have seen the vast improvement and strengthening of Korean-American relations while Korea progresses to become independent of the U. S. Democratization is well on its way and unlikely to regress, and Korean-American relations steadily continue to improve. No longer is their alliance merely one in which Korea is a junior ally unable to exert much influence – Korea has gradually been able to test the limits of their alliance and exercise more power than ever before. An alliance that started as a U. S. security interest has evolved to become a more interdependent one in which both states will reap the benefits. Kim Dae Jung†s parting comment, if followed, will forever bind the U. S. and Korea as allies with the same political vison – â€Å"Culture is not necessarily our destiny. Democracy is† (194).

Nature in Sons and Lovers by David Herbert Lawrence Essay

In his introduction to The Letters of D. H. Lawrence, (Aldous Huxley, 1932) declared that Lawrence was ‘above all a great literary artist†¦one of the greatest English writers of any time. ’ Born in Eastwood near Nottingham, England on the 11th of September, 1885, D. H. Lawrence wrote novels that presented the dehumanizing effect of industrial culture and preached a glorified union with nature along with its corollary, sexual fulfilment. His experience growing up in a coal-mining family provided much of the inspiration for Sons and Lovers, his third novel, also considered his ‘crowning achievement’ (Qamar Naheed, 1998). Written in 1913, it is considered a pioneering work for its realism, vivid characterisation, treatment of sex complications and faultless control over tone and narrative method. Sons and Lovers is referred to as a Kunstlerroman (a version of the Bildungsroman), which is a novel charting the growth and development of an artist. The novel contains many autobiographical details, leading Mary Freeman (1955) to define Lawrence’s ‘most pervasive aim’ as the attempt to link experiences in his writing; she declares Sons and Lovers as the starting point from which Lawrence ‘moved towards more complex speculations’. Undoubtedly Lawrence used his own experiences very fully in the novel: his parents’ relationship, attitudes and personalities are mirrored in that of Morel’s. He remarked in a letter, ‘one sheds one’s sickness in books’ and Sons and Lovers is a way of his coming to terms with those formative experiences which made him the man he was (Jenny Weatherburn, 2001). Lawrence was an acute observer of the natural world who took great joy from it (Weatherburn, 2001) and the novel reveals a great preoccupation with nature. One of the important artistic features in Sons and Lovers is the symbolic meanings associated with nature. Lawrence applies the symbolism of nature to reveal Paul Morel’s complicated relationships with the three women in his life – Mrs. Morel, Miriam and Clara. These characters bond deeply in nature and Lawrence uses nature, and specifically flowers throughout the novel to symbolize these deep connections. Nature is used as a central symbol throughout Sons and Lovers and it is intricately linked to Lawrence’s presentation of Paul’s female relationships. Lawrence’s use of landscapes and nature images in Sons and Lovers directly contributes to the development of Paul’s relationship with his mother, Mrs. Morel. For Mrs. Morel, the garden proves to be a place of poetry, meditation and a means of escape from the ugly reality of her life. At the end of Chapter 1 when Mr. Morel, in a fit of rage and drunkenness, locks Mrs. Morel outside in the gardens to demonstrate his power in the household, the pregnant Mrs. Morel wanders into the garden and succumbs to ‘a kind of swoon’ – ‘her self melted out like scent’ – and the child too melted with her in the mixing-pot of moonlight. Her stillness in the garden where she contemplates the flowers and finds peace in their perfume highly contrasts with the noisy restlessness of her husband – ‘Mrs. Morel gasped slightly in fear. She touched the big, pallid flowers on their petals, then shivered. They seemed to be stretching in the moonlight. ’ (SL Page 31. ) Here Lawrence uses pathetic fallacy as the garden mirrors her emotions and she seeks refuge and comfort among her flowers. According to Stefania Michelucci, 2002; ‘In this nocturnal episode, the garden also represents a threshold from which she establishes a relationship with the unknown, with forces of nature which intoxicate and disturb at the same time. ’ (Page 38) Here the lilies in full bloom are symbolizing Mrs. Morel’s young exuberant life, while the pollen is breeding the new life. She and the embryo immerse and bond in the atmosphere all in a lethargic sleep; from the onset Lawrence uses flowers to reveal Paul’s and Mrs. Morel’s unordinary relationship. Lawrence was aware of Freud’s theory and Sons and Lovers uses nature to underscore the Oedipus complex present in Paul’s relationship with his mother. Paul is hopelessly devoted to his mother, and nature is used to reveal the love that often borders on romantic desire. Paul was born when she no longer loved her husband, and did not want to have this child. Ms. Morel decides to love this child well, as compensation for bringing him in to a loveless world. Nature, specifically flowers, connects the two, as Paul shows love by giving flowers to his mother from as early as infancy. Whenever Paul brings her flowers the mood is gay, lively, warm or poignant. In addition, Lawrence presents scenes that go beyond the bounds of conventional mother-son love: as the two spend a day in the country together at the Leivers’, the beauty and sensuality of the countryside are reflected in their relationship – ‘Then they went out into the wood that was flooded with bluebells, while funny forget-me-nots were in the paths. The mother and son were in ecstasy together’. (SL Page 145) Throughout the duration of this isit to the countryside, the beauty of nature entrances mother and son; so much in fact, that they both insinuate that their feelings of happiness can be attributed to this intimate, countryside visit. Upon leaving ‘his heart was full of happiness till it hurt. His mother had to chatter because she, too, wanted to cry with happiness’. (SL Page 148) The description of their unordinary relationship is replete with sensual descriptions of nature, of budding flowers and dew speckled grass, as well as of passion expressed through art. The imagery is clearly erotic and would have been unacceptable in Victorian England, therefore leading to harsh criticism upon publication. Similarly, Lawrence uses nature to symbolize Paul’s intricate relationship with Miriam. Nature has a strange fascination for both Paul and Miriam; the beauty of nature, her changing colours and forms stimulate them and Lawrence conveys this to the reader through descriptive paragraphs and dialogue. The nature aspects that are in the extract convey purity; the two characters are young and fresh and the descriptive language used reflects this. Miriam is eager to show Paul a ‘certain wild-rose bush she had discovered’ and the emotive language used reveals Miriam’s belief that until Paul has seen the bush ‘it had not come into her soul’; the bush is a way of representing the relationship between Miriam and Paul as whilst it holds great importance to Miriam it meant nothing unless it was shared with Paul. The language used to describe the nature suggests the writer finds euphoria in nature. The bush is described as ‘splashing darkness everywhere with great split stars, pure white’ which give is imagery of the night and the ‘stars’ are seen as the most beautiful aspect of the night. The ‘pure white’ reiterates the youth and beauty between the two characters. The ‘pure white’ can also be seen as representative of newness of the events. It is not only the characters’ love of nature that is portrayed in the extract but also the writer’s as the language Lawrence has used to describe the natural surroundings is beautiful and euphoric. Romanticism depicts that external nature is described accurately and sensuously and should be centered with human experiences and problems. The rose bush, described as having a ‘cool scent of ivory roses- a white virgin scent’, symbolizes the sexual tension between Paul and Miriam and reflects Miriam’s inner battle whether or not to have a physical relationship with Paul. Here again, Lawrence focuses unflinchingly on sexual experience and sexual feeling –‘She saw the dark yews and the golden crocuses, then she looked at him gratefully. †¦ And now he asked her to look at this garden, wanting the contact with her again. Impatient of the set in the field, she turned to the quiet lawn surrounded by sheaves of shut-up crocuses. A feeling of stillness, almost ecstasy came over her. It felt almost as if she were alone with him in this garden. ’(S L, p. 190). This chapter begins to suggest that Paul needs some connection beyond what he shares with his mother. In his free time, Paul is a painter, and he still needs his mother to do his best work, but Miriam allows him to take his work to another level; she makes him feel an intensity he has never before experienced. Miriam also seems to have some sense of this connection, evident especially when she feels that, until she shows him the rose bush, she will not fully have experienced it herself. The connection between Paul and Miriam may be one reason that Mrs. Morel dislikes Miriam – ‘She could feel Paul being drawn away by the girl. ’ She seems to view Miriam as direct competition for her son’s love and attention. Lawrence also links Miriam with nature in a psychological level. She is depicted as having a pantheistic worship of the natural world – ‘Miriam went on her knees before one cluster, took a wild-looking daffodil between her hands, turned up its face of gold to her, and bowed down, caressing it with her mouth and cheeks and brow. He stood aside, with his hands in his pockets, watching her. One after another she turned up to him the faces of the yellow, bursting flowers appealingly, fondling them lavishly all the while. â€Å"Aren’t they magnificent? † she murmured. â€Å"Magnificent! It’s a bit thick—they’re pretty! † She bowed again to her flowers at his censure of her praise. He watched her crouching, sipping the flowers with fervid kisses. ’ (SL Page 248) The disharmony between the two is evident from Paul’s annoyed reaction to Miriam’s almost sexual appreciation of nature – â€Å"Why must you always be fondling things? † he said irritably. â€Å"But I love to touch them,† she replied, hurt. â€Å"Can you never like things without clutching them as if you wanted to pull the heart out of them? Why don’t you have a bit more restraint, or reserve, or something? † (SL Page 248) Paul’s complex innermost feelings are evident; e is evidently fettered by Miriam and yearns for freedom – ‘When she bent and breathed a flower, it was as if she and the flower were loving each other. Paul hated her for it. There seemed to be a sort of exposure about the action, something too intimate. ’ (SL, p. 199) The way she holds the flower symbolizes her attitude toward Paul. Finally, toward the end of the book when Paul makes his final break with Miriam, he presents her with a bowl of flowers. A flower in the novel, seems to represent life. For Miriam, the flowers represent the rootless flowers of death. Nature is also used symbolically in the representation of Paul’s relationship with Clara. Lawrence uses nature to metaphorically symbolize the intense feelings Paul has for the women in his life and Clara’s connection to nature is portrayed to be totally antithetical to that of Mrs. Morel and Miriam – ‘The flowers were very fresh and sweet. He wanted to drink them. As he gathered them, he ate the little yellow trumpets. Clara was still wandering about disconsolately. Going towards her, he said: â€Å"Why don’t you get some? † â€Å"I don’t believe in it. They look better growing. â€Å"But you’d like some? † â€Å"They want to be left. † â€Å"I don’t believe they do. † â€Å"I don’t want the corpses of flowers about me,† she said. â€Å"That’s a stiff, artificial notion,† he said. ’ (SL Page 270) According to Mark Spilka (1980), Clara ‘doesn’t want to be ‘picked’ or taken by any man; she has separated from her husband and for her flowers become as proud and frigid, in their isolation, as she would like to be in hers. ’ This ritual of picking flowers causes Paul and Clara to engage in their first spirited conversation which reveals opposing values of both characters. The way they pick flowers reflects their values –‘Miriam with false reverence; Paul with love, like a lover; and Clara not at all – but at least she respects the life in them, and the flowers, in their turn, will defend her – whereas Miriam’s sheltered blooms will quickly die. ’ Lawrence entitles the lyrical chapter ‘Lad –and-Girl-Love’ and punctuates it with Paul’s intense enjoyment of the world of leaves and flowers, while relating it to the sexual attraction between Paul and the women in his life – Miriam Leivers and Clara Dawes. In the cene where Paul, Miriam and Clara are together on an open field in the country, Miriam is evidently aware of the attraction between Paul and Clara and uses it as a test to see if her spiritual hold over his soul will prevail over his desires for Clara’s body –‘Clara’s hat lay on the grass not far off. She was kneeling, bending forward still to smell the flowers. Her neck gave him a sharp pang, such a beautiful thing, yet not proud of itself just now. Her breasts swung slightly in her blouse. The arching curve of her back was beautiful and strong; she wore no stays. Suddenly, without knowing, he was scattering a handful of cowslips over her hair and neck, saying: â€Å"Ashes to ashes, and dust to dust, if the Lord won’t have you the devil must. † The chill flowers fell on her neck. She looked up at him, with almost pitiful, scared grey eyes, wondering what he was doing. Flowers fell on her face, and she shut her eyes. †(SL Page 271) The relation between man and nature is direct and vital. Lawrence’s characters experience moments of transcendence while alone in nature, much as the Romantics did. More frequently, characters bond deeply while in nature. Lawrence uses flowers throughout the novel to symbolize these deep connections. Sons and Lovers, perhaps more than any other of Lawrence’s books, is full of images of flowers. The different traits of the characters personalities are brought home to the reader through the help of flowers. Throughout the development of the novel, as intimacy is shared, it is only through nature and natural elements that we see this â€Å"intimacy† occur. This comparable relationship with nature metaphorically symbolizes and is intricately linked with the intense feelings Paul has for the women in his life.

New Public Management Bachelor Essay Example | Topics and Well Written Essays - 2750 words

New Public Management Bachelor - Essay Example There are primarily two views that are discussed here concerning the significance of NPM as a framework, the argument that there is now a global movement that has resulted in transformed structural changes across the international community and that of adaptive changes across individual nation states, each with a degree of variance depending on cultural and historical traditions and values. In discussing this second view this paper concentrates on the debate surrounding the convergence of NPM across the western capitalized states and does not draw on the models that are emerging throughout the developing nations. NPM reforms started out in Anglo-Saxon countries like the UK, US, and New Zealand and its philosophy has been adopted, to varying degrees, across the developed countries. Comparison of the adoption of NPM within the UK and German Public Sector is put forward to illustrate the extent and variation of changes that have occurred and help to illustrate the usefulness of the fram ework in the field of comparative analysis. Over the past two decades there has been a considerable shift towards from the traditional model of public administration towards what has been termed 'new public management'. The supposed failing of the 'traditional administration' has contributed to the emergence and support of the new thinking. Traditional public administration was based around the framework of bureaucracy. Hughes (2003: 1) provides a useful definition of the characteristics of the traditional model of public administration: Firstly, it was completely linked to Weber's theory of bureaucracy, which advocated the principle of hierarchical and bureaucratic systems. Secondly administrators followed a one way, best way approach that was provided in detailed instruction and did not provide any personal responsibility for results. Thirdly the provision of goods and services was through public sector delivery only. Fourthly there was a separation between the political and administrative decisions and practices, and this took away political accountability of the decision makers. Fifthly, there was an implicit agreement that those working in the public sector did so in the public interest resulting in a strong public sector ethos and set of values. Finally public administration was considered to provide a job for life and this itself created a poor image to those who used the services. Whilst there are those who argue that the reason for the change was simply that the old model was not good enough and there were too many inadequacies (Behn, 2001: 30 cited in Hughes 2003: 5) other such as Rhodes (2003) put forward the demonstrable advantages that the use of a bureaucratic framework can bring to service delivery, for example reliability, direct control, predictability and continuity. However the '3Es' of economic, efficiency and effectiveness were introduced as means to making savings in the huge public sector expenditure, to improve the operational working of the public sector and minimize waste and to increase the chances that any policy implementation would be more effective, therefore indicating that there was evidence to suggest that the traditional Weberian framework could not realize these objectives. The introduction of market competition is also in direct contrast to that of traditional

Romanticism - Humanities Essay Example | Topics and Well Written Essays - 1000 words

Romanticism - Humanities - Essay Example Other art forms carried the period into the second half of the nineteenth century. This extended chronological spectrum (1770-1870) also permits recognition as Romantic the poetry of Robert Burns and William Blake in England, the early writings of Goethe and Schiller in Germany, and the great period of influence for Rousseau's writings throughout Europe. 1 One of Ludwig van Beethoven's critiques wrote of his work, referring to the third symphony, as having romantic elements --powerful melodies and dramatic intensity.2 Barry Cooper, a noted Beethoven scholar, commented on The Choral Fantasy as having "a Romantic wilderness that easily obscures its ingeniously created design."3 He was speaking of the fact that The Choral Fantasy when it was first performed was done spontaneously. It stopped and restarted on more than one occasion. This is because Beethoven only wrote the full score a year later. 4 He was playing the Fantasy from the heart. As he was quoted saying, "I must write, for what weighs on my heart, I must express."5 Romanticism is a manner of self expression that comes from the heart. It must be spontaneous, using powerful melodies and creating dramatic intensities. This illusion of romantic wilderness is beautiful. Anne K. Anne K. Mellor a known critique of Mary Shelley notes one of the general themes of Frankenstein as "uncontrolled scientific advancement causes destruction."6 Man uses science to try to make a human being, and thus conquer nature.7 Instead a monster was created. Shelley explores the concept of what is beautiful and ugly. She concludes that the concept of what is beautiful is defined by society and to them Frankenstein is not. He is ugly, a monster. Shelley's reaction to this concept is expressive of her innermost feelings. She also shows negative sentiments about the way women were being restricted to the domestic realm. She does this by murdering many of the female characters.8 Mellor also points this out as one of the general themes of the novel.9 Romanticism is the expression of artists' inner feelings. The work should mirror the artists' vision of the world and be the instrument of the artists' imagination.10 The Social Contract written by Jean Jacques Roussau has as its theses, which can be found at the first sentence of the essay: "Man is born free but everywhere is in chains." He expounds on the nature of freedom. For him, "natural human beings are born completely self-sufficient and self-governing. But needing to interact with others, humans are forced to give up their liberties. He enters into a "social contract" in which the governed agree to be ruled only so that their rights, property and happiness must be protected by their rulers. Once rulers cease to protect the ruled, the social contract is broken and the governed are free to choose another set of governors or magistrates.11 He writes this in passionate rhetoric and is an expression of how he views the relationship of men with the state. Romanticism is the reaction of the writer to what he sees around him. Johann Wolfgang von Goethe wrote a work rich in contradictions and conflicts, entitled Faust: A Tragedy. "It is a Romantic masterwork precisely because it explores a wide variety of polar opposites without resolving them.

The Bullock Gold Mining and a Job at East Coast Yachts Essay

The Bullock Gold Mining and a Job at East Coast Yachts - Essay Example atio. This shows that the firm has less liquidity compared to the industry. Current ratio is greater than the lower quartile this implies that there exist other firms with less liquidity within the industry (Ehrhardt & Eugene, 91). The firm may posses more expected cash flows, or easier means to short-term debt. The turnover ratios appear to be greater compared to the industry median actually all are greater than the upper quartile. This implies that the firm utilizes its assets efficiently to generate sales. The financial leverage ratios appear to be lower than the industry median but higher than the lower quartile. ... East Coast Yachts’ has a satisfactory performance, although attention is needed in the liquidity ratios. c) Creating Inventory Ratio Inventory to current liabilities ratio East Coast Yachts is lower, the current ratio is lower, but the quick ratio is higher in comparison to the industry median. This means that East Coast Yachts has few stock to current liabilities compared to the industry median (Ehrhardt & Eugene, 92). Since the cash ratio is less compared to the industry median, East Coast Yachts has fewer stock compared to the industry median, but more accounts receivable. d)Interpretation of the Ratios Current ratio: Good (Well managed current accounts.) Bad (Liquidity issues) Quick ratio: Good (Well managed current accounts.) Bad (Liquidity issues) Total asset turnover: Good (Well utilized assets.) Bad (Old and depreciated assets) Inventory turnover: Good (Well managed inventory) Bad (Inventory shortages) Receivables turnover: Good (Well collected receivables) Bad (Strict credit terms) Total debt ratio: Good (Hard to get credit issues) Bad (Increase shareholder returns) Debt equity Ratio: Good (Hard to get credit issues) Bad (Increase shareholders equity) Equity multiplier: Good (Hard to get credit issues) Bad (Increase shareholders equity) Interest coverage: Good (Hard to get CREDIT ISSUES) Bad (Increase shareholders equity) Profit margin: Good (Good performance) (Bad: Good cost control) Question 3 a)Internal growth rate, ROE = (Net income)/(Total equity) = $12,562,200/$ 55,341,000 = 0.2270 or 22.70% b (Addition to Retained earnings)/(Net income) = $5,024,800/$12,562,200 = 0.40 or 40% Sustainable growth rate = (ROE ? b)/(1-(ROE ? b)) = (0.2270 ? 0.40)/(1-(0.2270 ? 0.40)) = 0.0999 or 9.99% Income Statement Sales

Trial Observation Essay Example | Topics and Well Written Essays - 1250 words

Trial Observation - Essay Example I strolled into the courtroom at 1:18 PM, noticed there were only the attorneys of the defense as well as the people. Apart from that, a map with points drawn in various colors, hang alongside the wall on an easel, for communicating space between various locations. Finally, Judge Honor Nanci Grant arrived in the court with the jury in tow and immediately after settling, the trial begun with the swearing in of witnesses for the people. Firstly, the police detective responsible for the lawsuit as well as the arrest of the defendant had been called in by the prosecutor. Primarily, the questioning of the detective focused on the map discussing the distance from the point of arrest together with a school roughly 400 feet away as the witness narrated. The point of arrest then began to be called the â€Å"18 and Allison† home. Subsequently, the detective was questioned about what was discovered in custody of the defendant. The detective responded that he together with his colleagues stumbled upon lottery tickets concealed in a manner to be utilized as pouch something that proved a plan to distribute heroin. Alongside the lottery â€Å"pouches† the police further discovered 39 tenths of a gram of â€Å"normal quality† heroin having a street worth of $390. Thus the officer was convinced to consider that the quantity was doubtful and it would have dawned on any other officer that the defendant also had the intention to distribute versus basically being in possession of the drugs. More evidence was brought into the lawsuit, for instance , letters to the defendant. My assumption was that the prosecutor used them to confirm defendant’ residence at the time. Included were photographs showing the defendant’s shoes together with the table having the items on it, on the night of the raid. One’s impression of Mr. Lewis’ chances initially and what you saw toward his departure had changed dramatically. After hearing the cross-examination of the detective and Mr. Lewis you could see room for mistakes. The circumstances involved with the household could have led to a mistake in the identity of possession; the facts against the defendant may not have been his. However, Mr. Lewis could be guilty or not guilty; the jury could arrive at either decision. Finally, alongside the appreciation for the law, I gained new knowledge; I learned what a choirboy was. I also now see why that would be crucial to the case since it is a household item but can also be used for doing drugs. I further learned the strictn ess of following the system when trying a case. For every piece of evidence brought up, there had to be permission from the judge to admit it or even show it to the witness. Lastly, one could not fail to appreciate the legal system in place for placing the burden of proof on the people and having the defendant innocent until proven guilty.   

Please See Order Instructions Research Paper Example | Topics and Well Written Essays - 2500 words

Please See Order Instructions - Research Paper Example The purpose of this paper is to present a detailed analysis of the company. It is important to consider the changes that have occurred over the years so the paper also discusses the basic changes that have occurred throughout the previous years. Of course, it is equally pertinent to consider the situation in the market place because the market determines our progress. Therefore, the paper also deals with the significance of the market in relation to the company. The falling status of the company is a well known fact by now. To some extent the company’s inefficiency is itself responsible for this current state of the company. However, this paper also reiterates how the exogenous factors, not directly under the control of the company; have led the company to its present state. The latter part of the essay deals with a personal assessment of how critical the situation is for the company. Also, the measures that are deemed necessary at this point in time are highlighted so that the important propositions could be understood. Overall, the paper will help get an idea of the current situation and would inform about the steps that need to be taken to save the company from bankruptcy. Before moving onto the discussion of why the current situation has arisen, a brief overview of the history of the company in the last few years is necessary.

Problem Solving Research Paper Example | Topics and Well Written Essays - 1250 words

Problem Solving - Research Paper Example Using the problem solving technique, which implies that in order to come up with a well-informed solution to a particular problem, you must apply the following interrelating selections, depending on the type of the problem you are facing. They include: b) Analyzing the problem assessing the current situation by understanding the source of the problem, how it coexists with the present development and whether there is a favorable environment to facilitate evaluation of solutions. It also involves setting an assessment criterion for evaluating options. c) Generate multiple solutions to your problem that seem viable without necessarily judging the potentiality of the solution you have stated. Therefore, will help capture the options that can be used to come up with a solution. basically, this primarily involves the quantity and not the quality of the idea. d) Analyze the possible solutions shortlisted earlier noting the advantage and disadvantage side of the potential solution without evaluating it. additionally, thi may be done by listing the pros and cons of each possible solution and weighing them against each other. This comparison is essential in determining which solution seems valid for the case. e) Select the best solution by looking for the various influencing factors of the possible solutions and can be through weighing the advantages of a potential solution and consider the viability of each. morover, you may end up with many or no viable solution calling for re-evaluating the problem again or even looking at the problem definition once more. f) Jot down the next course of action that you are going to take or rather the implementation of the potential solution or solutions. It takes a course of actions at different times in the future in a sequential order. This take time since implementation is a process. The problem in scenario one is actually deliberating on finishing my education,

Health informatics Research Proposal Example | Topics and Well Written Essays - 3750 words

Health informatics - Research Proposal Example The challenge is not only increased by the chances of errors in prescriptions resulting out of lack of clarity of the handwritten prescriptions, but also from the pharmacists losing the handwritten prescriptions in the shuffle process of issuing drugs (Beuscart-ZÃ ©phir, 2005). Thus, due to the lack of electronic systems that are able to track the movement of the prescription orders from the patient wards to the hospital pharmacy, the efficiency and accuracy of dispensing prescription drugs is adversely affected (Weant, Cook, & Armitstead, 2007). Computerized pharmacy order entry systems have been suggested as potential solutions to the challenges of inpatient drug prescribing errors (Roberts, et al., 2013). Computerized order entry by the prescribing physicians enables the patient’s drug prescriptions to be transmitted electronically from the physician departments to the pharmacy department of hospitals. The essence of the use of the computerized pharmacy order entry systems is to eliminate the handwritten order prescriptions being transmitted from the physicians to the pharmacists. The suggestion for the implementation of computerized pharmacy order management system is pegged on the premise that the automated system is advantageous both in cost-savings and also in drug prescription safety enhancement (Lai, Yokoyama, Louie & Lightwood, 2007). There is no doubt that the major impact of a computerized pharmacy order entry system is to improve the legibility of the prescription orders. This is in turn observed to be fu ndamental for eliminating the medication errors that arises out of wrong drugs issuance by pharmacists, following the ineligibility of the prescription orders. Lack of legibility of the handwritten pharmacy orders can result in the pharmacists dispensing the wrong and even potentially dangerous drugs to the patients (Troiano, 1999). The benefits associated with the automation of the pharmacy ordering process within

Consumer Behaviour Essay Example | Topics and Well Written Essays - 3000 words - 4

Consumer Behaviour - Essay Example According to Salvati (1999, p6), till a customer remains satisfied with the service, there are no major chances that he/she may drop or switch to another service provider. It is a fact that in a highly competitive atmosphere just as in the profit making sectors, customer loyalty is to be given a deep thought. Moreover, actions are to be taken to have a continuous improvement in the level of customer loyalty (Hsieh, 2002). This paper will deal with an important concept of brands and the Australian charities. The paper will be divided into two main parts; namely, Part A and Part B. Part A will deal with the simple literature of branding and a brand personality. The section will also deal with an overview of the Australian Charity. The overview of the Australian Charity Industry will allow a better understanding of the various players in the markets and the non – profit making sector as a whole. Part B of the assignment will deal with three advertisements/ marketing techniques that have been used by the Australian Charities to help build and develop a strong brand image and brand identity (Jobber, 2004). Each of the three examples that have been taken for this study will be studied on three main basis, a) the personality of each brand and what the brands can be characterized into, b) reasons why brands use a certain characteristic and who they aim as their target markets, and c) the possible chan ges and recommendations for change for the brands and their personality (Franzen & Bouwman, 2001). The Australian charity industry is a wide spread market with over almost 700,000 organisations with a wide range of activities that they deal with. These organisations range from different activities like environment conservation, youth assistance, help for the blind, or disabled, and several other activities. Most of the organisations that have been recognised by the government and the only ones that are

Feminism and the Importance of Identity Politics Essay Example for Free

Feminism and the Importance of Identity Politics Essay â€Å"To be feminist in any authentic sense of the term is to want for all people, female and male, liberation from sexist role patterns, domination, and oppression†. Bell Hooks succinctly sums up what it means to be a feminist, and yet when we look to the feminist movement and feminist theorizing today, we see a disturbingly different picture. In a social movement founded on equality for all human beings, the patriarchy and its’ power structures have still made a negative impact in the way this movement is shaped and perpetuated, especially in terms of intersectionality and identity politics. Whose voices are heard? What issues are prioritized? Who is considered a â€Å"true† feminist? When we ask how and why issues of identity and intersectionality are relevant to feminist theorizing, the answer is simple. When the true and complex identities of individuals and social groups are ignored, what forms is a limiting and narrow view inherently oppositional to the movement’s foundation and goals. Essentially, ignoring these issues means perpetuating the oppression the movement itself is trying to fight. What follows is a brief analysis on three reasons why feminists should care about identity and individuals with complex identities: 1) addressing oppressions in a movement dedicated to eliminating all oppression, 2) identifying the negative consequences of elision of difference, and 3) recognizing the real importance of intersectionality in terms of survival in the real world, as opposed to simply theorizing in academics. While the feminist movement is explicitly dedicated to fighting racism and any other types of â€Å"isms†, we see that typically marginalized groups continue to be marginalized within the movement. These groups are well aware of this oppression, yet how often their voices are heard or even considered are slim to none. In a statement from Black feminists part of The Combahee River Collective, it is explained that there was â€Å"the need to develop a p olitics that was anti-racist, unlike those of White women, and anti-sexist, unlike those of Black and white men† (CRC: 59). As members of two oppressed groups in society, Black women face the highest obstacles in their pursuit of complete liberation, especially because of the dominant narrative and voices that have typically commandeered the political movement. As Kimberle Crenshaw purports, â€Å"the need to split one’s political energies between two  sometimes opposing groups is a dimension of intersectional disempowerment that men of color and white women seldom confront† (Crenshaw: 85). The intersectional experience of White women have typically dominated the women’s movement as White women have had more accessibility and opportunity to speak out/theorize academically as opposed to Black women. Thus, the experiences of Black women – which are distinguishably different from the White woman’s are essentially absent from the discussion, an issue that is highly problematic as it points to racism and oppression within a social justice movement (not to mention a limited perspective). Feminist theorists and activists must make sure to account for intersectional experiences in order to avoid this hypocrisy. Specifically, White feminists and activists must understand that their role as genuine activists in the movement mandates a need to be educated and literate in Black history and culture, something that the Combahee River Collective has explicitly called for. As they argue, â€Å"eliminating racism in the white women’s movement is by definition work for white women to do, but we will continue to speak to and demand accountability on this issue† (CRC: 63). Being a conscientious and fully aware member of this movement involves more than addressing intersectionality and racism within the movement. Feminist theorists need to identify the importance of 1) making the personal political, and subsequently 2) avoiding the harmful and common elision of differences between and within groups. These two ideas cannot happen or be fully achieved without the other. The first step requires a great deal of honesty and self-reflection, which may come with some discomfort and pain, a reason that many individuals may avoid this introspection. As Mari Matsuda argues in her article, â€Å"by claiming, exploring, and questioning my own identity in an explicit way, I seek truth, and I seek to encourage my students to do the same† (Matsuda: 75). Feminist theorists must consider the value of truth and justice over any type of discomfort or personal guilt that blocks the path towards complete liberation for all. Just as honesty is crucial in terms of oppression within the movement, it is also key in recognizing privilege. Matsuda supports this idea: â€Å"I do not know of any other politics of social change that works other than the one that asks people to explore deeply their own location on the axes of power† (Matsuda:  76). Once one has a certain amount of self-awareness and recognizes their privilege, only then can they be able to avoid ignoring intragroup differences. Ergo, the White woman cannot fully understand the complexity struggle of a Black woman’s experience in the movement if she does not understand her own privilege over the Black woman within the same movement. While intersectionality is quite real in the day-to-day lives of women, feminist theory has typically categorized identity as a limiting either/or dichotomy between â€Å"woman† or â€Å"person of color†, leaving women of color marginalized. In terms of violence against women, Crenshaw argues that this elision of difference is harmful because it is perpetuating the violence by not fully understanding how multiple dimensions of woman’s identity contribute to her experience. For example, in our society ruled by a racist/patriarchal structure and system, battered women of color face poverty and racially discriminatory employment/housing, thus have a much harder time finding shelter and support. The elision of difference can also be harmful because it poses as a threat to solidarity – ignoring intragroup differences simply continue to raise tension between these sub groups and ultimately harms the progress of the movement, which requires everyone to stand with one another. Lastly, feminist theorists must recognize the importance of intersectionality and identity as transcendent issues that go beyond simply theorizing and play a very real role in the lives of women every day. As Crenshaw argues, â€Å"The struggle over incorporating these differences is not a petty or superficial conflict about who gets to sit at the head of the table. In the context of violence, it is sometimes a deadly serious matter of who will survive and who will not† (Crensaw: 89). The commonly shared assumption that battering is a minority problem, for example, exemplifies the issues with ignoring intersectionality/identity. Battering is a human problem, and if a Latina woman cannot get shelter from a husband threatening to kill her multiple times because she can’t prove she is English-proficient, then something is very wrong. These exclusionary policies are inherently oppositional to the goal of human liberation and the women’s movement, and if feminist theorists do not address this, then not only will real change remain absent, but we will continue to lose the lives  of women around the world. These are human beings that deserve to live and exercise their rights; that deserve to celebrate their multi-dimensional identity, instead of suffer from it because feminist theory and societal structure are ignoring them. Feminist theorists, we need you to be honest with yourselves and your privilege. We need you to address the complexity and beauty of every individual, help use these differences to resist against oppression instead of perpetuate it, and ultimately harness and use the full power of group solidarity to truly and genuinely fight for human liberation.

Charlotte Perkins Gilman’s “The Yellow Wallpaper” Essay Example for Free

Charlotte Perkins Gilman’s â€Å"The Yellow Wallpaper† Essay Charlotte Perkins Gilman wrote â€Å"The Yellow Wallpaper† in the late 1800’s while being treating by the very trusted Weir Mitchell. During this time women were commonly admitted into the care of doctors by their husbands without their given consent. At this time there was very little research concerning Post- Partum Depression. According to the A.D.A.M Medical Encyclopedia, Post-Partum is moderate to extreme depression women may experience after giving birth. The symptoms include fearfulness, restlessness, and anxiety- all of which are displayed by Jane in â€Å"The Yellow Wallpaper. † Gilman was advised by Dr. Mitchell to stop writing and rest, only partaking in â€Å"household† activities. She was not to visit with friends or go outside much. Contesting to these rules, Gilman ended treatment with Mitchell and wrote â€Å"The Yellow Wallpaper† with the hopes of shedding much needed light on the ineffectiveness of his strategies. The mental condition of many women often worsened due the general population’s lack of consideration involving a woman’s outspoken opinion involving the betterment of her own health. Carol Kessler writes in â€Å"Consider Her Ways: The Cultural Work of Charlotte Perkins Gilmans Pragmatopian Stories, 1908-1913,† â€Å"The utopian fiction of Charlotte Perkins Gilman takes on as its cultural work the demonstration that women are not confined to one traditional mode of beingwife/motherhoodbut can fill as varied social roles as can male counterparts† (126). Kessler is stating Gilman’s writing is not only a statement against the mental health practices concerning women, but also includes other issues that were dominated by a patriarchal society. Denise D. Knight suggests in her essay â€Å"I Am Getting Angry Enough to do Something Desperate,† that Jane’s behavior at the end is â€Å"an expression of the tremendous rage she feels toward her husband, John† (78). This statement is evidence suggesting that women were well aware of the need for a change involving these matters. Gilman uses the yellow wallpaper to symbolize the psychological, sexual and creative oppression women experienced during Gilman’s contemporary times. Jane’s â€Å"condition† is revealed to the reader at the beginning of the story. Jane has just arrived at the â€Å"vacation† home and is writing secretly since John forbids it. She writes of John, â€Å"You see, he does not believe I am sick!† (Gilman 173). This quote indicates to the audience that Jane’s voice is of no importance next to John’s. Jane continues to voice her opinion about her illness and what she believes could cure her. John blatantly ignores any suggestions she may have concerning her own health, appearing heartless and cold. This is very clear when Jane initially voices dislike for the room with the yellow wallpaper, in which she is assigned to stay. Jane writes, â€Å"I don’t like our room one bit. I wanted one downstairs that opened on the piazza †¦but John would not hear of it!† (Gilman 174). Gilman allows the audience a glimpse at the symbolism of the wallpaper at this point. Jane mentions her dislike of the room with the yellow wallpaper as soon as she is introduced to it. Upon bringing this discomfort to John’s attention she is sufficed with a promise to replace it. However, John later breaks his promise with the reasoning that they will only be there three months. The creeping feeling Jane experiences concerning the wallpaper symbolizes the mental instability she feels looming over her. John convinces Jane there is nothing wrong with the room and refuses to move her even though she requests he do so. When Jane persists she writes of his response to her, â€Å"But John says if I feel so, I shall neglect proper self-control; so I take pains to control myself† (Gilman 174). Jane is forced to h ide her feelings and worsening condition, as well as her writing. This interaction between the two characters demonstrates how many women during this time period were not to have opinions or preferences. This scene displays the lack of self-expression and freedom women encountered. Creativity in women was not widely accepted in Gilman’s society and was often deemed improbable. In one of Jane’s entries she describes, â€Å"There comes John, and I must put this away he hates to have me write a word† (Gilman 175). This sentence is powerful because the written word is often more powerful than the spoken word. Women were rarely given the luxury of speaking freely, much less writing freely. John’s reluctance to allow Jane to write illustrates the narrow minded ideals men had concerning women. In â€Å"Why I Wrote the Yellow Wallpaper,† Gilman writes that Dr. Mitchell, â€Å" concluded there was nothing much the matter with me, and sent me home with solemn advice to live as domestic a life as far as possible, to have bu t two hours intellectual life a day, and never to touch pen, brush or pencil again as long as I lived’†(51). Both Gilman and Jane were creative women that used writing as therapy to express what others around them could not understand. Jane’s journal and her writing symbolize the creative talents and intelligence many women were capable of but were forced to conceal. Gilman contradicts the idea of women being married to make great â€Å"mothers† with the statement, â€Å"And yet I cannot be with him† (Gilman 177). Jane is referring to her infant son. The possibility that a woman could want more from life other than to marry and have children was an almost impossible notion at the time. In â€Å"Gilmans The Yellow Wallpaper: A Centenary† Linda Wagner- Martin writes, â€Å"Of these many conflicts inherent in womens trying to lead acceptable female lives, perhaps the most troublesome is that of motherhood, its attendant responsibilities, and its almost inevitable loss of self-identity† (52). The A.D.A.M Medical Encyclopedia suggests that a common cause of Pos t-Partum Depression in women is the decreasing amount of time they have to themselves after having a child. Women of brighter minds were often misplaced in this type of society. Many artists feel an undeniable obligation to their work, often taking time away from their families. It was impossible for artistic women to prosper when their prime purpose in life was to marry and have children. Knight writes, â€Å"Gilman demonstrates how stifling the cult of domesticity was for intelligent women† (78). Jennie, Jane’s caretaker, represents this idea. Jane writes of Jennie, â€Å"She is a perfect and enthusiastic housekeeper, and hopes for no better profession† (Gilman 178). Jennie’s characteristics and tendency to stay out of Jane’s business resembles a fear felt by many women. While it was common for many intelligent women to become depressed due to creative and psychological oppression, fear often quieted any desires for change. It was widely understood that any woman who tried to live otherwise would just as easily end up in Jane’s predicament. Martin writes of the matter, â€Å" The point, obviously, is that society expects women to be fulfilled through motherhood, and that women who question their roles as mothers, who complain or are angry about those roles, are suspect if not beyond human comprehension† (63). In â€Å"The Yellow Wallpaper† Jane’s behavior often reflects this idea that women longed for the opportunity to choose their life occupation, rather than being assigned it. Sexual oppression of women is also touched on in this piece. John often goes away for a work and even when he visits, there is minimal physical contact between him and Jane. Judith A. Allen writes in â€Å"Reconfiguring Vice: Charlotte Perkins Gilman, Prostitution, and Frontier Sexual Contracts,† â€Å"Gilman shared in a common, international, late nineteenth-century feminist critique of marriage and of other sexual economic contracts† (173). Gilman’s very opinionated statements regarding women’s freedoms clearly extended to their sexual needs as well as emotional needs. While it was often expected for women to stay behind and tend to the children while the men were away at work, it was often overlooked how these physical absences affected them. It was socially acceptable for a man to appease his sexual appetite with other women while he was away, but not for his wife to do the same with other men. This was taxing on many women. When John is visiting Jane one night, he simply scoops her up and takes her to bed, where he reads to her until she is tired and ready for bed. Jane appears to be too ill to confront her sexual desires like many women of the time. Her relationship described with John is surfaced. Since there is a lack of a physical relationship between the two, there appears to be no relationship at all. This clarifies the belief that women were married off to produce children and please their husbands. Once Jane begins taking notice of the wallpaper itself, the tone of the story takes a dive. While the tone of the story begins somewhat light hearted and seemingly harmless, there is still a hint of foreshadowing. It is when Jane becomes obsessed the audience becomes aware of how terrible her condition truly is. It is almost used as a mockery of John’s ignorance throughout the entire story. The narrator writes, â€Å"There are things in that paper that nobody knows about but me, or ever willâ €  (Gilman180). This is when Jane is realizing the figure in the wallpaper in fact is a woman and she appears to be behind bars. The symbolism here is that no one can understand how Jane is feeling, including the other women around her. As time goes on John tells Jane things such as, â€Å"You are gaining flesh and color,† and â€Å"I feel much easier about you† (Gilman181). Rather than asking Jane how she feels, he is telling her. The irony is Jane’s willingness to accept being told how to act, feel, and live. Based on the mockery provided by the narrator, John does not truly understand what Jane needs, considering he, like everyone else involved, does not view women as people capable of reasoning and complex feelings. This idea was prevalent to the society throughout that time period. The phrase â€Å"dear John† is mentioned throughout the story, indicating the importance of John to Jane. As Jane’s condition and obsession with the wallpaper worsen, her strength d ecreases as well. She is forced increasingly rely on others, including John. She writes of John, â€Å"Dear John! He loves me very dearly and hates to have me sick† (Gilman 180). The irony is how little of importance Jane appears to have in John’s life. He has a routine written for Jennie and Jane to follow throughout the day while he’s away. One of the nights he is visiting, Jane writes, â€Å"He said I was his darling and his comfort and all he had† (Gilman 180). These words have an empty meaning. If Jane were the only thing John had, he would have paid more attention to her and realized she was not getting better in the least. This supports the then popular belief that women would be content with simply being told what they want to hear. In â€Å"The Yellow Wallpaper,† there are statements made against the male physicians that were so highly admired among communities during Gilman’s time. Jane writes, â€Å"John is a physician and perhaps that is one reaso n I do not get well faster† (Gilman 173). Jane is admitting that a woman’s duty to submit to her husband gets in the way of her need to be persistent concerning her health. This observation is ironic and bold. It argues the mockery in the situation. John, as a doctor, is held up to such high standards, yet he has no idea what is really going on with this woman. The story is ridiculing society’s idea of â€Å"intelligence.† John makes the mistake of treating Jane as if something is wrong with her. However, the humor is in the doctors’ inability to figure out that women are simply composed of the same emotional capabilities as men. It is also necessary to pay special to attention the symbolism of name choice in â€Å"The Yellow Wallpaper.† John and Jane can allude to â€Å"Jane Doe† and â€Å"John Doe.† If this is the case, both could be identified as of no particular importance to the audience. A Jane or John Doe are unidentified people. Gilman did not feel the need to give the se characters any specific names that would identify them with a particular characteristic or trait. Their situation is unidentified, and their situation was very common for that time. John’s disregard for Jane’s claims of her slow descent into a worsening mental condition was a common practice for doctors regarding women. Often when a woman needed or wanted something, she had no other choice but to acquire the assistance of her husband. In the instance of Jane needing alternative means of medical care, her only hope would have been John. Naturally John did not listen to her protests. Gilman is stating that both men and women should have an equal say in marriage. Kessler writes, â€Å"The ‘partnership’ society that Eisler defines seems already to have been present in the pragmatopian imagination of Charlotte Perkins Gilman as revealed in her turn-of-the-century fiction, especially the short stories: the alternative or partner-oriented gender roles she depicts could be realized or attained then or in the present-day society that we know† (126). There were also many marriages lacking the understanding John clearly does not display. This coincides with the idea that many women who were married to many men at that time experienced the oppression Jane feels and were met with the same ignorance John displays. At the end of the story Jane writes, â€Å"For outside you have to creep on the ground, and everything is green instead of yellow† (Gilman 188). This has a childlike feel to it. Earlier in the story, when Jane is trying to talk to John about how she is feeling he replies with, â€Å"What is it, little girl?† (Gilman 181). The last scene of the story describes Jane as this crazy woman, but it has her creeping around the ground like a child. In â€Å"Environment as Psychopathological Symbolism in The Yellow Wallpaper,’† Loralee MacPikew writes, â€Å"The fact that the narrators prison-room is a nursery indicates her status in society. The woman is legally a child; socially, economically, and philo sophically she must be led by an adulther husband† (286). One day when Jane is stuck in her room alone, she reverts to her childhood while staring at the wallpaper, giving a description of a vivid memory. She writes, â€Å"I never saw so much expression in an inanimate thing before, and we all know how much expression they have! I used to lie awake as a child and get more entertainment and terror out of blank walls and plain furniture than most children could find in a toy-store† (Gilman 177). These behaviors revert to the idea that even as children, females were facing emotional neglect. It also supports the idea Jane was often treated like children by their husbands, posing the question how could she be expected to be a â€Å"good† mother if she herself was not permitted to act like an adult. Gilman’s decision to make the wallpaper yellow as opposed to any other color is interesting. Yellow is often viewed as a neutral color concerning gender. This may be connected to Gilman’s outcry of the belief that women ar e inferior to men concerning creative, emotional, and intelligent capability. Once Jane begins to acknowledge the wallpaper, her descriptions of it become more detailed. She describes it, â€Å"looked at in one way, each breadth stands alone; the bloated curves and flourishes- a kind of â€Å"debased Romanesque† with delirium tremens- go waddling up and down in isolated columns of fatuity† (Gilman 179). The words â€Å"delirium tremens† (Gilman 179) indicate how the wallpaper concurs with Jane’s worsening condition. Colors have often been known to manipulate a person’s mood. Following this belief, yellow is known to promote communication. This is an ironic symbol, considering John did not listen to Jane in the least. There are many times he overlooks her feelings or statements. At the beginning of the story Jane claims to feel something strange about the house. When she brings this to John’s attention he says what she â€Å"felt was a draught, and shut the window† (Gilman 174). Clearly John’s inability to listen to Jane discourages her to speak of anything at all to him. In â€Å"Consider Her W ays,† Kessler writes, â€Å"By refusing to accept definitions of traditional male and female roles, and instead of offering clear alternatives to such mainstream notions, Gilman forces readers to question boundaries defining behavior assumed acceptable on the basis of gender† (126). This statement supports the notion that Gilman believed that both men and women should share all household responsibilities, including working and raising children. The satirical symbolism at the end of â€Å"The Yellow Wallpaper† is astounding. It does a great job of surprising and shocking the audience. It leaves this image imprinted of a crazy lady taking a bite out of a bed and creeping around her husband. Once Jane believes she is the lady inside the wallpaper, she writes, â€Å"and I don’t want to have anybody in, till John comes. I want to astonish him† (Gilman 187). At this point her anger is apparent. The narrator is clearly pointing fingers at who is to blame for her current predicament. She is comparable to a child throwing a tantrum. It’s almost as if Jane is assuming the behaviors of a role she has been given, which is no different than what she does from the beginning of the story. She does what she is told. However, John often refers to her as everything but a woman. Naturally this mentality was bound to catch on. Jane also had no other means of escape from her world. John refused to allow her to go anywhere. It was almost as if she were a child being grounded. When children are forced to stay inside they use their imaginations as entertainment. To do this is human nature, and Jane is no exception. There is also attention to be paid to the bars described in the wallpaper. Jane writes, â€Å"at night in any kind of light, in twilight, candlelight, lamplight, and worst of all by moonlight, it becomes bars!† (Gilman 182). The bars symbolize all the oppression felt by Jane. As the progression of Jane’s condition worsens, the appearance of the bars becomes more prominent. Once Jane discovers the bars, she notices the woman in the wallpaper, â€Å"The outside pattern, I mean, and the woman behind it is as plain as can be† (Gilman 182). This quote refers to the unawareness John and other men of the time displayed concerning women. Gilman is making a statement against how obvious it is that Jane knows what she needs more so than her husband. This scenario was common among many women during that time period. It is also an outcry against a woman’s inability to practice self-expression. Once Jane decides to try and help the woman escape from the wallpaper (and becomes the woman herself), she peels off all the paper so she cannot be put back. Once John gets into the room she says to him, â€Å"’I’ve got out at last,’ said I,† in spite of you and Jane! And I’ve pulled of most of the paper, so you can’t put me back!’† (Gilman 189). This statement could be interpreted as Gilman’s creative self being defiant against the rules set up by a patriarchal society. While this last scene can be understood as haunting and disturbing, it almost seems as if Jane is getting the last laugh in the end. Her husband who is â€Å"successfully† a physician has failed his own wife. Jane’s road to insanity was brought on by her husband’s â€Å"trusted† tactics. Shortly after the story was published, Weir Mitchell was forced to re-evaluate his tactics used on â€Å"mentally unstable† women. There were many patriarchal barriers facing women when â€Å"The Yellow Wallpaper† was written. Gilman does an extraordinary job of displaying the horrors that resulted from this complex and delicate subject. The image of a woman behind bars in yellow wallpaper could not be more appropriate to convey such an important message. This short story demonstrates the feeling of entrapment and misplacement many creative and intelligent women felt during Gilman’s time. The yellow wallpaper is a strong symbol of a declaration of independence, creativity, and self-expression in a society where such notions were much too often withheld from the female population.

Security Incident Handling Service

Security Incident Handling Service EXECUTIVE SUMMARY 1 INTRODUCTION Expect the unexpected. As soon as a crisis erupts, it should be immediately handled to reduce its potential impact on critical business operations. Such undesirable incidents occur unanticipated and when they do take place, damage or harm is the result. In most aspects of life, it is better to stop something disastrous happening than it is to deal with it after it has happened and IT security is no exception. If possible, security incidents should be dealt accordingly from occurring in the first place. Yet, it is unachievable to prevent security incidents. When an incident does happen, its impact needs to be brought down to adequate recommended level. Security incident handling outlines the actions to follow in an event that an electronic information system is compromised. An event is declared an incident when the confidentiality, integrity or availability (CIA) elements of a system is compromised. Significant commodities such as information and knowledge must be safeguarded at all c osts. Communications within an organization and its interactions to its customer base are regarded as the life blood in this IT intensive fast paced world. If an organization is inoperative for any period of time, it may cost millions in lost business or loss of reputation. Size of an organization does not matter. Unexpected downtime influences organizations of all sizes impacting revenue, customer satisfaction and overall production. It is vital that they quickly recover from such downtime and restore operation and re-establish their presence to ensure survival. Consequently, many firms have realized the importance of setting up incident handling procedures. One of the drawbacks is that many organizations learn how to respond to security incidents only after suffering from them. In the course of time, incidents often become much more costly. Proper incident response should be an integral part of the overall security policy and risk mitigation strategy. Incident handling procedures that are in place in an organization improves to maintain the business continuity of critical operations. In todays competitive economy, a company cant afford to cease critical business operations and remain idle for long period of time because of lack of incident handing procedures. Thus, an organization needs to be well prepared for continuity or recovery of systems. This typically requires a considerable investment of time and money with the aim of ensuring minimal losses in the event of a disruptive event. The goal of setting up incident handling procedures is to know exactly what to do when an incident breaks out. This means anticipating scenarios before they occur and making appropriate decisions about them in advance. Those assessments typically demand consultation and senior management support, hence these people are needed early immediately after an incident has been confirmed. For example, just deciding who to tell when an incident occurs can be hard to determine. Manageme nt needs to provide input to respond quickly and this embarks into issues like after hours support and mixed project/support roles. External support may also be sought, resulting in additional cost, time and effort to select partners. 1.1 PURPOSE OF THE DOCUMENT This document provides guidance to identify and record the nature and scope of a computer security incident handling service. This paper discusses the functions that support the service, how those functions interrelate and the tools, procedures and roles necessary to implement the service. It also concentrates on incident analysis. For example, we can make a comparison between a fire that broke off in an apartment and a computer security incident that happened in an organization. Similarly as a fire department will investigate a fire to know where it originated from, a Computer Security Incident Response Team (CSIRT) tries to figure out how the security incident occurred. Both the fire department and CSIRT operate in the same approach. A fire department needs to get along with other fire departments on it can depend on for additional support in peak times or to tackle a serious catastrophe. It must cooperate with other emergency units to react promptly and provide law enforcement. Th is document will discuss how CSIRTs interact with other organizations, such as the department that reported the security incident to it, other CSIRTs, law enforcement and the media. Both fire department and CSIRT need to properly handle information, some of which is sensitive and relevant to the individual held responsible for the crime. Information handling is considered to be an indispensable discussion subject in this paper. CSIRTs propose client confidentiality in the same manner that many emergency units do, safeguarding reporters and victims from public disclosure. CSIRT survival depends on handling confidential information appropriately, because if it cant be trusted, nobody will report to it, thus making it almost useless. CSIRTs have committed permanent staff as well as part-time, volunteer staff and reliable security experts to handle an unexpected security emergency. Its staff is at the frontline in event of a crisis, CSIRT achievement depends on their interaction with th e outside world and the image that they project by the way of performing their duties and the service quality that they provide. To attain such high level of success, recruiting suitably competent staff seems to be a complicated process. People in charge of appointing CSIRT staff mistakenly look for unsuitable set of talent and ability in prospective employees. For that reason, this paper discusses staffing and hiring concerns and actions to guarantee that CSIRT staff offer reliable, pleasant and specialized service. Other services besides the incident handling service, such as the supply of intrusion detection assistance and vulnerability handling are also provided by CSIRT. The information in this paper is understandable in such a manner that is basic to the reader to put it into operation to any type of CSIRT setting, from in-house team for a company to an international coordination center. This document is intended to present a valuable foundation to both recently created teams and existing teams where there is a lack of clearly defined or documented services, policies and procedures. This paper is more appropriate to use during the early stages when a company has acquired management support and funding to set up a CSIRT, before the team becomes operational. Moreover, this paper can be still a valuable reference document for already operational teams. 1.2 INTENDED AUDIENCE The general CSIRT community who may require a better knowledge of the composition and objectives of their existing teams will benefit from this document. It also targets individuals and organizations who are likely to join the CSIRT community in the near future. It is precisely aimed at managers and other personnel who take part in the process of setting up and leading a CSIRT or managing incident crisis. The list may include Chief Information Officers, Chief Security Officers and Information Systems SecurityOfficers Project leaders and members in charge of creating the team CSIRT managers CSIRT staff IT managers [1] Higher management levels and all CSIRT staff can use this paper as a useful reference. This document can also be utilized by other individuals who work together with CSIRTs. This may include members of the CSIRT constituency law enforcement community systems and network administrator community CSIRT parent organization or other departments within the parent organization such as legal, media or public relations, human resources, audits and risk management investigations and crisis management [2] 2 MAIN CONTENT Definition of Security Incident The Information Security Management Handbook defines an incident as any unexpected action that has an immediate or potential effect on the organization [3]. Whenever the safety and stability of an information system is compromised, such instance can be referred to as a security incident. There are several different definitions of security incidents; one is A violation or imminent threat of violation of computer security policies, acceptable use policies, or standard computer security practices [4], another definition describes the security incident as any event that may threaten or compromise the security, operation or integrity of computing resources [5]. In other words, a security incident is a state of violation of security policy in an organization and the security of their information system. Security incident refers to a common term that encompasses any type of security breach regardless of location, the level of the threat or the magnitude of it. The commonly known factors of security incidents are events and actions that expose one or more basic elements of information security: confidentiality, integrity and availability (CIA) of information systems. An incident can be caused by authorized or unauthorized personnel, process, hardware or software. It can be an accident as well as a planned malicious action. Handling security incidents In the course of a crisis, time runs short in terms of about what to do, who will do it or how it will get done, therefore it is vital to arrange for a response in advance. The better prepared you are for an incident, the more likely you are to respond correctly. Proper set-up of an incident handling procedure can help to lessen impact of undesirable incidents. The objective of such procedure in place is to provide a framework for an orderly, coordinated response by appropriate resources within the organization. It is in a companys own benefit that it establishes a Computer Security Response Capability, a process that provides centralized response and reporting functions for security incidents. According to (Computer Security Incident Handling Guide, National Institute of Standards and Technology, March 2008), establishing an incident response capability should include the following actions: Creating an incident response policy plan Developing procedures for performing incident handling and reporting, based on the incident response policy Setting guidelines for communicating with outside parties regarding incidents Selecting a team structure and staffing model Establishing relationships between the incident response team and other groups, Determining what services the incident response team should provide Staffing and training the incident response team The â€Å"Cyberthreat Response and Reporting Guidelines† report, jointly approved by the FBI and US Secret Service recommends that the better equipped a company is in the event of a security event, the better probability it has to reduce the impact of the crisis. This recommendation is actually one of the chief responsibilities of a CSIRT, to be well organized to successfully cope with an incident when they happen and to help prevent incidents from occurring in the first place. As a starting point, the team should have a strategy plan for incident handling. This plan should be supported with documented policies and procedures. According to (State of the Practice of Computer Security Incident Response Teams, October 2003), the incident response plan identifies the mission and goals of the team, the team roles and responsibilities; the services provided; and policies, procedures, processes, and guidelines related to incident handling. The incident response plan is not only inten ded for CSIRT employees, but also for community that they serve. From that viewpoint, both parties should be proficient about what to report, how to report it and to whom it should be reported. The plan should also describe the expected level of service that is reasonable. Staff who is accustomed with computer security incidents recognize the fact that these incidents vary in shape and size. Some are quite uncomplicated, easy to cope with and mitigate while other are extremely severe and very complicated or can have harsh impact on IT systems and necessitate proper authority to respond to effectively. In the event of a crisis, adhering to the plan in place will facilitate the organization to promptly isolate disruption cropping up on IT systems or networks as well as to assist to counteract to such events. It may alleviate potential risk such as loss of company reputation, trust or financial status. For existing CSIRTs who dont have a robust plan, they can still manage with some bas ic guidelines. They can make use of their current incident handling procedures as a guideline, in the meantime they can revise their existing documentation. They can rely on those basic guidelines namely the plan to handle incidents, areas of responsibility, general and specific procedures. Other typical guidelines can include an incident response checklist as well as procedures for what type of activity to report and how that information should be reported. A company needs to take into consideration several factors prior to planning an incident response capability. They include introducing a point of contact for reporting incidents pinpointing the aims and objectives of the team distinguishing and selecting the staff and necessary expertise offering direction for reporting and handling incident reports allocating proper security awareness and incident response training for CSIRT staff launching and promoting specific incident handling and security policies and procedures for the CSIRT exposing lessons learned with other colleagues designing a benchmark to monitor the effectiveness of the CSIRT devising strategy to allow coordination between the CSIRT and internal and external parties Organizations or the team typically approve policies and record them. It is crucial to know what these policies consist of and to ensure that they are properly implementable, enforceable in the workplace. Like the mission statement, senior management approves and enforces policies. The policies need to be openly expressed and well understood by each team member, technical, management or administrative. It will be a difficult task for the staff to appropriately execute and carry out their duties without a clear understanding of the policy. In order to write a clear policy, it is best to avoid excessive jargon. Whenever possible, consult someone who is not in security or IT to examine the policies. Rephrase the policies if not understood. Use very short sentences. A good policy is a short one. A security policy should be concise, well segregated between the management aspect (the policy) and the operational aspect (the procedures). Moreover, a policy must be both implementable and enfo rceable, or else it doesnt have any purpose. It is easier to implement a policy if it is well designed and relevant to the needs and goals of the CSIRT. Truly effective policies address genuine needs within a business, making the staff willing and even eager to implement them because they make operations smoother and give the business added reliability. Top management should execute appropriate actions or steps to enforce a policy. Policies must be enforceable; otherwise they are of little or no value. Usually when a policy ismplementable, it is normally also enforceable unless it contradicts itself. Concrete measures are needed to assess the usage of the policy. Example: An example of a contradictory policy is the security policy that ranks internal information security as priority number 1 but at the same time ensures absolute privacy for its staff; the latter makes it hard or even impossible to enforce security in case of an insider threat. To successfully develop and implement s ecurity policies, top management needs to be involved in and strongly support the project (Lam, 2005). A proposal with a report of external and internal requirements and a draft assessing budget can easily persuade managers to support the development and implementation of a security project. Having management support and authorization can resolve money and time issues. These managers can allocate the required budget and allow sufficient time for development and implementation. In addition, top management has power to affect processes by requiring employees to participate (Kearns Sabherwal, 2006). How to Implement Security Policies Successfully The implementation phase probably is the hardest phase in the life cycle of developing and maintaining security policies. Many organizations fail in this phase. To effectively and efficiently implementing security policies, teams first need to resolve many issues. Lack of strong management support (Fedor et al., 2003; Lam, 2005), lack of budget (Kearns Sabherwal, 2006; Martin, Pearson, Furumo, 2007), lack of implementation time (Walker Cavanaugh, 1998), lack of strong leadership (Fedor et al., 2003), lack of awareness of benefits of implementing security policies—â€Å"why for† (Hansche, Berti, Hare, 2004)—, or ineffective communication with users (Jackson, Chow, Leitch, 1997; Walker Cavanaugh, 1998) may cause problems. Resolving all of the above issues can help in successfully implementing security policies. Computer Security Incident Response Team (CSIRT) A team is a focal component of incident response plan, policy and procedure creation so that incident response is dealt effectively, efficiently and consistently. The team should cooperate with other teams within the organization towards a central goal which encompasses the plan, policies and procedures. Outside parties such as law enforcement, the media and other incident response organizations can also be contacted. Computer Security Incident Response Team is regarded as the nerve center of an incident response plan. It is normally composed of a team manager, a management advisory board and other permanent and temporary team members. The temporary staff provides advice on technical, business, legal or administrative issues, depending on the nature and scope of the incident. The team assists the organization to identify and document the nature and scope of a computer security incident handling service. The team manager supervises labour of the team members, presents ongoing status i nformation to the Chief Information Officer (CIO) and other senior management and requests assistance on expert advice outside of IT department when needed. This role leader should be accustomed with computer security issues, the function of IT areas and staff, general company operations as well as the duty of other employees in the institution who may serve as resources for the CSIRT. Under challenging situations, the team manager must be able to coordinate teamwork with other staff and to deal properly with circumstances that necessitate discretion or confidentiality. The technical leaders role is to assess the characteristics and severity of an incident, propose recommendations on security control and recovery issues to the team manager and requests on additional technical resources if needed. This role should possess a broad understanding of operational and systems security. Other employees can join the team on a spontaneous basis and remain team members until closure of inciden t. Additional resources may be required to serve areas such as: law enforcement, legal, audit, human resources, public relations, facilities management or IT technical specialties. The table below shows a list of members who should be included in the CSIRT and their roles in the team. Table 1: Team members in IRT Source: table from page 4-2 of Incident Response Procedure for Account Compromise Version 1.2 2004 by Visa International Besides their technical expertise, CSIRT staff distinctive quality is their motivation and talent to stick to procedures and to present a professional image to customers and other parties working together with them. In other works, it is more convenient to appoint staff with less technical expertise and excellent interpersonal and communication skills and subsequently train them in a CSIRT-specific environment than vice versa. Communication of a team member who is a technical expert but has poor communication skills may brutally ruin the teams reputation while interactions that are dealt with competently will assist to improve the teams standing as a valued service provider. Possessing a broad range of interpersonal skills is significant since team members are frequently in contact with each other and other parties such as law enforcement, legal, human resources. T hus, these professional interactions that CSIRT employees adopt will influence the reputation of the team and special concern to an individuals interpersonal skills matters. Some interpersonal skills, required for incident handling staff, are listed below: logical judgment to formulate effective and suitable decisions in time of crisis or under pressure or strict time constraints effective oral and written communication skills for interaction with other parties discretion when dealing with the media aptitude to follow policies and procedures enthusiasm to learn new things challenge to work under pressure teamwork reliability to maintain teams reputation and status readiness to accept ones own mistakes problem solving skills to efficiently handle incidents time management skills for high priority tasks Apart from interpersonal skills, CSIRT staff should possess fundamental understanding of technology and issues on which they base their expertise. The following technical know-how is crucial for CSIRT staff: public data networks (telephone, ISDN, X.25, PBX, ATM, frame relay) the Internet (aspects ranging from architecture and history to future and philosophy) network protocols (IP, ICMP, TCP, UDP) network infrastructure elements (router, DNS, mail server) network applications, services and related protocols (SMTP, HTTP, HTTPS, FTP, TELNET, SSH, IMAP, POP3) basic security principles risks and threats to computers and networks security vulnerabilities/weakness and related attacks (IP spoofing, Internet sniffers, denial of service attacks and computer viruses) network security issues (firewalls and virtual private networks) encryption technologies (TripleDES, AES, IDEA), digital signatures (RSA, DSA, DH), cryptographic hash algorithms (MD5, SHA-1) host system security issues, from both a user and system administration perspective (backups, patches) [6] It is crucial that one division of the team possess a thorough understanding of the full range of technologies and issues used by the team. This contributes to expand and intensify the technical resource and capability of the team and train other team members through education and documentation. It also makes sure that the team can provide a full range of services. Besides an in-depth understanding of the technical skills listed above, the following specialist skills are required: technical skills such as programming, administration of networking components (e.g. routers, switches) and computer systems (UNIX, Linux, Windows, etc) interpersonal skills such as human communication, experience in presenting at conferences or managing a group work organization skills Obviously, a team will be unable to employ individuals who possess all the necessary interpersonal and technical skills. But there are opportunities to address such deficiency in those skills, such as training of staff to develop and retain such skills and support continuous progress. Hiring CSIRT Staff For any staff vacancy, the hiring process to select the most talented applicant is a complicated task. Even a candidate who appears on the surface to possess the right skill set might not be able to work within CSIRT setting. It is true when a crisis has been declared where the candidate may not be able to cope with the situation and inefficiently carry out their duties. Therefore, it is recommended to present the applicant to a hiring process, specifically designed to reveal the applicant strengths and weaknesses. Based upon the findings of the hiring process, the team will make up their mind to train the applicant in the specific skills that the candidate may require or decide not to employ the candidate. Compared to a regular hiring process, additional steps should be included in any CSIRT hiring process and they are: pre-interview document check pre-interview telephone screening interviews that cover topics from technical abilities to interpersonal skills candidate technical presentation reference checks, including criminal records The complete hiring process should be devised to detect potential employees who possess appropriate interpersonal skills and technical skills. Such candidates can undergo further training to acquire more competence. Before calling the applicant for a personal interview, the pre-interview document check and telephone screening determines in the first instance whether the candidate is an ideal match for the selection process. At this stage, more information is gathered about the applicants broad level of interest in computer security and other more specific details on items covered in his or her resume. The telephone screening will give a good impression of the candidates oral communication skills. Before CSIRT staff begin to interview potential candidates, its better to decide in advance what particular issues ranging from technical issues and ethical issues to social skills are most likely to be discussed during the interview process and select which existing staff are most suitable to talk about those issues with the candidate. Thus separate topic areas are covered by each of the various interviewers, saving any duplication of effort. Each interviewer will be in a position to review and consolidate feedback on the issues covered. Another strategy may be carried out where similar topics may be discussed by other team members involved in the interview process to agree on the candidates faculty about a particular topic and identify any weaknesses. To ensure proper recruitment, the applicant should have the opportunity to meet up with CSIRT team members through a lunch meeting or at the candidates technical presentation. A candidate, required to give a technical presentation, offers CSIRT an opportunity to measure other technical and interpersonal skills of the candidate. It also gives an idea how much common sense the candidate has and whether the applicant will be able to cope under stressful situations. Other qualities such as overall presentation skills, an ey e for detail, technical accuracy and ability to answer questions on the fly are also taken into account. After an individual has been appointed, there is also an enormous task to make them adapt to CSIRT. The new staff will need to undergo training for some period of time to get used to the CSIRT working environment as well as specific policies and procedures for the team. Some new recruits may be given access to limited information until relevant certificates or clearances such as government or military clearances are obtained. Staff training is compulsory in order to make the new recruits acquire the necessary skill level to take on their new responsibilities. Secondly, training is necessary to expand existing staff skills for personal career growth and overall team progress. Staff training also helps overall CSIRT skill set updated with emerging technologies and intruder trends. When considering the overall training needs of the team, it is necessary to spot out the overall skill s needed for each individual, as well as the common skill set required for the whole team. Obviously, new staff member should acquire immediate training in any deficient skills to perform effectively quickly. From a general viewpoint, the whole team should be assessed to determine any training that needs more attention to enlarge skill set exposure in the team. At the same time, this assessment focuses on an individuals skill set. Policies and procedures are a necessity and should be enforceable to support initial training of new team member and to guarantee ongoing training as policies and procedures get amended. Besides the interpersonal and technical skills discussed earlier, each team member should be trained in areas specific to the incident handling functions in a normal CSIRT work environment. Training should cover up the following issues: new technical developments CSIRT team policies and procedures incident analysis maintenance of incident records understanding and identifying intruder techniques work load distribution and organizational techniques Initial training is conducted through on-the-job training. Since incident handling profession is different in work nature from other professions, there is no formal educational path for CSIRT staff and limited documentation in the literature. Most printed materi Security Incident Handling Service Security Incident Handling Service EXECUTIVE SUMMARY 1 INTRODUCTION Expect the unexpected. As soon as a crisis erupts, it should be immediately handled to reduce its potential impact on critical business operations. Such undesirable incidents occur unanticipated and when they do take place, damage or harm is the result. In most aspects of life, it is better to stop something disastrous happening than it is to deal with it after it has happened and IT security is no exception. If possible, security incidents should be dealt accordingly from occurring in the first place. Yet, it is unachievable to prevent security incidents. When an incident does happen, its impact needs to be brought down to adequate recommended level. Security incident handling outlines the actions to follow in an event that an electronic information system is compromised. An event is declared an incident when the confidentiality, integrity or availability (CIA) elements of a system is compromised. Significant commodities such as information and knowledge must be safeguarded at all c osts. Communications within an organization and its interactions to its customer base are regarded as the life blood in this IT intensive fast paced world. If an organization is inoperative for any period of time, it may cost millions in lost business or loss of reputation. Size of an organization does not matter. Unexpected downtime influences organizations of all sizes impacting revenue, customer satisfaction and overall production. It is vital that they quickly recover from such downtime and restore operation and re-establish their presence to ensure survival. Consequently, many firms have realized the importance of setting up incident handling procedures. One of the drawbacks is that many organizations learn how to respond to security incidents only after suffering from them. In the course of time, incidents often become much more costly. Proper incident response should be an integral part of the overall security policy and risk mitigation strategy. Incident handling procedures that are in place in an organization improves to maintain the business continuity of critical operations. In todays competitive economy, a company cant afford to cease critical business operations and remain idle for long period of time because of lack of incident handing procedures. Thus, an organization needs to be well prepared for continuity or recovery of systems. This typically requires a considerable investment of time and money with the aim of ensuring minimal losses in the event of a disruptive event. The goal of setting up incident handling procedures is to know exactly what to do when an incident breaks out. This means anticipating scenarios before they occur and making appropriate decisions about them in advance. Those assessments typically demand consultation and senior management support, hence these people are needed early immediately after an incident has been confirmed. For example, just deciding who to tell when an incident occurs can be hard to determine. Manageme nt needs to provide input to respond quickly and this embarks into issues like after hours support and mixed project/support roles. External support may also be sought, resulting in additional cost, time and effort to select partners. 1.1 PURPOSE OF THE DOCUMENT This document provides guidance to identify and record the nature and scope of a computer security incident handling service. This paper discusses the functions that support the service, how those functions interrelate and the tools, procedures and roles necessary to implement the service. It also concentrates on incident analysis. For example, we can make a comparison between a fire that broke off in an apartment and a computer security incident that happened in an organization. Similarly as a fire department will investigate a fire to know where it originated from, a Computer Security Incident Response Team (CSIRT) tries to figure out how the security incident occurred. Both the fire department and CSIRT operate in the same approach. A fire department needs to get along with other fire departments on it can depend on for additional support in peak times or to tackle a serious catastrophe. It must cooperate with other emergency units to react promptly and provide law enforcement. Th is document will discuss how CSIRTs interact with other organizations, such as the department that reported the security incident to it, other CSIRTs, law enforcement and the media. Both fire department and CSIRT need to properly handle information, some of which is sensitive and relevant to the individual held responsible for the crime. Information handling is considered to be an indispensable discussion subject in this paper. CSIRTs propose client confidentiality in the same manner that many emergency units do, safeguarding reporters and victims from public disclosure. CSIRT survival depends on handling confidential information appropriately, because if it cant be trusted, nobody will report to it, thus making it almost useless. CSIRTs have committed permanent staff as well as part-time, volunteer staff and reliable security experts to handle an unexpected security emergency. Its staff is at the frontline in event of a crisis, CSIRT achievement depends on their interaction with th e outside world and the image that they project by the way of performing their duties and the service quality that they provide. To attain such high level of success, recruiting suitably competent staff seems to be a complicated process. People in charge of appointing CSIRT staff mistakenly look for unsuitable set of talent and ability in prospective employees. For that reason, this paper discusses staffing and hiring concerns and actions to guarantee that CSIRT staff offer reliable, pleasant and specialized service. Other services besides the incident handling service, such as the supply of intrusion detection assistance and vulnerability handling are also provided by CSIRT. The information in this paper is understandable in such a manner that is basic to the reader to put it into operation to any type of CSIRT setting, from in-house team for a company to an international coordination center. This document is intended to present a valuable foundation to both recently created teams and existing teams where there is a lack of clearly defined or documented services, policies and procedures. This paper is more appropriate to use during the early stages when a company has acquired management support and funding to set up a CSIRT, before the team becomes operational. Moreover, this paper can be still a valuable reference document for already operational teams. 1.2 INTENDED AUDIENCE The general CSIRT community who may require a better knowledge of the composition and objectives of their existing teams will benefit from this document. It also targets individuals and organizations who are likely to join the CSIRT community in the near future. It is precisely aimed at managers and other personnel who take part in the process of setting up and leading a CSIRT or managing incident crisis. The list may include Chief Information Officers, Chief Security Officers and Information Systems SecurityOfficers Project leaders and members in charge of creating the team CSIRT managers CSIRT staff IT managers [1] Higher management levels and all CSIRT staff can use this paper as a useful reference. This document can also be utilized by other individuals who work together with CSIRTs. This may include members of the CSIRT constituency law enforcement community systems and network administrator community CSIRT parent organization or other departments within the parent organization such as legal, media or public relations, human resources, audits and risk management investigations and crisis management [2] 2 MAIN CONTENT Definition of Security Incident The Information Security Management Handbook defines an incident as any unexpected action that has an immediate or potential effect on the organization [3]. Whenever the safety and stability of an information system is compromised, such instance can be referred to as a security incident. There are several different definitions of security incidents; one is A violation or imminent threat of violation of computer security policies, acceptable use policies, or standard computer security practices [4], another definition describes the security incident as any event that may threaten or compromise the security, operation or integrity of computing resources [5]. In other words, a security incident is a state of violation of security policy in an organization and the security of their information system. Security incident refers to a common term that encompasses any type of security breach regardless of location, the level of the threat or the magnitude of it. The commonly known factors of security incidents are events and actions that expose one or more basic elements of information security: confidentiality, integrity and availability (CIA) of information systems. An incident can be caused by authorized or unauthorized personnel, process, hardware or software. It can be an accident as well as a planned malicious action. Handling security incidents In the course of a crisis, time runs short in terms of about what to do, who will do it or how it will get done, therefore it is vital to arrange for a response in advance. The better prepared you are for an incident, the more likely you are to respond correctly. Proper set-up of an incident handling procedure can help to lessen impact of undesirable incidents. The objective of such procedure in place is to provide a framework for an orderly, coordinated response by appropriate resources within the organization. It is in a companys own benefit that it establishes a Computer Security Response Capability, a process that provides centralized response and reporting functions for security incidents. According to (Computer Security Incident Handling Guide, National Institute of Standards and Technology, March 2008), establishing an incident response capability should include the following actions: Creating an incident response policy plan Developing procedures for performing incident handling and reporting, based on the incident response policy Setting guidelines for communicating with outside parties regarding incidents Selecting a team structure and staffing model Establishing relationships between the incident response team and other groups, Determining what services the incident response team should provide Staffing and training the incident response team The â€Å"Cyberthreat Response and Reporting Guidelines† report, jointly approved by the FBI and US Secret Service recommends that the better equipped a company is in the event of a security event, the better probability it has to reduce the impact of the crisis. This recommendation is actually one of the chief responsibilities of a CSIRT, to be well organized to successfully cope with an incident when they happen and to help prevent incidents from occurring in the first place. As a starting point, the team should have a strategy plan for incident handling. This plan should be supported with documented policies and procedures. According to (State of the Practice of Computer Security Incident Response Teams, October 2003), the incident response plan identifies the mission and goals of the team, the team roles and responsibilities; the services provided; and policies, procedures, processes, and guidelines related to incident handling. The incident response plan is not only inten ded for CSIRT employees, but also for community that they serve. From that viewpoint, both parties should be proficient about what to report, how to report it and to whom it should be reported. The plan should also describe the expected level of service that is reasonable. Staff who is accustomed with computer security incidents recognize the fact that these incidents vary in shape and size. Some are quite uncomplicated, easy to cope with and mitigate while other are extremely severe and very complicated or can have harsh impact on IT systems and necessitate proper authority to respond to effectively. In the event of a crisis, adhering to the plan in place will facilitate the organization to promptly isolate disruption cropping up on IT systems or networks as well as to assist to counteract to such events. It may alleviate potential risk such as loss of company reputation, trust or financial status. For existing CSIRTs who dont have a robust plan, they can still manage with some bas ic guidelines. They can make use of their current incident handling procedures as a guideline, in the meantime they can revise their existing documentation. They can rely on those basic guidelines namely the plan to handle incidents, areas of responsibility, general and specific procedures. Other typical guidelines can include an incident response checklist as well as procedures for what type of activity to report and how that information should be reported. A company needs to take into consideration several factors prior to planning an incident response capability. They include introducing a point of contact for reporting incidents pinpointing the aims and objectives of the team distinguishing and selecting the staff and necessary expertise offering direction for reporting and handling incident reports allocating proper security awareness and incident response training for CSIRT staff launching and promoting specific incident handling and security policies and procedures for the CSIRT exposing lessons learned with other colleagues designing a benchmark to monitor the effectiveness of the CSIRT devising strategy to allow coordination between the CSIRT and internal and external parties Organizations or the team typically approve policies and record them. It is crucial to know what these policies consist of and to ensure that they are properly implementable, enforceable in the workplace. Like the mission statement, senior management approves and enforces policies. The policies need to be openly expressed and well understood by each team member, technical, management or administrative. It will be a difficult task for the staff to appropriately execute and carry out their duties without a clear understanding of the policy. In order to write a clear policy, it is best to avoid excessive jargon. Whenever possible, consult someone who is not in security or IT to examine the policies. Rephrase the policies if not understood. Use very short sentences. A good policy is a short one. A security policy should be concise, well segregated between the management aspect (the policy) and the operational aspect (the procedures). Moreover, a policy must be both implementable and enfo rceable, or else it doesnt have any purpose. It is easier to implement a policy if it is well designed and relevant to the needs and goals of the CSIRT. Truly effective policies address genuine needs within a business, making the staff willing and even eager to implement them because they make operations smoother and give the business added reliability. Top management should execute appropriate actions or steps to enforce a policy. Policies must be enforceable; otherwise they are of little or no value. Usually when a policy ismplementable, it is normally also enforceable unless it contradicts itself. Concrete measures are needed to assess the usage of the policy. Example: An example of a contradictory policy is the security policy that ranks internal information security as priority number 1 but at the same time ensures absolute privacy for its staff; the latter makes it hard or even impossible to enforce security in case of an insider threat. To successfully develop and implement s ecurity policies, top management needs to be involved in and strongly support the project (Lam, 2005). A proposal with a report of external and internal requirements and a draft assessing budget can easily persuade managers to support the development and implementation of a security project. Having management support and authorization can resolve money and time issues. These managers can allocate the required budget and allow sufficient time for development and implementation. In addition, top management has power to affect processes by requiring employees to participate (Kearns Sabherwal, 2006). How to Implement Security Policies Successfully The implementation phase probably is the hardest phase in the life cycle of developing and maintaining security policies. Many organizations fail in this phase. To effectively and efficiently implementing security policies, teams first need to resolve many issues. Lack of strong management support (Fedor et al., 2003; Lam, 2005), lack of budget (Kearns Sabherwal, 2006; Martin, Pearson, Furumo, 2007), lack of implementation time (Walker Cavanaugh, 1998), lack of strong leadership (Fedor et al., 2003), lack of awareness of benefits of implementing security policies—â€Å"why for† (Hansche, Berti, Hare, 2004)—, or ineffective communication with users (Jackson, Chow, Leitch, 1997; Walker Cavanaugh, 1998) may cause problems. Resolving all of the above issues can help in successfully implementing security policies. Computer Security Incident Response Team (CSIRT) A team is a focal component of incident response plan, policy and procedure creation so that incident response is dealt effectively, efficiently and consistently. The team should cooperate with other teams within the organization towards a central goal which encompasses the plan, policies and procedures. Outside parties such as law enforcement, the media and other incident response organizations can also be contacted. Computer Security Incident Response Team is regarded as the nerve center of an incident response plan. It is normally composed of a team manager, a management advisory board and other permanent and temporary team members. The temporary staff provides advice on technical, business, legal or administrative issues, depending on the nature and scope of the incident. The team assists the organization to identify and document the nature and scope of a computer security incident handling service. The team manager supervises labour of the team members, presents ongoing status i nformation to the Chief Information Officer (CIO) and other senior management and requests assistance on expert advice outside of IT department when needed. This role leader should be accustomed with computer security issues, the function of IT areas and staff, general company operations as well as the duty of other employees in the institution who may serve as resources for the CSIRT. Under challenging situations, the team manager must be able to coordinate teamwork with other staff and to deal properly with circumstances that necessitate discretion or confidentiality. The technical leaders role is to assess the characteristics and severity of an incident, propose recommendations on security control and recovery issues to the team manager and requests on additional technical resources if needed. This role should possess a broad understanding of operational and systems security. Other employees can join the team on a spontaneous basis and remain team members until closure of inciden t. Additional resources may be required to serve areas such as: law enforcement, legal, audit, human resources, public relations, facilities management or IT technical specialties. The table below shows a list of members who should be included in the CSIRT and their roles in the team. Table 1: Team members in IRT Source: table from page 4-2 of Incident Response Procedure for Account Compromise Version 1.2 2004 by Visa International Besides their technical expertise, CSIRT staff distinctive quality is their motivation and talent to stick to procedures and to present a professional image to customers and other parties working together with them. In other works, it is more convenient to appoint staff with less technical expertise and excellent interpersonal and communication skills and subsequently train them in a CSIRT-specific environment than vice versa. Communication of a team member who is a technical expert but has poor communication skills may brutally ruin the teams reputation while interactions that are dealt with competently will assist to improve the teams standing as a valued service provider. Possessing a broad range of interpersonal skills is significant since team members are frequently in contact with each other and other parties such as law enforcement, legal, human resources. T hus, these professional interactions that CSIRT employees adopt will influence the reputation of the team and special concern to an individuals interpersonal skills matters. Some interpersonal skills, required for incident handling staff, are listed below: logical judgment to formulate effective and suitable decisions in time of crisis or under pressure or strict time constraints effective oral and written communication skills for interaction with other parties discretion when dealing with the media aptitude to follow policies and procedures enthusiasm to learn new things challenge to work under pressure teamwork reliability to maintain teams reputation and status readiness to accept ones own mistakes problem solving skills to efficiently handle incidents time management skills for high priority tasks Apart from interpersonal skills, CSIRT staff should possess fundamental understanding of technology and issues on which they base their expertise. The following technical know-how is crucial for CSIRT staff: public data networks (telephone, ISDN, X.25, PBX, ATM, frame relay) the Internet (aspects ranging from architecture and history to future and philosophy) network protocols (IP, ICMP, TCP, UDP) network infrastructure elements (router, DNS, mail server) network applications, services and related protocols (SMTP, HTTP, HTTPS, FTP, TELNET, SSH, IMAP, POP3) basic security principles risks and threats to computers and networks security vulnerabilities/weakness and related attacks (IP spoofing, Internet sniffers, denial of service attacks and computer viruses) network security issues (firewalls and virtual private networks) encryption technologies (TripleDES, AES, IDEA), digital signatures (RSA, DSA, DH), cryptographic hash algorithms (MD5, SHA-1) host system security issues, from both a user and system administration perspective (backups, patches) [6] It is crucial that one division of the team possess a thorough understanding of the full range of technologies and issues used by the team. This contributes to expand and intensify the technical resource and capability of the team and train other team members through education and documentation. It also makes sure that the team can provide a full range of services. Besides an in-depth understanding of the technical skills listed above, the following specialist skills are required: technical skills such as programming, administration of networking components (e.g. routers, switches) and computer systems (UNIX, Linux, Windows, etc) interpersonal skills such as human communication, experience in presenting at conferences or managing a group work organization skills Obviously, a team will be unable to employ individuals who possess all the necessary interpersonal and technical skills. But there are opportunities to address such deficiency in those skills, such as training of staff to develop and retain such skills and support continuous progress. Hiring CSIRT Staff For any staff vacancy, the hiring process to select the most talented applicant is a complicated task. Even a candidate who appears on the surface to possess the right skill set might not be able to work within CSIRT setting. It is true when a crisis has been declared where the candidate may not be able to cope with the situation and inefficiently carry out their duties. Therefore, it is recommended to present the applicant to a hiring process, specifically designed to reveal the applicant strengths and weaknesses. Based upon the findings of the hiring process, the team will make up their mind to train the applicant in the specific skills that the candidate may require or decide not to employ the candidate. Compared to a regular hiring process, additional steps should be included in any CSIRT hiring process and they are: pre-interview document check pre-interview telephone screening interviews that cover topics from technical abilities to interpersonal skills candidate technical presentation reference checks, including criminal records The complete hiring process should be devised to detect potential employees who possess appropriate interpersonal skills and technical skills. Such candidates can undergo further training to acquire more competence. Before calling the applicant for a personal interview, the pre-interview document check and telephone screening determines in the first instance whether the candidate is an ideal match for the selection process. At this stage, more information is gathered about the applicants broad level of interest in computer security and other more specific details on items covered in his or her resume. The telephone screening will give a good impression of the candidates oral communication skills. Before CSIRT staff begin to interview potential candidates, its better to decide in advance what particular issues ranging from technical issues and ethical issues to social skills are most likely to be discussed during the interview process and select which existing staff are most suitable to talk about those issues with the candidate. Thus separate topic areas are covered by each of the various interviewers, saving any duplication of effort. Each interviewer will be in a position to review and consolidate feedback on the issues covered. Another strategy may be carried out where similar topics may be discussed by other team members involved in the interview process to agree on the candidates faculty about a particular topic and identify any weaknesses. To ensure proper recruitment, the applicant should have the opportunity to meet up with CSIRT team members through a lunch meeting or at the candidates technical presentation. A candidate, required to give a technical presentation, offers CSIRT an opportunity to measure other technical and interpersonal skills of the candidate. It also gives an idea how much common sense the candidate has and whether the applicant will be able to cope under stressful situations. Other qualities such as overall presentation skills, an ey e for detail, technical accuracy and ability to answer questions on the fly are also taken into account. After an individual has been appointed, there is also an enormous task to make them adapt to CSIRT. The new staff will need to undergo training for some period of time to get used to the CSIRT working environment as well as specific policies and procedures for the team. Some new recruits may be given access to limited information until relevant certificates or clearances such as government or military clearances are obtained. Staff training is compulsory in order to make the new recruits acquire the necessary skill level to take on their new responsibilities. Secondly, training is necessary to expand existing staff skills for personal career growth and overall team progress. Staff training also helps overall CSIRT skill set updated with emerging technologies and intruder trends. When considering the overall training needs of the team, it is necessary to spot out the overall skill s needed for each individual, as well as the common skill set required for the whole team. Obviously, new staff member should acquire immediate training in any deficient skills to perform effectively quickly. From a general viewpoint, the whole team should be assessed to determine any training that needs more attention to enlarge skill set exposure in the team. At the same time, this assessment focuses on an individuals skill set. Policies and procedures are a necessity and should be enforceable to support initial training of new team member and to guarantee ongoing training as policies and procedures get amended. Besides the interpersonal and technical skills discussed earlier, each team member should be trained in areas specific to the incident handling functions in a normal CSIRT work environment. Training should cover up the following issues: new technical developments CSIRT team policies and procedures incident analysis maintenance of incident records understanding and identifying intruder techniques work load distribution and organizational techniques Initial training is conducted through on-the-job training. Since incident handling profession is different in work nature from other professions, there is no formal educational path for CSIRT staff and limited documentation in the literature. Most printed materi