An IRT (Incident Response Team) is a group of IT security experts, whose main activity is to respond to IT security incidents, providing the necessary services to deal with such incidents and help relevant users recover from breaches.
In order to mitigate risks and minimise the number of interventions required, most IRTs also provide preventive and educational services**. They issue information bulletins about vulnerabilities in software and hardware in use and inform users about exploits (attacks designed to produce access to a system or privilege gains) and viruses that take advantage of these weaknesses. Users can then quickly remedy them and update their systems.
Having a dedicated IT security team helps an organisation mitigate and prevent serious incidents as well as protect its valuable assets. Other possible benefits are:
Having centralised coordination for IT security issues within the organisation (point of contact, PoC).
Centralised and specialised management and response to IT incidents.
Having the expertise at hand to support and help users recover quickly from security incidents.
Dealing with legal aspects and keeping documentation in case of legal action.
Keep abreast of developments in the field of security.
Stimulate cooperation within the community on IT security (awareness-raising).