50 likes | 66 Views
Human Resources Management. Beki Webster Director, HR, Intelligence Systems Division Northrop Grumman Information Systems July 31, 2009. Human Resources Management. Multiple levels of engagement Leadership Cyber security management team Individual contributor
E N D
Human Resources Management Beki Webster Director, HR, Intelligence Systems Division Northrop Grumman Information Systems July 31, 2009
Human Resources Management • Multiple levels of engagement • Leadership • Cyber security management team • Individual contributor • Network guests, teammates and customers • Risk Mitigation • Proactive/strategic activities • Crisis Management • Reactive/tactical activities
Risk Mitigation • Training and awareness • Regular schedule for employees/all levels of engagement (intake, periodic and termination) • General communications • Network management and security • Account management policy and procedure • Network access and administration • Layered defense • Disciplinary process
Crisis Management • Backup and recovery process • Investigations • Stakeholder identification and leadership responsibilities • Investigative process and follow-through • Disciplinary process • Communications
Key Questions to Manage Insider Threats Provided Updated: broader definition of user community, compliance, & measurement • Do we periodically awareness and training all employees in cyber security? • How strict are our password and account management policies and practices? • Are we logging, monitoring and, and auditing employee online actions? • What extra precautions are we taking with system administrators and privileged users? • Do we use layered defense against remote attacks? • Are we able to monitor and respond to suspicious or disruptive behavior? • Do we routinely deactivate computer access following employee termination? • What are our practices for collecting and saving data for use in investigations? • Have we implemented secure backup and recovery processes? • Have we clearly documented insider threat controls? • How do we attract, develop and retain critical cyber security technical and leadership talent, including those in functional areas requiring cyber security savvy? • Does our organizational structure support key functional integration to ensure threat mitigation and rapid crisis response? • How does our cyber security communications plan address and measure the effectiveness of threat awareness and training for all network stakeholders? • What is our monitoring and auditing operating procedure for online activity? • How up-to-date are our password and account management policies? • How do we ensure stakeholder compliance? • Do we use layered defense against remote attacks? • How does our SOP address elevated access possessed by system administrators and privileged users? • Have we assessed the need for protection of our social networking and share center sites? • How do we routinely audit network access throughout the network stakeholder lifecycle, especially at termination or out-processing? • Does our progressive discipline policy address our need for threat investigations involving any network stakeholder for suspicious or disruptive behavior? • How do we ensure integrity and continued operations of our employee database and related systems like recruiting, benefits, travel and payroll? • Do our performance management and compensation strategies provide adequate support for our cyber security mission?