1 / 12

Managing the Security Function

Managing the Security Function. Chapter 11. Figure 11-1: Organizational Issues. Top Management Support Top-Management security awareness briefing (emphasis on brief) Corporate security policy statement: Vision, not details Follow-through when security must be upheld in conflicts

hilda
Download Presentation

Managing the Security Function

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Managing the Security Function Chapter 11

  2. Figure 11-1: Organizational Issues • Top Management Support • Top-Management security awareness briefing (emphasis on brief) • Corporate security policy statement: Vision, not details • Follow-through when security must be upheld in conflicts • Business champions to give support and business advice

  3. Figure 11-1: Organizational Issues • Should You Place Security Within IT? • Pros • Compatible technical skills • Making the CIO responsible for security breaches gives accountability • Cons • Difficult to blow the whistle on the IT staff • Vendor preference differences with networking staff (e.g., Cisco vs Check Point)

  4. Figure 11-1: Organizational Issues • Should You Place Security Within IT? • Locating security outside IT • Can blow the whistle on IT actions • If a staff group, can only give advice

  5. Figure 11-1: Organizational Issues • Security and Auditing • IT Auditing has the skills to determine whether IT rules are enforced, but IT auditing does not set policy • Internal Auditing also can audit IT-related procedures, but it does not make policy

  6. Figure 11-1: Organizational Issues • Managed Security Service Providers (Figure 11-2) • On-site logging, off-site analysis • Practice-based expertise • Get plenty of experience on a daily basis—like fire departments • Separation of responsibilities: Can blow whistle on IT, even the CIO

  7. Figure 11-1: Organizational Issues • Managed Security Service Providers (Figure 11-2) • What to Outsource? • Typically, intrusion detection and vulnerability assessment • Rarely policy and other control practices • Not commonly antivirus protection and other aspects of security, but MSSPs are expanding

  8. Figure 11-1: Organizational Issues • Managed Security Service Providers (Figure 11-2) • Evaluating the MSSP • Diligence: Is it really reading the logs? (Contracts often are vague) • Skills and background of testers

  9. Figure 11-1: Organizational Issues • Security and Business Staffs • Cannot Just Lob Policies Over the Wall • Security and Business Partners • Your Business Partner’s Security Affects You • Uniformed Security Personnel • They are often called first by suspicious users • They support investigations

  10. Figure 11-1: Organizational Issues • Staffing and Training • Hiring staff: Expertise • Training is necessary because few people on the market are security experts • Certifications are good but vary in what they require and do not make up for lack of experience • Background checks should be done on the security staff

  11. Figure 11-1: Organizational Issues • Staffing and Training • All workers involved in IT should have background checks, including the maintenance staff, consultants, and contractors • Should you hire a hacker? • They are likely to have the knowledge you need • But would you be afraid to fire or lay off one?

  12. Figure 11-2: Managed Security Service Provider (MSSP) Firm MSSP 2. Encrypted & Compressed Log Data MSSP Logging Server 3. Analysis 5. Vulnerability Test Log File 4. Small Number of Alerts Security Manager

More Related