Please enable JavaScript.
Coggle requires JavaScript to display documents.
Security Personnel & Information Security Maintenance (Information…
Security Personnel & Information Security Maintenance
Information Security Positions
Chief Information Security Officer(CISO or CSO)
Top information security position; frequently reports to Chief Information Officer
Manage overall information security program
Drafts or approves information security policies
Works with CIO on strategic plans
Develops information security budgets
Sets priorities for information security projects and technology
Make recruiting, hiring, and firing decisions or recommendations
Acts as spokesperson for information security team
Typical qualifications: accreditation, graduate degree, experience
Security Manager
Accountable for day-to-day operation of information security program
Accomplish objectives as assigned by CISO
Typical qualifications: not uncommon to have accreditation; ability to draft middle-and lower level policies; standards and guidelines; budgeting, project management, and hiring and firing; manage technicians
Security Technician
Technically qualified individuals tasked to configure security hardware and software
Tend to be specialized
Typical qualifications:
Varied: organizations prefer expert, certified, proficient technician
Some experience with a particular hardware and software package
Actual experience in using a technology usually required
The ISO Network Management Model
Five areas of ISO model transformed into Five areas of security management
1.Fault Management
Identifying, tracking, diagnosing, and resolving faults in system
Vulnerability assessment most often accomplished with penetration testing(Simulated attacks exploiting documented vulnerabilities)
Monitoring and resolution of user complaints
Help desk personnel must be trained to recognize security problems as distinct from other system problems
2.Configuration and Change Management
Accounting and Auditing Management
4.Performance Management
Security Program Management