Cyber and information security operations and assurance
1.
2. Contents:
• Difference between cyber and information security.
• Steps that can lead to proper security operations.
• Cyber/information security assurance.
• Conclusion
3. Difference between cyber and information security
• Cybersecurity is meant to protect attacks in cyberspace such as data,
storage sources, devices, etc. In contrast, information security is
intended to protect data from any form of threat regardless of being
analogue or digital.
4. Steps that can lead to proper Information/cyber
security operations
1. Identify Sensitive Information
There is always some sensitive information that businesses need
to access and protect. This can be personal data, client information, or
revenue. Such data is mainly targeted by malicious software and third
parties.
*This can be achieve by performing your risk assessment(vulnerability
scans,pentesting etc…)
Link
5. 2. Invest in people(training/awareness)
Humans still remains the weakest or the easiest target for most of the
cyber attacks, so equipping them with the needed skills and
awareness(“basic cyber security hygiene”) will go a long way to reduce
the attack surface.
6. 3. Invest in the needed technology
As long as cyber criminals are coming up with sophiscated attack
vectors and payloads, enterprises/busineses need to also invest in the
needed technology to safeguard their end points.eg: SIEM, endpoint
security protocols etc
7. 4. Threat Identification
This can be done by analyzing present/previous threats to determine
which points within the system must be safeguarded.
*Lessons learnt after conducting a comprehensive incident response
can be very helpful here.
8. 5. Investigation of Potential Vulnerabilities
This is primarily done by analyzing current and historical data related
to threats within the system, and the metrics will suggest which areas
require correction and optimization.
6. Recognize the Potential Risks
These risks also need to be ranked according to their criticality. This is
done through a thorough analysis of the system. The insights
generated will determine the risks and allow security/management
teams to create remedies that can eliminate or at least minimize
them.
9. 7. Protective Services Implementation
This can be done by introducing new policies for data management,
updating the hardware to ensure sensitive data is better protected, or
changing the entire company policy towards security measures.
10. Cyber/information security assurance
While information security typically refers to mitigating risks through
secure systems and architecture that eliminate or reduce
vulnerabilities.
Information assurance involves a broader strategic initiative involving
a wide range of processes that can include security audits, network
architecture, compliance audits, database management; and
development, implementation and enforcement of organizational
information management policies.
11. Conclusion:
Companies can spend money on cyber security and compliance
services, but they still require a security operations center (SOC) to
monitor and defend all processes.