Compare and Contrast Information Security Roles
Today will be an interesting talk about security roles and security controls and comparison. This is the first theme of Security plus SY0-601 certification content, which is to compare security roles and security controls. Through this subject, the student is widely aware of the organization's security roles, controls, and comparison.
Information security (infosec)
This term refers to the protection of information from attack, theft, damage or unauthorized access, and this information must be protected in three basic forms: protection of information during storage (stored), protection of information during transmission (transferred), and protection of information during processing (processed). Three basic principles for information protection are CIA Triad.
This term is defined as the basic principles of information protection and CIA is abbreviated as confidentiality, integrity, availability.
Confidentiality : One of the principles of CIA Triad and this term means confidentiality of information is the lack of information in the hands of an unauthorized person. Such information must only be in the hands of authorized persons so that information is not leaked on the Internet, for example, or in any other manner. If this is done, there will be a failure on the principle of information security that is confidentiality.
Integrity : Data security is a term that indicates that information is not otherwise manipulated. Information must be correct, accurate, and documented, whether that information is specific to the company or to users. This principle applies to data during the period of transport, storage, or processing. If data is manipulated, there will be a failure on the integrity principle.
Availability : The term referring to the availability of information is another fundamental principle of information security. The information must be available to the party concerned. For example, if the company is compromised and all information is deleted, there must be a backup through which the information is returned again so that users are not lost, for example. If this is done without the availability of information, there will be a failure on the principle of availability.
In fact, another term called non-repudiation is not a fundamental principle of critical information security. This term aims not to deny doing something, especially within the company. For example, if one of the important files within the company is deleted by an employee, there must be a document confirming that the employee who did this work, such as logs.
Information Security Competencies
In fact, information security pioneers have very high IT efficiency and IT professionals should be able to design networks, applications and human resources. They also have the skills to assess security risks and choose security systems so that these risks are mitigated.
1- Risk assessment and selection of safety systems, recommendations, and security risk solutions
2- Ability to install hardware and security software and also handle hardware and software settings more than excellent.
3- Control access and determine users' powers.
4- Monitor records and review user's powers and file access controls
5- Security incident response management and reporting
6- Development of future plans, rents, and capacity to act after disasters
7- Participation in training and security awareness for the company's employees
Information security roles and responsibilities
Security policy is a critical part of the Organization and aims to develop a set of procedures and policies that apply to the Organization as a whole. Each organization has a special policy on the organization's infrastructure. This policy is designed to apply the principle of information security CIA Triad. These policies are developed by the security manager and have multiple names, such as. Director of security, chief security officer (CSO), chief information security officer (CISO) and information and communication technology (ICT).
Security operations center (SOC)
The first line of defense, the so-called “SOC”, is more than just a request now, especially at the Gulf level. They are engineers stationed on a site for the general purpose of monitoring the network so that any risk is monitored at the network level. They certainly monitor any company's information assets until any attacks or hacks are recorded at the network level. An attack report and any technology infected within the company is then written and transferred to the Incident Response Team.
Incident Response (IR)
They are a team specializing in incident management and mean that the word accident is an event that can disrupt or sabotage an enterprise's services. This team is being developed so that the incident and recovery from the attack are reduced for now and in the future. The security imbalance is analyzed, the type of garbage is determined to recover, reduce the cost of the attack and modernize the company's reputation.