Presentation is loading. Please wait.

Presentation is loading. Please wait.

Appendix C: Designing an Operations Framework to Manage Security.

Published byHomer Fox Modified over 8 years ago

Similar presentations

Presentation on theme: "Appendix C: Designing an Operations Framework to Manage Security."— Presentation transcript:

1 Appendix C: Designing an Operations Framework to Manage Security

2 Overview Analyzing Risks to Ongoing Network Operations Designing a Framework for Ongoing Network Operations

3 Lesson 1: Analyzing Risks to Ongoing Network Operations Management of Ongoing Network Operations Why Security of Network Operations Is Important Common Vulnerabilities to Network Operations

4 MOF provides a framework to manage operational security, including: Management of Ongoing Network Operations Changes to security design. Daily operation of network security. IT Support for security issues. Optimizing and revising the security design. Changes to security design. Daily operation of network security. IT Support for security issues. Optimizing and revising the security design.

5 Why Security of Network Operations Is Important External Internal AttackerThreatExample External No change and configuration management A software company releases a new security hotfix for a recently discovered vulnerability. An attacker exploits the vulnerability before the administrators apply the hotfix to all computers. Internal Security procedures not followed An administrator notices a potential security compromise but is unsure how to report it. The administrator decides to remove the corporate network from the internet.

6 Common Vulnerabilities to Network Operations VulnerabilityExample Inadequate plan for change management New security patches are applied irregularly or not at all Administrators and users lack proper training on securing new application. Poor operations plan Users do not follow security policies and procedures Administrators do not regularly test backup media Weak support structure Security incident goes unreported IT support services are not reliable Failure to revise policy New security risks are not added to risk management plan Policies and procedures become outdated

7 Lesson 2: Designing a Framework for Ongoing Network Operations Process for Planning a Security Operations Framework Guidelines for Change Management Guidelines for Daily Security Operations Guidelines for Supporting Security Policies and Procedures Guidelines for Using Service Level Agreements Guidelines for Optimizing Security Policies and Procedures Security Policy Checklist

8 When planning a security operations framework, you must: Design a change management process for security. Design a plan for daily security operations. Design a plan for security support. Create service level agreements for IT operations and support. Design a change management process for security. Design a plan for daily security operations. Design a plan for security support. Create service level agreements for IT operations and support. 1 1 3 3 4 4 2 2 Process for Planning a Security Operations Framework

9 Guidelines for Change Management PhaseExample Identify When new security hotfixes are released… Review …the hotfixes will be tested on all applicable platforms… Approve …and approved by the CIO within 24 hours… Implement …and will be deployed according to the approved procedure for deploying security hotfixes A change management process reduces: Time to deployment Cost of updating hardware and software Disruption of business continuity Time to deployment Cost of updating hardware and software Disruption of business continuity

10 Guidelines for Daily Security Operations Include standards for: Preparing for security incidents Testing for security vulnerabilities Monitoring network security Preparing for security incidents Testing for security vulnerabilities Monitoring network security For each daily security task, define: Who completes the task When to complete the task How to complete the task Who completes the task When to complete the task How to complete the task

11 Guidelines for Supporting Security Policies and Procedures PhaseResponsibilities Support request management Receives support requests from users Escalates support issues Incident management Resolves routine support Escalates complex support requests and security incidents Problem management Identifies and resolves underlying causes of problems Incorporates results in organizational learning Support request management Incident management Problem management

12 Guidelines for Using Service Level Agreements Include in your service level agreements: Service hours and availability Priorities and support levels Reliability and accountability Responsiveness and restrictions Contingency Costs and charges Service hours and availability Priorities and support levels Reliability and accountability Responsiveness and restrictions Contingency Costs and charges

13 Guidelines for Optimizing Security Policies and Procedures Include measures in the security operations design for: Preventing interruptions to network services over time Recovering from security incidents as networks change Improving security policies and procedures over time Preventing interruptions to network services over time Recovering from security incidents as networks change Improving security policies and procedures over time Activities include: Identifying new threats and vulnerabilities Updating risk management plans Improving daily procedures and processes Incorporating learning from each incident response Testing disaster recovery plans on a regular basis Training new IT staff in security policies and procedures Identifying new threats and vulnerabilities Updating risk management plans Improving daily procedures and processes Incorporating learning from each incident response Testing disaster recovery plans on a regular basis Training new IT staff in security policies and procedures

14 Security Policy Checklist Create policies and procedures for: Designing a change management plan. Performing daily security operations. Supporting security issues. Optimizing and revising security policies and procedures. Designing a change management plan. Performing daily security operations. Supporting security issues. Optimizing and revising security policies and procedures.

Download ppt "Appendix C: Designing an Operations Framework to Manage Security."

Similar presentations

The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.

The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.
Copyright © XiSEC, All rights reserved, 2002 Secure Computing Best Lifetime Achievement Award 2002 Ted Humphreys Information Security Management Goes Global.

Copyright © XiSEC, All rights reserved, 2002 Secure Computing Best Lifetime Achievement Award 2002 Ted Humphreys Information Security Management Goes Global.
© 2005, QEI Inc. all characteristics subject to change. For clarity purposes, some displays may be simulated. Any trademarks mentioned remain the exclusive.

© 2005, QEI Inc. all characteristics subject to change. For clarity purposes, some displays may be simulated. Any trademarks mentioned remain the exclusive.
Appendix B: Designing Policies for Managing Networks.

Appendix B: Designing Policies for Managing Networks.
CERT ® System and Network Security Practices Presented by Julia H. Allen at the NCISSE 2001: 5th National Colloquium for Information Systems Security Education,

CERT ® System and Network Security Practices Presented by Julia H. Allen at the NCISSE 2001: 5th National Colloquium for Information Systems Security Education,
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Chapter 10 Information Systems Management. Agenda Information Systems Department Plan the Use of IT Manage Computing Infrastructure Manage Enterprise.

Chapter 10 Information Systems Management. Agenda Information Systems Department Plan the Use of IT Manage Computing Infrastructure Manage Enterprise.
Secure System Administration & Certification DITSCAP Manual (Chapter 6) Phase 4 Post Accreditation Stephen I. Khan Ted Chapman University of Tulsa Department.

Secure System Administration & Certification DITSCAP Manual (Chapter 6) Phase 4 Post Accreditation Stephen I. Khan Ted Chapman University of Tulsa Department.
E-commerce security by Asif Dalwai 886 39 5409. Introduction E-commerce applications Threats in e-commerce applications Measures to handle threats Incorporate.

E-commerce security by Asif Dalwai Introduction E-commerce applications Threats in e-commerce applications Measures to handle threats Incorporate.
Computer Security: Principles and Practice

Computer Security: Principles and Practice
1 Secure Your Business PATCH MANAGEMENT STRATEGY.

1 Secure Your Business PATCH MANAGEMENT STRATEGY.
Factors to be taken into account when designing ICT Security Policies

Factors to be taken into account when designing ICT Security Policies
Information Technology Audit Process Business Practices Seminar Paul Toffenetti, CISA Internal Audit 29 February 2008.

Information Technology Audit Process Business Practices Seminar Paul Toffenetti, CISA Internal Audit 29 February 2008.
Session 3 – Information Security Policies

Session 3 – Information Security Policies
Network security policy: best practices

Network security policy: best practices
IT Assurance and Reliability Why Should You Care? Richard Oppenheim, CPA, CITP President, SysTrust Services Corporation Presented to ISACA Regional Meeting.

IT Assurance and Reliability Why Should You Care? Richard Oppenheim, CPA, CITP President, SysTrust Services Corporation Presented to ISACA Regional Meeting.
© 2010 Plexent – All rights reserved. 1 Change –The addition, modification or removal of approved, supported or baselined CIs Request for Change –Record.

© 2010 Plexent – All rights reserved. 1 Change –The addition, modification or removal of approved, supported or baselined CIs Request for Change –Record.
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.

Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

Similar presentations

Ads by Google