Cybersecurity Management

IS YOUR ENTERPRISE STAFFING FOR CYBERSECURITY? As cybersecurity staffing continues to permeate the recruiting space for mid to large enterprises, take notice of all the engineering and analyst jobs available. Without engineering a process to respond to the notices produced by cybersecurity appliances, the analysis produced by analysts and from B2B alerts, the problem identified still exists. Operational management of IT operations will only respond to threats and alerts to the extent of its response procedures; they could fall short of the timely response needed. A delayed response could expand the threat, slowing [or stopping] worker productivity and network performance. Take note: Antivirus software alone will not stop computer threats.

An effective cybersecurity management program has six (6) core competencies, whether you have 15 or 1500 employees.

I. Hire (or outsource) an experienced manager of cybersecurity to shrink the threat surface of your small business or enterprise. This manager has a technical understanding and management skills to plan, engineer and architect a cybersecurity mangement program for their team and the enterprise to follow. They guide outcomes of response to incidents, software patching and alerts.

Their team works autonomously, yet collaborates with internal customers, partners and vendors to expedite smart outcomes. The Cybersecurity Manager has at least three years of hands-on experience with cybersecurity management and the following credentials to deliver enterprise class performance: CISM (management), CISSP (technical project management), CASP (advanced technicals), Security+ (access control systems), A+ (computer repair). Their services offer:

  • Architecting layers of monitoring and defense of network perimeter and endpoints.
  • Understand how information moves in/out and laterally through your enterprise.
  • Identify layers to shield.defend/remediate incidents, automatically or manually.
  • How the enterprise responds to alerts, incidents and B2B notices.
  • How timely/effective incident responses are [for the enterprise] as compared to best practices within the industry.
  • How current staff and financial resources meet your cybersecurity needs
  • Create, establish and operationalize a written procedure for incident response through problem resolution and device productivity.
  • Create a handbook of cybersecurity best practices to condition users within the enterprise to help maintain a small threat surface.

II. Support Team. An experienced incident handler understands how to assess the severity of incidents and how to respond to them, how to assess the history of break/fix of endpoints, how to manage a forensic team that identifies the source and potential impact of a security incident. The support team should have at least two years each of hand-on experience with these credentials: CSIA (auditor), GCIH (incident handling), Security+ (access control systems), Networking+, A+ (computer repair).

III. A ticketing system to document break/fix services. A full service Activity Tracking system to track incident activity, remediation work, incident closure, trends of endpoints that prompt a heavier response when needed, offer a knowledge base of exploits and resolutions to apply to remediation of similar exploits in the future. These two software systems are essential to facilitate the expeditious performance of the cyber security team.

IV. Software patches and updates. An admin console talking to software agents installed on endpoints to alert of new patches or updates to install. A spare PC imaged with all software used by the enterprise is needed to test patches and updates for compatibility before installing them to the enterprise.

V. A test lab to test devices with new appliances and/or new software before being deployed, The outcomes in the test lab guide a handling process for notices sent by new appliances in review and whether requested software is compatible with the gold image and/or select software used within the enterprise. A handling process is created to operationalize with stakeholders and remediators to guide outcomes before deploying new devices or software.

VI. Reporting to improve outcomes. RiSe Solutions uses reporting of appliance performance, software performance and the Activity Tracker to assess the effectiveness of the cybersecurity management program. Practices are revised periodically to incorporate best practices to achieve goals.

RiSe Solutions can perform a general assessment of your enterprise’s cybersecurity. It takes about 3 hours to perform per 250 seat enterprise, at the rate of $100/hour. Add 30 minutes worktime for every 500 seats.

If you agree that RiSe Solutions cybersecurity management service can shrink the threat surface of your enterprise, please click the “Request A Consultation” link in the upper right of the screen. Write “Cybersecurity for my Enterprise” in the subject line. Please write your name, email address and tel. # in the body of the message; I reply within 24 hours. Thanks for reading and listening. #

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s