Security Management - PowerPoint PPT Presentation

1 / 9
About This Presentation
Title:

Security Management

Description:

As the title implies, the CIO is responsible for the information the ... Centralized implies full time security staff members that report to a single ... – PowerPoint PPT presentation

Number of Views:39
Avg rating:3.0/5.0
Slides: 10
Provided by: dalh6
Category:

less

Transcript and Presenter's Notes

Title: Security Management


1
Security Management
  • Session 2 (cont.)
  • The security Team

2
Agenda
  • Security Team Members
  • Products Security team is responsible for
  • As stated before, the Security team is the
    production unit for security
  • Must have close association with development
    teams
  • Remember Security is an attribute!

3
Team members
  • Must be Technically astute
  • Responsible for implementing the executive
    committees requirements
  • i.e., the executive committee can be considered a
    customer of the security team
  • This is a commercial model and often does not fit
    a DoD contractor or systems house model

4
Team members (Cont.)
  • Security officer
  • The lead security manager for the security team
  • Every technical security member works for the
    security officer
  • Very experienced
  • May also be a member of the executive committee
  • Normally reports to the CIO

5
Team members (Cont.)
  • The Chief Information Officer
  • As the title implies, the CIO is responsible for
    the information the organization generates, has
    in custody, or receives
  • Primary focus is determining what information is
    critical and important to the mission of the
    system or enterprise and, through the security
    team, ensure that the security design addresses
    these concerns

6
Team members (Cont.)
  • Full time security engineers
  • Part time functional engineers
  • These people are generally IPT leads or the like
    that are responsible for certain information or
    applications
  • Their role is to help the security team become
    intimately familiar with the system in order to
    integrate the appropriate security given the
    mission

7
Security Administration
  • Centralized vs. Decentralized
  • Distinguish between physical location and
    organizational structure
  • Centralized implies full time security staff
    members that report to a single manager or
    authority
  • In security team, that person is the SSO
  • This should be the case even if staff is
    physically distributed.

8
Security Administration
  • Many of Security Team members are temporary or
    part time
  • Coordinators/Liaisons
  • Department or business unit leads
  • Should have dotted line reporting requirement to
    SSO
  • Members brought together under Security Working
    Group chaired by SSO (Sometimes under
    jurisdiction of Executive Committee members)

9
Security Administration
  • During Operation, SSO is responsible for secure
    operations
  • Becomes the custodian of the resources of the
    system
  • Ensures the appropriate policies are applied and
    followed with respect to these resources
  • These policies are established by the Liaisons
    and business leads (their owners)
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Security Management" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!