RE: Should Security Team Be Split?

From: Shripal Meghani (meghani@nsecure.net)
Date: 08/27/02 

From: "Shripal Meghani" <meghani@nsecure.net>
To: "Martin, James E." <martin@more.net>, <security-basics@securityfocus.com>
Date: Tue, 27 Aug 2002 19:32:46 +0530

[shrip] Very interesting Martin...
I'd like to know a little more on who reports to whom...

| -----Original Message-----
| From: Martin, James E. [mailto:martin@more.net]
| Sent: Monday, August 26, 2002 8:23 PM
| To: security-basics@securityfocus.com
| Subject: RE: Should Security Team Be Split?
|
|
| Largely, it depends on your available resources.
|
| We've evolved a three tiered structure, best pictured by
| envisioning a Venn diagram with three concentric circles. This
| approach has scaled well over five years.
|
| The first circle (the smallest) is the full time security group.
| This group provides day-to-day security event response, log
| review, R&D, situational awareness on new exploits and trends,
| and generally is the first to recognize "opportunities for
| improvement" in policy, education and practices. The team leader
| of this group acts as coordinator for all security activities.
| This group reports directly to the director of operations on a
| day-to-day basis, and provides regular briefings for senior
| directors. due to the concentration of security expertise, most
| security education is constructed (if not provided) by this group.
|
| The second circle is adds mission critical technical staff and
| decision makers. This group is referred to as the security team
| here. These individuals are provided with security event response
| training, and are available as resources for event response in
| their areas of expertise, technical control and/or policy
| ownership, R&D and planning. All members of this group are
| available by pager after hours, including directors and managers.
| In terms of performance, reviews and tasking, security accounts
| for 10% of their job description. This group meets every one to
| two months for lessons learned, security planning, policy review,
| event role-playing as a refresher and project reporting. The
| security coordinator is able to add and remove staff to this
| group as critical needs or roles are recognized.
|
| The third and largest circle adds one representative from every
| internal department and workgroup. Representatives of this group
| are responsible for providing security awareness, education and
| information to the wider organization. The security coordinator
| requests the manager of groups not already represented in the
| first two circles to designate one staff member. Meetings of this
| group have overlapped the second group, but occur at least quarterly.
|
| This organization allows us the benefit of scalability,
| flexibility to match organizational changes and growth, and
| provides consistancy across "circles".
|
| Enjoy!
| Jim
|
| ========================================
| James E. Martin
| MOREnet Network Security Coordinator
| University of Missouri System
| voice: 573-884-7200 fax: 573-884-6673
| ========================================
|
|
| -----Original Message-----
| From: A. Bluecoat [mailto:abluecoat@hotmail.com]
| Sent: Friday, August 23, 2002 12:35 PM
| To: security-basics@securityfocus.com
| Subject: Should Security Team Be Split?
|
|
| Hi all,
|
| My company is thinking about splitting up the security team along
| the lines
| of Plan, Build, and Run. Planning being crystal ball stuff and
| oversee of
| security architecture. Build is the implementation of projects
| and Run is
| the actual day to day maintenance. We would all report to
| different bosses.
| Any thoughts on this? Our thinking is we should stay together
| as a team.
| The lines between Build and Run blend in so many areas. There is also
| knowledge transfer and the general sense that we are all on the
| same page.
| Appreciate your input. Thanks.
|
|
|
|
|
|
|
|
|
| _________________________________________________________________
| Send and receive Hotmail on your mobile device: http://mobile.msn.com
|

Relevant Pages

  • Re: BNP MAKES HISTORY
    ... They have thrown everything except the kitchen sink at this Party and still we rocked home to Victory! ... The British Nationalist movement is on the rise - our determination, ... The recent diabolical attack on our peaceful press conference outside Parliament by UAF thugs, and the attacks on our activists during the Euro Election campaign, shows us that we need to invest in our outstanding and totally dedicated Security Department. ... We desperately need to support our wonderful Security Team. ...
    (uk.local.southwest)
  • Re: Should Security Team Be Split?
    ... Should Security Team Be Split? ... security auditing department. ... responsibilities, such as QC and QA for any new security software. ...
    (Security-Basics)
  • Re: Should Security Team Be Split?
    ... > My company is thinking about splitting up the security team ... > along the lines of Plan, Build, and Run. ... > ball stuff and oversee of security architecture. ... blob while introducing change management somewhere that's easier --- ...
    (Security-Basics)
  • RE: Should Security Team Be Split?
    ... Reporting gets very interesting. ... Should Security Team Be Split? ... | envisioning a Venn diagram with three concentric circles. ...
    (Security-Basics)
  • Re: Pentester convicted..
    ... and thus politely forcing them take responsibility for the protection of privacy of the data they carry. ... and ignored the first 2 reports. ... A security pro notices a flaw, checks to make sure he is not on crack ... Download FREE whitepaper on how a managed service ...
    (Pen-Test)
Loading