Presentation is loading. Please wait.

Presentation is loading. Please wait.

Appendix C: Designing an Operations Framework to Manage Security.

Similar presentations


Presentation on theme: "Appendix C: Designing an Operations Framework to Manage Security."— Presentation transcript:

1 Appendix C: Designing an Operations Framework to Manage Security

2 Overview Analyzing Risks to Ongoing Network Operations Designing a Framework for Ongoing Network Operations

3 Lesson 1: Analyzing Risks to Ongoing Network Operations Management of Ongoing Network Operations Why Security of Network Operations Is Important Common Vulnerabilities to Network Operations

4 MOF provides a framework to manage operational security, including: Management of Ongoing Network Operations Changes to security design. Daily operation of network security. IT Support for security issues. Optimizing and revising the security design. Changes to security design. Daily operation of network security. IT Support for security issues. Optimizing and revising the security design.

5 Why Security of Network Operations Is Important External Internal AttackerThreatExample External No change and configuration management A software company releases a new security hotfix for a recently discovered vulnerability. An attacker exploits the vulnerability before the administrators apply the hotfix to all computers. Internal Security procedures not followed An administrator notices a potential security compromise but is unsure how to report it. The administrator decides to remove the corporate network from the internet.

6 Common Vulnerabilities to Network Operations VulnerabilityExample Inadequate plan for change management New security patches are applied irregularly or not at all Administrators and users lack proper training on securing new application. Poor operations plan Users do not follow security policies and procedures Administrators do not regularly test backup media Weak support structure Security incident goes unreported IT support services are not reliable Failure to revise policy New security risks are not added to risk management plan Policies and procedures become outdated

7 Lesson 2: Designing a Framework for Ongoing Network Operations Process for Planning a Security Operations Framework Guidelines for Change Management Guidelines for Daily Security Operations Guidelines for Supporting Security Policies and Procedures Guidelines for Using Service Level Agreements Guidelines for Optimizing Security Policies and Procedures Security Policy Checklist

8 When planning a security operations framework, you must: Design a change management process for security. Design a plan for daily security operations. Design a plan for security support. Create service level agreements for IT operations and support. Design a change management process for security. Design a plan for daily security operations. Design a plan for security support. Create service level agreements for IT operations and support. 1 1 3 3 4 4 2 2 Process for Planning a Security Operations Framework

9 Guidelines for Change Management PhaseExample Identify When new security hotfixes are released… Review …the hotfixes will be tested on all applicable platforms… Approve …and approved by the CIO within 24 hours… Implement …and will be deployed according to the approved procedure for deploying security hotfixes A change management process reduces: Time to deployment Cost of updating hardware and software Disruption of business continuity Time to deployment Cost of updating hardware and software Disruption of business continuity

10 Guidelines for Daily Security Operations Include standards for: Preparing for security incidents Testing for security vulnerabilities Monitoring network security Preparing for security incidents Testing for security vulnerabilities Monitoring network security For each daily security task, define: Who completes the task When to complete the task How to complete the task Who completes the task When to complete the task How to complete the task

11 Guidelines for Supporting Security Policies and Procedures PhaseResponsibilities Support request management Receives support requests from users Escalates support issues Incident management Resolves routine support Escalates complex support requests and security incidents Problem management Identifies and resolves underlying causes of problems Incorporates results in organizational learning Support request management Incident management Problem management

12 Guidelines for Using Service Level Agreements Include in your service level agreements: Service hours and availability Priorities and support levels Reliability and accountability Responsiveness and restrictions Contingency Costs and charges Service hours and availability Priorities and support levels Reliability and accountability Responsiveness and restrictions Contingency Costs and charges

13 Guidelines for Optimizing Security Policies and Procedures Include measures in the security operations design for: Preventing interruptions to network services over time Recovering from security incidents as networks change Improving security policies and procedures over time Preventing interruptions to network services over time Recovering from security incidents as networks change Improving security policies and procedures over time Activities include: Identifying new threats and vulnerabilities Updating risk management plans Improving daily procedures and processes Incorporating learning from each incident response Testing disaster recovery plans on a regular basis Training new IT staff in security policies and procedures Identifying new threats and vulnerabilities Updating risk management plans Improving daily procedures and processes Incorporating learning from each incident response Testing disaster recovery plans on a regular basis Training new IT staff in security policies and procedures

14 Security Policy Checklist Create policies and procedures for: Designing a change management plan. Performing daily security operations. Supporting security issues. Optimizing and revising security policies and procedures. Designing a change management plan. Performing daily security operations. Supporting security issues. Optimizing and revising security policies and procedures.


Download ppt "Appendix C: Designing an Operations Framework to Manage Security."

Similar presentations


Ads by Google