Jump to content

Implementation Frameworks


Recommended Posts

Hello,

I am Mike Anderson, INFOSEC student at UAT and would like to discuss some general approaches towards implementing security and improving upon current methodologies being implemented. In particular, I am referring to the Plan, Do, Check, Act approach (link @ bottom). This simply entails a reference cycle which is to be repeated as necessary; What to do, What order, How to do it, Verification of Improvement, Next. This essentially covers all the grounds; policies, risk assessment, maintenance, access control, monitoring, logs, analysis, vulnerability assessments, reporting, sustaining effective security, etc, etc.

Some implementation frameworks for deploying such a security plan include:

-Security Knowledge In Practice (skip)

-The IDEAL Model

-Visible Ops and Visible Ops security

-Chemical Sector Cyber Security Program

The framework that particularly jumped at me was the SKIP framework. It provides a cycle allowing for continuous improvement of the security of your systems. Not only is it critical in detection as well as response to improve your security structure but adequate planning time is also crucial. You learn by doing. Enabling time in your agenda to analyze and perhaps what worked and what did not can prove to be priceless to your security stance overall. A negative aspect to this implementation framework could be within the detection step. No, we cannot analyze every ping or scan made on our networks but we need to ensure not to let human error slide into play, thus overlooking some potential threats/issues. Any relevant advice on the matter from someone who may have some specific hands-on with these particular approaches would be appreciated. Thank you.

https://buildsecurityin.us-cert.gov/bsi/articles/best-practices/deployment/574-BSI.html

Link to comment
Share on other sites

  • 2 weeks later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...