Actors of Security Cultures
.docx
keyboard_arrow_up
School
Grand Canyon University *
*We aren’t endorsed by this school
Course
425
Subject
Information Systems
Date
Dec 6, 2023
Type
docx
Pages
6
Uploaded by GrandOtterPerson91
Actors of Security Cultures
ITT-425
October 14, 2023
Actors of Security Cultures
Introduction
In today's interconnected world, cybersecurity is paramount for organizations, and Pikes Peak
Health Care is no exception. With a mission to improve the health and quality of life for its
community, ensuring the security of patient data, operations, and infrastructure is critical. To
achieve this, Pikes Peak Health Care should establish a Security Operations Center (SOC) to
develop and nurture a healthy security culture. This proposal addresses key aspects of the SOC
and its role in achieving a robust security culture within the organization.
-Compare and Contrast Aspects of Cybersecurity
Cyber operations refer to the daily activities related to securing an organization's digital assets.
“Cybercrime is any criminal activity that involves a computer, networked device or a network”
(Brush, 2021). “Cyberlaw is the area of law that deals with the Internet’s relationship to
technological and electronic elements, including computers, software, hardware and information
systems (IS)” (Rouse, 2022). To maintain a healthy security culture, Pikes Peak Health Care
must navigate this complex landscape. The SOC will play a vital role in ensuring compliance
with cyber law, detecting, and mitigating cybercrimes, and managing cyber operations
effectively.
-Elements of a Healthy Security Culture
1.
Internalize Security:
“
Ensure your business is routinely spreading awareness about new
risks in the workplace, best practices in cybersecurity hygiene and policies and
procedures. Regular communications, mock drills and other security awareness exercises
are critical in engaging employees, especially those who are working remotely. Senior
management and board members must treat cybersecurity as a strategy that is imperative
and valuable to business success, and it’s critical that they lead by example” (Forbes,
2021).
2.
Build Engagement and Ownership: “
A defining feature of any security culture is that it
must be challenging, engaging and, yes, fun. Recognizing and rewarding good security
behavior is an important tactic for building and sustaining a security culture. When done
right, engaged audiences provide a high return on investment (ROI), helping the business
achieve its security objectives. Disengaged employees, on the other hand, can
negatively
impact
a security program and put the business at risk” (Forbes, 2021).
3.
Create a Climate of Trust: “
Trust is the foundational element of culture change.
Anxiety and defensiveness usually creep in, especially when it comes to a sensitive topic
like privacy.
Many employees
are reluctant to report a security threat for fear of reprisal,
and one
Administrative Science Quarterly
study
shows that blaming employees isn’t the
solution” (Forbes, 2021).
4.
Use a Data-Driven Approach:
“
Start by conducting a baseline assessment of your
business. You can do this by measuring the current state of security awareness, attitudes
and behaviors of your employees. In a hybrid world, there’s no one-size-fits-all approach.
Security awareness, attitudes and behaviors of remote employees might be totally
different from those on-site. For example, around
50%
of employees admit to cutting
cybersecurity corners while working from home” (Forbes, 2021).
5.
Empower Your Workplace: “
As the phrase often attributed to Peter Drucker claims:
“Culture eats strategy for breakfast.” With today’s hyperconnectivity, security must be
valued by everyone as a critical aspect of work and life. The security facet of your
organizational culture is the most central element of cybersecurity strategy, with human
behavior at its core. One needs to approach cybersecurity with a mindset that people
aren’t the problem, rather, they’re the solution” (Forbes, 2021).
-SOC Significance
The SOC is significant to the security culture of Pikes Peak Health Care in several ways:
Proactive Threat Mitigation:
The SOC enables the organization to proactively detect and
respond to security threats, reducing the risk of data breaches and operational disruptions.
Compliance Assurance:
It ensures that the organization complies with relevant cybersecurity
regulations and laws, mitigating legal and financial risks.
Employee Empowerment:
Security awareness programs led by the SOC empower employees
to become the first line of defense against cyber threats.
Data Protection:
The SOC's efforts safeguard patient data, maintaining trust and reputation in
the community.
-Key Actors
The key actors within SOC operations include:
SOC Analysts:
“Security analysts are typically the first responders to incidents. They are the
soldiers on the front lines fighting against cyber attacks and analyzing threats. In short, their
job is to detect threats, investigate those threats, and respond to them in a timely fashion.
Additionally, analysts may have responsibilities that involve implementing security measures
as dictated by management. They may also play a role in organizational disaster recovery
plans. In some organizations, security analysts are expected to be on call to respond to
incidents that occur outside of business hours” (Stern, 2021).
SOC Manager:
“A security manager within a SOC team is responsible for overseeing
operations on the whole. They are in charge of managing team members and coordinating with
security engineers. Security managers are responsible for creating policies and protocols for
hiring and building new processes. They also help development teams set the scope of new
security development projects. They serve as the direct boss to all members of the SOC team”
(Stern, 2021).
Security Engineer: “
Security engineers are responsible for maintaining tools, recommending
new tools, and updating systems. Many security engineers specialize in
SIEM platforms
.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Security engineers are responsible for building the security architecture and systems. They
typically work with development operations teams to ensure that systems are up to date.
Additionally, security engineers document requirements, procedures, and protocols to ensure that
other users have the right resources” (Stern, 2021).
Chief Information Security Officer: “
The chief information security officer (CISO) is
responsible for defining and outlining the organization’s security operations. They are the final
word on strategy, policies, and procedures involved in all aspects of cyber security within the
organization. Additionally, they may also be responsible for managing compliance” (Stern,
2021).
-Application of Knowledge
Physical Security
The SOC will assess and enhance physical security measures such as access control,
surveillance, and data center security.
Personnel Security
Implement security clearances, background checks, and user access policies to ensure that only
authorized personnel have access to sensitive data.
System and Data Identification
Utilize data classification to identify sensitive data and implement encryption and access controls
accordingly.
System Security Plans
Develop and maintain comprehensive security plans for systems, outlining security measures,
policies, and procedures.
Configuration and Patch Management
Regularly update and patch systems to address vulnerabilities and ensure secure configurations.
System Documentation
Maintain detailed documentation on system configurations, network topology, and security
controls.
Incident Response Program
Establish an incident response plan to outline steps for identifying, mitigating, and recovering
from security incidents.
Disaster Recovery Program
Create a disaster recovery plan to ensure data and service continuity in the event of a catastrophic
event.
Certification and Accreditation
Conduct regular assessments to certify systems' compliance with security standards and accredit
them for use.
Least Privileges
Implement the principle of least privilege to restrict access to only necessary resources, reducing
the attack surface.
Fail Safe/Fail Secure
Ensure that systems fail in a secure state to prevent exploitation during system failures.
Security Awareness, Training, and Education
Develop a comprehensive security awareness program to educate employees and stakeholders on
security best practices, ensuring a security-conscious workforce.
In conclusion, Establishing a Security Operations Center at Pikes Peak Health Care is crucial for
building a robust security culture. The SOC will help the organization navigate the complex
cybersecurity landscape, respond effectively to threats, and ensure compliance with cyber law.
By implementing these measures and involving key actors, Pikes Peak Health Care can fulfill its
mission of improving health and quality of life while safeguarding its digital assets and patient
data.
References
Graham, R (October 18, 2017) The difference between cybersecurity and cybercrime, and why it
matters. The Conversation.
https://theconversation.com/the-difference-between-cybersecurity-
and-cybercrime-and-why-it-matters-85654
Brush, K (September, 2021) cybercrime. TechTarget.
https://www.techtarget.com/searchsecurity/definition/cybercrime
Rouse, M (September 12, 2022) Cyberlaw. Techopedia.
https://www.techopedia.com/definition/25600/cyberlaw
Wadhwa, P (October 3, 2023) 6 Steps to Strengthen Your Organization’s Security Culture.
Sprinto.
https://sprinto.com/blog/build-a-strong-security-culture/
Simmons, K (May 8, 2019) 5 Key Elements of an Effective SOC. ArmorPoint.
https://armorpoint.com/2019/05/08/5-key-elements-of-an-effective-soc/
Bykowski, K (January 12, 2023) 6 Key SOC Team Roles & Responsibilities. SWIMLANE.
https://swimlane.com/blog/soc-team-roles-responsibilities/
Stern, A (September 27, 2021) Understanding SOC team roles and responsibilities. Chronical
Security.
https://chronicle.security/blog/posts/understanding-the-soc-team-roles-and-
responsibilities/
Muntean, M (October 3, 2022) What is an SOC Analyst? (Background, Skills, & Requirements).
Springboard.
https://www.springboard.com/blog/cybersecurity/soc-analyst-guide/
Prajwal, V (June 13, 2023) 10 Proven Incident Response Strategies for SOC Analysts. Blue
Team Resources.
https://blueteamresources.in/incident-response-strategies-for-soc-analysts/
Forbes (August 31, 2021) Five Ways To Sustain A Healthy Security Culture In A Hybrid World.
Forbes.
https://www.forbes.com/sites/forbesbusinesscouncil/2021/08/31/five-ways-to-sustain-a-
healthy-security-culture-in-a-hybrid-world/?sh=22be0d3324da
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help