nanog mailing list archives
RE: Security team objectives
From: "Hiers, David" <David.Hiers () cdk com>
Date: Mon, 30 Jul 2018 17:00:24 +0000
The Big Goal of security can be stated something like this: "To bend all of the cost and benefit curves to most closely align with the organization's security goals" If the Board of Directors can't articulate the goals, your pretty much doomed. David -----Original Message----- From: NANOG [mailto:nanog-bounces () nanog org] On Behalf Of John Kristoff Sent: Monday, July 30, 2018 5:00 AM To: nanog () nanog org Subject: Re: Security team objectives On Mon, 30 Jul 2018 04:43:35 +0000 Ramy Hashish <ramy.ihashish () gmail com> wrote:
If you are going to start a security team in a newly founded IT organization, what will the objectives/results be?
Hello Ramy, Management and organization buy-in is important. Initially I would say it would be helpful to do some internal education and awareness, which helps with the first point. Identify a few things you can improve upon right away. Some small obtainable achievements would help justify the team if the team can point to some early success. Then build up that. FIRST.org, which is the original security team community, has a wealth of very detailed guides and information you might look over: <https://www.first.org/resources/guides/> John ---------------------------------------------------------------------- This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, notify the sender immediately by return email and delete the message and any attachments from your system.
Current thread:
- Security team objectives Ramy Hashish (Jul 29)
- Re: Security team objectives valdis . kletnieks (Jul 29)
- Re: Security team objectives Royce Williams (Jul 29)
- Re: Security team objectives Ramy Hashish (Jul 29)
- Re: Security team objectives William Herrin (Jul 31)
- <Possible follow-ups>
- Re: Security team objectives John Kristoff (Jul 30)
- RE: Security team objectives Hiers, David (Jul 31)
- Re: Security team objectives Scott Weeks (Jul 30)
- Re: Security team objectives valdis . kletnieks (Jul 29)