Educause Security Discussion mailing list archives
Re: Operational vs project time
From: James Moore <jhmiso () RIT EDU>
Date: Mon, 30 Oct 2006 23:50:23 -0500
I think that there is a context question here. We implemented several standards in the last couple of years that describe incident response, and server and desktop security (as well as a few others). One of the new features of security standards is the emphasis on adding detective controls to complement preventive controls. Previously, most of the focus was on preventive controls. Now we are asking "How do you know that things are fine?" So we are at the beginning of the learning curve where the number of incidents rise rapidly, and the severity starts to decline. But this is skewing things heavily toward the operational side. I would estimate that we are about 60% operational and 40% projects. If you consider the basic CIA of information security, and the amount of time spent on operational availability, then the operational total is higher than that. Jim ________________________________ From: Gary Flynn [mailto:flynngn () JMU EDU] Sent: Mon 10/30/2006 3:36 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Operational vs project time Hi, We're undergoing some internal analysis and were wondering what security groups were seeing as the proportion of time spent on operational work vs project work. By operational work, I mean recurring things like responding to calls, access requests, infections, incidents, training and presentations, daily monitoring and response tasks, tuning, upgrades, and the like. By project work, I mean things like providing new internal or external services and development. Projects may be internal projects to improve security functions ( e.g. network anomaly detection ), external projects providing security services to external parties ( e.g. WSUS server ), or interdepartmental projects where security personnel participate in the project planning, design, management, and possibly implementation on an ongoing basis ( e.g. portal, identity management, new university system rollouts ). We're currently estimating 60-70% of our time going to operational tasks and wondered what others were seeing. -- Gary Flynn Security Engineer James Madison University www.jmu.edu/computing/security
The WatchGuard Firebox which protects your network detected a message which may not be safe. Cause : The file type may not be safe. Content type : application/ms-tnef File name : winmail.dat Virus status : No information. Action : The Firebox deleted winmail.dat. Your network administrator can not restore this attachment.
Current thread:
- Operational vs project time Gary Flynn (Oct 30)
- <Possible follow-ups>
- Re: Operational vs project time Crawford, Tim M. (Oct 30)
- Re: Operational vs project time Philip Webster (Oct 30)
- Re: Operational vs project time James Moore (Oct 30)
- Re: Operational vs project time Steve Schuster (Nov 01)