Security Team Assessment
2020 has been an unusual year, and as it draws to a close, focus is now turned onto the budgetary requirements for the coming year. One of the key metrics that will determine that funding is based on the performance of your security team in the previous year.
The success of the security capabilities of your IT team can be measured using a range of factors. How many cyberattacks were avoided using the department’s security plan and infrastructure? How quickly were breaches that did succeed mitigated? How long did it take for normal business to be resumed? But ultimately, how much money was saved by the investment made in cybersecurity protection in the previous 12 months?
In order to answer these questions in a systematic way, Cynet, a leading global supplier of cybersecurity solutions has released a Security Team Assessment template. The purpose of this tool is to collate all of the security team’s Key Performance Indicators (KPIs) that will impact the content of the forthcoming budget.
The template is a sophisticated, yet simple-to-use tool designed to compile an assessment analysis of the performance of your company’s cybersecurity team. This data can then be incorporated into your budget plan for the coming year. The template makes allowance for company size as well as the specific structures and requirements of individual companies. Additionally, it makes allowances for the different names of roles applied in each company, which often vary considerably. Click here to download Cynet’s Security Team Assessment template.
Cynet’s Assessment template concentrates on operational processes, paying special attention to the actual systems and products deployed in your company and determining whether they have been optimally utilized. It divides the report into individual analyst roles from the top tier level to the lowest security analyst level in the company.
At the top of the tree is the Director of Security who is tasked with reporting to the Chief Information Security Officer (CISO). This person holds overall responsibility for all cybersecurity processes and information in the company.
Below the Director of Security is the Security Architect whose responsibility it is to specify the structure of your company’s security plan including monitoring, alerts, responses, and mitigation functionality that are aimed at protecting company and customer data and other assets. The Security Architect must possess an in-depth understanding of Internet security IT software and hardware and be familiar with ongoing practices and developments in the industry.
Tier 1 Security Analysts work “at the coal face” and are the first line of defense in the battle against cybercrime. These are the operatives who will man the company’s cyber help desk, providing around-the-clock coverage of network issues and alerts.
Tier 2 Security Analysts are set on stand-by to apply deeper analysis of those events given higher priority by their Level 1 colleagues. The issues managed by these analysts involve further investigation and remediation, which enables them to feed any novel data back into the company’s cybersecurity system.
Tier 3 Security Analysts examine potential threats to the network. These include protecting company systems against attack on vulnerabilities in the network structure. Their remit includes threat hunting and penetration testing.
Next in line there is the Security Operations Center (SOC) Manager whose role involves the overall management of the cybersecurity assessment process. This includes defining workflows, observation, management, and threat response. This person is also responsible for compliance control and crisis management.
The roles specified above are not set in stone, and their responsibilities can be combined. For example, the tasks of the Tier 1 and Tier 2 analysts could be combined into one role for a smaller-sized company. However, in larger companies, with heavier workloads, individual analysts will be required for each level. Flexibility is the keyword.
Cynet designed its template to assist you in defining the individual security monitoring personnel and their duties best suited to your company’s requirements. It analyzes the effectiveness of each individual analyst by examining the outcome of their KPIs for the previous year. It also provides an overall assessment of your company’s cybersecurity plan.
Click here to download Cynet’s Security Team Assessment plan template.