Difference between revisions of "User:Shawndouglas/sandbox/sublevel3"

From LIMSWiki
Jump to navigationJump to search
Line 1: Line 1:
The project manager will also likely oversee dissemination of communications related to plan implementation. Without a doubt, internal stakeholders will want to be kept aware of the implementation status of the cybersecurity plan. When should IT go live with the improved firewall installation? Are the new password requirements going into effect later than expected? Has the training literature you handed out last week been updated to reflect the critical changes your staff had to make over the weekend? Keeping everyone in the loop will help build trust in the attempt to build cybersecurity culture into the workplace. This also means concise and comprehensible documentation is being made available and is updated as changes in implementation take place. This is all in addition to deciding how to best communicate implementation progress (e.g., reports, emails, meetings, project website).
The planning is in the rear-view mirror, the implementation is complete, and your organization is nestled behind a warm layer of technological and process-based security. Pat yourselves on the back and call it "mission accomplished," right? Well, not quite. The mission of cybersecurity is never-ending, as is the adaptation and assault of cyber criminals. The final component of a successful cybersecurity plan involves monitoring and assessing the effectiveness of the plan, and updating it when necessary. This is where those performance indicators (5.4) you developed truly come into play. Based on your cybersecurity goals and objectives, those performance indicators are tied to monitoring systems, audit controls, and workflow processes. Questions worth asking include<ref name="DowningAHIMA17">{{cite web |url=https://journal.ahima.org/wp-content/uploads/2017/12/AHIMA-Guidelines-Cybersecurity-Plan.pdf |format=PDF |title=AHIMA Guidelines: The Cybersecurity Plan |author=Downing, K. |publisher=American Health Information Management Association |date=December 2017 |accessdate=23 July 2020}}</ref><ref name="LebanidzeGuide11">{{cite web |url=https://www.cooperative.com/programs-services/bts/documents/guide-cybersecurity-mitigation-plan.pdf |format=PDF |title=Guide to Developing a Cyber Security and Risk Mitigation Plan |author=Lebanidze, E. |publisher=National Rural Electric Cooperative Association, Cooperative Research Network |date=2011 |accessdate=23 July 2020}}</ref><ref name="LagoHowTo19">{{cite web |url=https://www.cio.com/article/3295578/how-to-implement-a-successful-security-plan.html |title=How to implement a successful cybersecurity plan |author=Lago, C. |work=CIO |publisher=IDG Communications, Inc |date=10 July 2019 |accessdate=23 July 2020}}</ref>:
 
* Do the indicators seem to be measuring what your organization intended?
* Are trends accurately being identified out of the data, or is the data simply confounding?
* Are the detection settings doing their job, or are attacks getting through that shouldn't be?
* Are appropriate cybersecurity test procedures and tools implemented and used by qualified personnel?
* Is enough data being captured and documented?
* Are emails and alerts actually being received and acted upon?
* Are too many false positives being generated?
 
==References==
{{Reflist|colwidth=30em}}

Revision as of 20:16, 16 February 2022

The planning is in the rear-view mirror, the implementation is complete, and your organization is nestled behind a warm layer of technological and process-based security. Pat yourselves on the back and call it "mission accomplished," right? Well, not quite. The mission of cybersecurity is never-ending, as is the adaptation and assault of cyber criminals. The final component of a successful cybersecurity plan involves monitoring and assessing the effectiveness of the plan, and updating it when necessary. This is where those performance indicators (5.4) you developed truly come into play. Based on your cybersecurity goals and objectives, those performance indicators are tied to monitoring systems, audit controls, and workflow processes. Questions worth asking include[1][2][3]:

  • Do the indicators seem to be measuring what your organization intended?
  • Are trends accurately being identified out of the data, or is the data simply confounding?
  • Are the detection settings doing their job, or are attacks getting through that shouldn't be?
  • Are appropriate cybersecurity test procedures and tools implemented and used by qualified personnel?
  • Is enough data being captured and documented?
  • Are emails and alerts actually being received and acted upon?
  • Are too many false positives being generated?

References

  1. Downing, K. (December 2017). "AHIMA Guidelines: The Cybersecurity Plan" (PDF). American Health Information Management Association. https://journal.ahima.org/wp-content/uploads/2017/12/AHIMA-Guidelines-Cybersecurity-Plan.pdf. Retrieved 23 July 2020. 
  2. Lebanidze, E. (2011). "Guide to Developing a Cyber Security and Risk Mitigation Plan" (PDF). National Rural Electric Cooperative Association, Cooperative Research Network. https://www.cooperative.com/programs-services/bts/documents/guide-cybersecurity-mitigation-plan.pdf. Retrieved 23 July 2020. 
  3. Lago, C. (10 July 2019). "How to implement a successful cybersecurity plan". CIO. IDG Communications, Inc. https://www.cio.com/article/3295578/how-to-implement-a-successful-security-plan.html. Retrieved 23 July 2020. 
Retrieved from "https://www.limswiki.org/index.php?title=User:Shawndouglas/sandbox/sublevel3&oldid=46468"