-
Notifications
You must be signed in to change notification settings - Fork 0
/
security_ops.php
165 lines (163 loc) · 8.55 KB
/
security_ops.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
<?php
include "header.php";
?>
<div class="container-fluid text-center">
<div class="row content">
<div class="col-sm-2">
</div>
<div class="col-sm-8 text-left">
<h1 style="text-align:center;">Security Operation</h1>
<p style="text-align:center;">List of possible actions your organisation can take in other to improve its resilience to cryptojacking attack.</p>
<hr>
<ol>
<li>
<p>
Establish a security operations center (SOC) to monitor the
organization's security posture and respond to security incidents (IBM 2022).
</p>
</li>
<li>
<p>
Implement security information and event management (SIEM) systems
to collect and analyze security event data (Arnold, 2011).
</p>
</li>
<li>
<p>
Use log aggregation tools to centralize security event logs for
analysis (Brain, 2017).
</p>
</li>
<li>
<p>
Implement security incident response plans to quickly and
effectively respond to security incidents (Paul et al, 2012).
</p>
</li>
<li>
<p>
Use incident response playbooks to guide incident response
activities (Andreas, 2022).
</p>
</li>
<li>
<p>
Implement security incident detection and response tools to
automatically detect and respond to security incidents (Threat intelligence, 2023).
</p>
</li>
<li>
<p>
Regularly conduct security awareness training for all employees to
educate them on security risks and how to protect the organization
from security threats (Jenn, 2022).
</p>
</li>
<li>
<p>
Use threat intelligence to identify potential threats and
vulnerabilities relevant to the organization (ISBuzz Staff, 2015).
</p>
</li>
<li>
<p>
Use network and application security scanners to identify potential
security vulnerabilities in the organization's network and
applications (National Cyber Security Centre, 2021).
</p>
</li>
<li>
<p>
Use penetration testing to identify potential vulnerabilities in
the organization's systems and applications (Konstantinos, 2012).
</p>
</li>
<li>
<p>
Implement security-focused design reviews to identify potential
security risks in new systems and applications (Paul, 2022).
</p>
</li>
<li>
<p>
Use security metrics to measure the effectiveness of the
organization's security posture and identify potential areas for
improvement (ProServeIT, 2017).
</p>
</li>
<li>
<p>
Use continuous monitoring to identify potential security incidents
in real-time (RiskOptics, 2023).
</p>
</li>
<li>
<p>
Implement incident response plans to quickly and effectively
respond to security incidents (SecurityMetrics Inc, 2023).
</p>
</li>
<li>
<p>
Regularly review and update the organization's security operations
processes to ensure that they remain effective and up-to-date (Daniel 2019).
</p>
</li>
</ol>
<br />
<p>REFERENCES</p>
<p>
Andreas Seiler, 2022. The use of playbooks in the incident response process by SANS Institute. [online] Available from: <a href='https://www.sans.org/reading-room/whitepapers/analyst/automating-incident-response-playbooks-38006'>https://www.sans.org/reading-room/whitepapers/analyst/automating-incident-response-playbooks-38006</a> [Accessed 22 April 2023]
</p>
<p>
Anold Johnson., Kelly Dempsey., Ron Ross., Sarbari Gupta., Dennis Bailey, 2011. NIST Special Publication 800-128: Guide for Security-Focused Configuration Management of Information Systems. [online] Available from: <a href='https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-128.pdf'>https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-128.pdf</a> [Accessed 22 April 2023]
</p>
<p>
Brain Todd, 2017. Creating a Logging infrastructure. [online] Available from: <a href='https://sansorg.egnyte.com/dl/jyQrouiBde'>https://sansorg.egnyte.com/dl/jyQrouiBde</a> [Acessed 21 April 2023]
</p>
<p>
Daniel B, 2019. 8 ways to improve your organization’s security posture. [online] Available from: <a href='https://resources.infosecinstitute.com/topic/8-ways-to-improve-your-organizations-security-posture/'>https://resources.infosecinstitute.com/topic/8-ways-to-improve-your-organizations-security-posture/</a> [Accessed 23 April 2023]
</p>
<p>
IBM, 2022. Security Operations Center (SOC) [online] Available from: <a href='https://www.ibm.com/topics/security-operations-center'>https://www.ibm.com/topics/security-operations-center</a> [Accessed 22 April 2023]
</p>
<p>
ISBuzz Staff, 2015. Collecting, Analysing, and Evaluating on Threat Intelligence [online] Available from: <a href='https://informationsecuritybuzz.com/collecting-analysing-and-evaluating-on-threat-intelligence/'>https://informationsecuritybuzz.com/collecting-analysing-and-evaluating-on-threat-intelligence/</a> [Accessed 22 April 2023]
</p>
<p>
Jenn F, 2022. Cybersecurity Awareness for Employees: Best Practices [online ] Available from: <a href='https://www.itbusinessedge.com/security/cybersecurity-awareness-best-practices/'>https://www.itbusinessedge.com/security/cybersecurity-awareness-best-practices/</a> [Accessed 22 April 2023]
</p>
<p>
Konstantinos X., Iain S., Huw R., Emlyn E, 2012. Penetration Testing and Vulnerability Assessments: A Professional Approach. [online] Available from: <a href='https://www.researchgate.net/publication/49285560_Penetration_Testing_and_Vulnerability_Assessments_A_Professional_Approach'>https://www.researchgate.net/publication/49285560_Penetration_Testing_and_Vulnerability_Assessments_A_Professional_Approach</a> [Accessed 22 April 2023]
</p>
<p>
National Cyber Security Centre, 2021. Vulnerability Scanning Tools and Services [online] Available from: <a href='https://www.ncsc.gov.uk/guidance/vulnerability-scanning-tools-and-services'>https://www.ncsc.gov.uk/guidance/vulnerability-scanning-tools-and-services</a> [Accessed 23 April 2023]
</p>
<p>
Paul Cichonski., Tom Millar., Tim Grance., Karen Scarfone, 2012. Computer Security Incident Handling Guide by NIST [online] <a href='https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf'>https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf</a> [Accessed 22 April 2023]
</p>
<p>
Paul W., John C, 2022. A framework for evaluating security risk in system design. Article number: 7. [online] Available from: <a href='https://link.springer.com/article/10.1007/s43926-022-00027-w'>https://link.springer.com/article/10.1007/s43926-022-00027-w</a> [Accessed 23 April 2023]
</p>
<p>
ProServeIT, 2017. Security Metrics – Reasons Why You Should Measure Them. [online] Available from: <a href='https://www.proserveit.com/blog/security-metrics-program'>https://www.proserveit.com/blog/security-metrics-program</a> [Accessed 23 April 2023]
</p>
<p>
RiskOptics, 2023. What is Continuous Monitoring in Cybersecurity? [online] Available from: <a href='https://reciprocity.com/resources/what-is-continuous-monitoring-in-cybersecurity/'>https://reciprocity.com/resources/what-is-continuous-monitoring-in-cybersecurity/</a> [Accessed 23 April 2023]
</p>
<p>
SecurityMetrics Inc, 2023. How to Make and Implement a Successful Incident Response Plan [online] Available from: <a href='https://www.securitymetrics.com/learn/how-to-make-and-implement-successful-incident-response-plan'>https://www.securitymetrics.com/learn/how-to-make-and-implement-successful-incident-response-plan</a> [Accessed 23 April 2023]
</p>
<p>
Threat intelligence, 2023. Automated Incident Response: What It Is, Tools and Use Cases. [online] Available from: <a href='https://www.threatintelligence.com/blog/automated-incident-response'>https://www.threatintelligence.com/blog/automated-incident-response</a> [Accessed 22 April 2023]
</p>
<br/>
<br/>
</div>
<div class="col-sm-2">
</div>
</div>
</div>
<?php
include "footer.php";
?>