IT departments are breaking into two teams, or two departments, to accommodate the increase in regulations. Cybersecurity is breaking apart from the traditional IT infrastructure team due to separation of duty requirements in nearly all regulations.
As companies grow in size and become more regulated, they separate the cybersecurity from IT infrastructure to ensure the security controls are implemented, audited and reported to the regulatory agency. The cybersecurity team often works in a separate security operations center (SOC).
For example, if your company is regulated, you will probably be required to enforce a security control to back up all information systems. Although they are separate teams, the cybersecurity and IT infrastructure teams work together to get the company in compliance:
The cybersecurity team determines what the company needs to do to comply with the regulation and assigns the work to the IT infrastructure team.
Then, someone on the IT infrastructure team, like a systems administrator, completes the work.
The cybersecurity team would ensure the task is done, provide proof that it’s complete, ensure the backup is secure and report completion of the security control to the regulatory agency.
Many security controls revolve around penetration testing and cybersecurity analytics. For example, another common security control is continuous monitoring of information systems. Continuous monitoring is usually completed by a security analyst on the cybersecurity team, who monitors the network using a security information and event management (SIEM) system such as Splunk or IBM QRadar. If the security analyst receives a SIEM security alert that indicates a compromised user laptop, the security analyst might create a help desk ticket for an infrastructure IT support technician to quarantine the infected system.
More Info: comptia a+ entry level jobs
As companies grow in size and become more regulated, they separate the cybersecurity from IT infrastructure to ensure the security controls are implemented, audited and reported to the regulatory agency. The cybersecurity team often works in a separate security operations center (SOC).
For example, if your company is regulated, you will probably be required to enforce a security control to back up all information systems. Although they are separate teams, the cybersecurity and IT infrastructure teams work together to get the company in compliance:
The cybersecurity team determines what the company needs to do to comply with the regulation and assigns the work to the IT infrastructure team.
Then, someone on the IT infrastructure team, like a systems administrator, completes the work.
The cybersecurity team would ensure the task is done, provide proof that it’s complete, ensure the backup is secure and report completion of the security control to the regulatory agency.
Many security controls revolve around penetration testing and cybersecurity analytics. For example, another common security control is continuous monitoring of information systems. Continuous monitoring is usually completed by a security analyst on the cybersecurity team, who monitors the network using a security information and event management (SIEM) system such as Splunk or IBM QRadar. If the security analyst receives a SIEM security alert that indicates a compromised user laptop, the security analyst might create a help desk ticket for an infrastructure IT support technician to quarantine the infected system.
More Info: comptia a+ entry level jobs
No comments:
Post a Comment