CIR Team
IT Teams Dealing with Cybersecurity
An organization depending heavily on IT infrastructure tends to have a team designated to monitor the security of applications, software, and hardware.
The objective is to compare the organization's information security (Infosec), cyber security (CS), and IT security (IT Sec) teams (Figure showing the "Three Types of Teams Dealing with Cyber Security"). While these three teams may have overlapping roles and responsibilities, their objectives may differ drastically.
Ultimately, the detailed review of the three teams will guide any organization on which type of team suits them.
Three Types of Teams Dealing with CyberSecurity
Type of Coverage by Teams
To understand the current types of teams deployed within a typical organization, organisations must understand their respective scope and coverage (CCM, 2017) for their IT team to deal with cyber security.
The “IT” attached to the team may be misleading; an organization may not have the actual means of dealing with cyber security incidents despite having a designated IT team present.
If any IT team's coverage (Rouse & Teravainen, 2016) does not include the development and maintenance of a CIR plan, the organization’s cyber security program is a simple one at best, a crippling incident waiting to happen at worst.
Thus, forming a team that covers multiple (or missing) aspects from the Figure below can contribute significantly to effective cyber security response.
Coverage |
InfoSec |
IT Sec |
CS |
Processes and facilities are utilized to protect physical and virtual information.
|
✓ |
✓ |
- |
Protect organizations against cyber security threats |
- |
- |
✓ |
Information/ Data |
✓ |
- |
- |
Information/ Data and facilities that utilize them |
- |
✓ |
✓ |
Protect against unauthorized attacks/ access |
✓ |
✓ |
✓ |
Detection, Monitoring, Mitigation, Response |
✓ |
✓ |
✓ |
Coverage of IT Security Activities Based on Teams
Related Concept to Cybersecurity Coverage by IT Teams
Type of Coverage by IT Team | Team Composition | Maintain Strong Cybersecurity Processes and Functions | Skill Sets and Long-Term Challenges | Back To: Team Handling CIR |
Do You Want to Continue BCM Training onsite or online?
Goh, M. H. (2017). A Manager's Guide to Business Continuity Management for Cyber Security Incidents, 2nd Edition. GMH Pte Ltd.
Reference: Chapter 3 What Are the Typical IT Teams Handling Security for IT? 3.2 Coverage Based on Type
Note: This version was the draft 2nd Edition being updated in 2023. The numeric in the square bracket [X-X] cross-refers to the actual chapter and section in the 1st Edition.