Cybersecurity Series
Cyber Security_Blog_with Book

CIR Team: Cybersecurity Coverage by IT Teams

An organization depending heavily on IT infrastructure tends to have a team designated to monitor the security of applications, software, and hardware.

The objective is to compare the organization's information security, cyber security, and IT security teams. While these three teams may have overlapping roles and responsibilities, their objectives may differ drastically. Ultimately, the detailed review of the three groups will guide any organization on which type of team suits them.

Reference: Chapter 3 What Are the Typical IT Teams Handling Security for IT? 3.2 Coverage Based on Type

Moh Heng Goh

Banner 2 CIR Team Handling Cybersecurity

CIR Team

IT Teams Dealing with Cybersecurity

C3 CIR Type of Coverage by IT TeamsAn organization depending heavily on IT infrastructure tends to have a team designated to monitor the security of applications, software, and hardware.

The objective is to compare the organization's information security (Infosec), cyber security (CS), and IT security (IT Sec) teams (Figure showing the "Three Types of Teams Dealing with Cyber Security"). While these three teams may have overlapping roles and responsibilities, their objectives may differ drastically.

Ultimately, the detailed review of the three teams will guide any organization on which type of team suits them.

Figure 3-1 The Three Types of Teams Dealing with Cyber SecurityThree Types of Teams Dealing with CyberSecurity

Type of Coverage by Teams

To understand the current types of teams deployed within a typical organization, organisations must understand their respective scope and coverage (CCM, 2017) for their IT team to deal with cyber security.

The “IT” attached to the team may be misleading; an organization may not have the actual means of dealing with cyber security incidents despite having a designated IT team present.

If any IT team's coverage (Rouse & Teravainen, 2016) does not include the development and maintenance of a CIR plan, the organization’s cyber security program is a simple one at best, a crippling incident waiting to happen at worst.

Thus, forming a team that covers multiple (or missing) aspects from the Figure below can contribute significantly to effective cyber security response.

 

Coverage

InfoSec

IT Sec

CS

Processes and facilities are utilized to protect physical and virtual information.

  • Confidentiality – information disseminated/ allowed access to relevant parties
  • Integrity – information is not modified/ tampered with by unauthorized personnel.
  • Availability – information can be accessed by authorized personnel anytime, anywhere.

-

Protect organizations against cyber security threats

-

-

Information/ Data

-

-

Information/ Data and facilities that utilize them

-

Protect against unauthorized attacks/ access

Detection, Monitoring, Mitigation, Response

Coverage of IT Security Activities Based on Teams

 

Related Concept to Cybersecurity Coverage by IT Teams

Type of Coverage by IT Team Team Composition Maintain Strong Cybersecurity Processes and Functions Skill Sets and Long-Term Challenges Back To: Team Handling CIR
C3 CIR Type of Coverage by IT Teams C3 CIR Team Composition New call-to-action C3 CIR Skill Sets and Long-Term Challenges BCM & CIR - What Are the Typical IT Teams Handling Security for IT?

 


BCMI Logo

Do You Want to Continue BCM Training onsite or online?

Competency-based Course
Certification Course
New call-to-action New call-to-action [BL-3-Catalog] What Specialist Level Blended Learning Courses that are Available? [BL-5-Catalog] What Expert Level Blended Learning Courses that are Available?

A Manager’s Guide to BCM for Cybersecurity Incident Response

Goh, M. H. (2017). A Manager's Guide to Business Continuity Management for Cyber Security Incidents, 2nd Edition. GMH Pte Ltd.

Reference: Chapter 3 What Are the Typical IT Teams Handling Security for IT? 3.2 Coverage Based on Type

Note: This version was the draft 2nd Edition being updated in 2023. The numeric in the square bracket [X-X] cross-refers to the actual chapter and section in the 1st Edition.

 

 

Comments:

 

More Posts

New Call-to-action