CIR Team
Maintain Strong Cybersecurity Processes and Functions
With roles and responsibilities identified, the activities to be performed by the respective team to ensure the organization can manage the cyber security program effectively are as spelt out in Figure 3-5. As organizations vary in size, nature, business processes, and the like, processes/functions must be customized to the organization's needs.
|
Processes/ Functions
|
Information Security
|
IT Security
|
Cyber Security
|
- Emulate attacks to find flaws within defences so rectification can be made.
- Defend against Red Team/ cyber security attacks to constantly improve security posture.
- Exchange information continuously between the Red and Blue Teams to improve continually.
- Purple team (if necessary) facilitates continuous integration.
|
✓
|
-
|
-
|
- Identify critical organizational and technological infrastructures.
- Identify cyber security threats that affect these infrastructures.
- Identify business functions that are utilizing these infrastructures.
- Develop mitigation/response measures.
|
-
|
✓
|
-
|
- Manage Information Risk
- Value Asset Inventory
- Manage Third-Party Risks
- Gather Threat Intelligence and Analysis
- Take advantage of Analytics
- Execute Data Management
- Perform Process Optimisation and Agile Controls
|
-
|
-
|
✓
|
Figure 3-5: Process and Functions Undertaken by the Type of Teams
Common Processes/ Functions Performed by the Three Teams
- Perform risk assessment
- Identify business functions and impacts
- Develop/Implement mitigation/response measures
- Test and exercise plan
- Engage with third parties
- Audit plan and third parties' plan
- Create awareness
- Build culture
Related Concept to Cybersecurity Coverage by IT Teams
| Type of Coverage by IT Team |
Team Composition |
Maintain Strong Cybersecurity Processes and Functions |
Skill Sets and Long-Term Challenges |
Back To: Team Handling CIR |
|
|
|
|
|
|
Do You Want to Continue BCM Training onsite or online?
Competency-based Course
|
Certification Course |
|
|
|
|
|
Goh, M. H. (2017). A Manager's Guide to Business Continuity Management for Cyber Security Incidents, 2nd Edition. GMH Pte Ltd.
Reference: Chapter 3 What Are the Typical IT Teams Handling Security for IT? 3.5 Processes and Functions
Note: This version was the draft 2nd Edition being updated in 2023. The numeric in the square bracket [X-X] cross-refers to the actual chapter and section in the 1st Edition.