- Threat and Vulnerability Management
- Software and Systems Security
- Security Operations and Monitoring
- Incident Response
- Compliance & Assessment
In this blog, we will discuss the fifth domain of CySA+: Compliance and Assessments.
In this domain, you will understand three important concepts:
- The importance of data privacy and protection
- Security concepts in support of organizations’ risk mitigation
- Policies, frameworks, procedures, and controls are critical
1. Importance of data privacy and protection
In any organization, there are many key pieces of information like loyalty schemes, customer data, transactions, employee records, or data collection that need to be protected from unauthorized access. Protecting sensitive data is very important because it may contain information about your current staff, business partners, clients, and shareholders.
Data privacy is important since individuals who engage online need to trust that their data will be handled carefully. Organizations use data protection practices in order to demonstrate to their customers and users that they can be trusted with their data.
In this concept, you will learn:
- Privacy vs. Security: Privacy and security are intertwined. Privacy refers to whatever control you have over your personal information and how it is utilized. Consider the privacy terms that you are required to read and agree to when you download new smartphone apps. In contrast, security relates to how your personal information is safeguarded, like your data and various facts about you.
- Technical controls: Technical controls use a variety of technologies to minimize vulnerabilities. A few examples of technical controls are firewalls, encryption, IDSs, the principle of least privilege, and antivirus software.
- Non-technical controls: Unlike technical controls, non-technical controls include such actions and things as procedures, administrative policies, and standards for the full range of information security, including privacy domains and assigned responsibilities.
2. Security concepts in support of organizations’ risk mitigation
In this section, you will understand the below-mentioned concepts:
- Risk identification process: Risk identification is the process of determining which risks may harm the project. The main advantage of this procedure is that it documents current risks and offers the project team information and the capacity to predict occurrences.
- Risk prioritization: The process of deciding which risks to act on first is known as risk prioritizing. This should be based on the likelihood of a risk and its potential consequence. Risk prioritizing may be accomplished by assessing the risks to your company to decide which ones are more likely to occur and which ones will have a greater impact. For evaluation, a risk prioritization matrix might be employed.
- Business impact analysis: A business impact analysis (BIA) is the process of identifying the criticality of company activities and the resources required to maintain operational resilience and continuity of operations during and after a business interruption.
- Training and exercises: In this section, you will learn about:
- Red team: A “red team” is a group that pretends to be an enemy or rival and gives security input from that vantage point. Red teams are utilized in a variety of sectors, including cybersecurity, airport security, the military, and intelligence organizations.
- Blue team: A blue team is a group of people that analyze information systems to assure security, uncover security holes, test the efficacy of each security measure, and ensure that all security measures remain effective after installation.
- The White team: The team oversees and evaluates the cyber defense competition. They are also in charge of documenting ratings for the Blue Teams on usability and security supplied by the Green and Red Teams, respectively. The White Team also examines security reports and grades them based on accuracy and countermeasures.
3. Policies, frameworks, procedures, and controls
In this section, you will learn about:
- Frameworks: A security framework is a collection of national and international cybersecurity regulations and practices designed to protect vital infrastructure. It contains detailed recommendations for businesses on how to handle personal information contained in systems in order to reduce their exposure to security-related threats.
- Policies and procedures: This section reveals:
- Password policy: A password policy is a collection of guidelines to improve computer security by helping users create and use strong passwords. A password policy is frequently included in an organization’s formal policies and may be taught as part of security awareness training.
- Acceptable use policy: A company’s acceptable use policy should refer to the safe and ethical use of email and the internet as a whole. A code of conduct outlines the acceptable use policy, such as what websites users can access, how they can log on to the network, etc.
- Data retention: Data retention rules govern the maintenance of persistent data and records to fulfill legal and corporate data archiving needs.
- Control types: There are a few different control types; they are:
- Managerial control: A person with managerial control has the power, directly or indirectly, to direct or cause the direction of the management or policies of the organization, whether by exercising voting rights, by contract, or in any other manner.
- Operational Control: Operational control refers to the authority to handle subordinate forces, including organizing and operating them, assigning tasks, determining objectives, and giving authoritative directions required to complete the mission.
- Preventive control: A preventative control prevents a loss or an error from occurring. Physical property protection and segregation of duties are examples of preventive controls. Generally, these controls are built into a process so that they are applied continuously.
CySA+ with InfosecTrain:
InfosecTrain is one of the leading training platforms that offers consultancy services, certifications, and training on cybersecurity and information security. Our accredited trainer will help you gain the analytic skills to detect and defend against cyberattacks in an organization. Our courses are available in live instructor-led and self-paced sessions, making it easy to complete your training journey. Join InfosecTrain’s CompTIA CySA+ training program to get cyber analytic skills that can enhance your career in the cyber world.