Question

In: Computer Science

Discuss the role of people within a company's computer-security plan.

Expert Solution

Hi,

Please find the answer below:

-----------------------------------------------------------------

Security is defined as the state of being secure whether its physical assets like computers, network devices, or data or information like customer documents, files etc.

Security planning and security plan is a document that outlines the organizations security goals, objectives, establishing trust boundaries, defensive strategies and plans to protect the devices and data of the organization. The plan also outlines security risk mitigations and recovery plan when a security threat becomes a reality aka security incidents.

People are the most critical in the computer security planning. Almost everyone is responsible for the security in the organization.

There are many roles that people can play for successful execution of the security plan in the organization. The security team vastly depends on the organization size and mode of operation etc.

CIO- Chief Information officer

CIO is the person responsible for security in the organization.

Security Manager

This role is mostly responsible for managing security resources within the organization, hiring new security team members etc.

Security Architect

Architect is responsible for implementing security controls in the company, involves in security best practices. Conduct security training new security engineers, employees and analysts. Perform Security Audits

Security Engineers

Engineers are responsible for building security systems in the organization. Engineers closely work with other team members like developers, testers etc in the company. Perform Security Audits

Security Analysts and Testers

Analysts are responsible to investigate security holes or defects, and respond to incidents. Testers log security defects and incidents in the reporting tool. Help and coordinate with other members during security incidents.

CEO

CEO is responsible to announce any security incidents (if any) to customers and to the outside world. Announcement, emails about the incident and outlines the corrective actions etc

Staff and Employees

To follow security policies and privacy standards, participate in security trainings.

---------------

Hope this helps.

venereology answered 8 months ago

What role does password expiration play in computer security?

What role does password expiration play in computer security? Briefly explain a major advantage of password expiration, and briefly explain a major disadvantage.

discuss role of security models in implementing security policy in a software application

Many people believe that computer security relies on firewalls, programs, and policies. However, much of computer...

Many people believe that computer security relies on firewalls, programs, and policies. However, much of computer security is dependent on the corporate culture, and their view on security. For instance: Is it normal for people to leave their desks with their computer unlocked? You want to improve the security in your organization without using negative reinforcement (i.e. policing). What are some ways you can help drive a culture of security in an organization? Try to be unique and novel in...

Discuss the role of budgets in overall organization plans. Discuss the importance of people in the...

Discuss the role of budgets in overall organization plans. Discuss the importance of people in the budgeting process.

Describe the components of a disaster recovery plan. What role do computer forensics play in a disaster recovery plan?

Describe the components of a disaster recovery plan.What role do computer forensics play in a disaster recovery plan? Summarize the disaster recovery plan you found. What issue does this plan address? Is 3. anything missing?

1. Explain the role of transparency and accountability within a benefits realization plan. 2. In your...

1. Explain the role of transparency and accountability within a benefits realization plan. 2. In your own words, how do you distinguish between the neutral zone and the new beginning that Bridges discusses in your readings? 3. CMH shares a leadership value ladder which includes tips for how to lead through change. If you were to add a third step in the ladder of leadership behaviors needed through change, what would it be? Explain your response.

Discuss the Homeland Security role of federal agencies other than DHS.

Discuss the role of the government within the US financial markets. In particular, be sure to...

Discuss the role of the government within the US financial markets. In particular, be sure to address: 1) the justifications and motivations for government involvement. 2) the primary purposes/objectives for oversight and reform. 3) the major regulatory entities and their respective roles.

Discuss Cyber Security as it relates to the role of the US government. Discuss Cyber Security as it relates to the responsibilities of the individuals who are involved in creating the technology.

(a) – Discuss Cyber Security as it relates to the role of the US government. (b)– Discuss Cyber Security as it relates to the responsibilities of the individuals who are involved in creating the technology.

Your CFO has come to discuss the company's investment in inventory. He notes that within the...

Your CFO has come to discuss the company's investment in inventory. He notes that within the industry, the upper quartile of performers maintain a quick ratio of 1.19. You have the following data available to you: Current Assets $1,654,940 Current Liabilities $1,177,856 Inventory Investments $472,193 You have been tasked with ensuring that the firm changes its inventory investment levels to meet the quick ration, 1.19, noted above. If you need to acquire additional inventory, you may raise funds through notes...