Top 98 Security Operations Things You Should Know

What is involved in Security Operations

Find out what the related areas are that Security Operations connects with, associates with, correlates with or affects, and which require thought, deliberation, analysis, review and discussion. This unique checklist stands out in a sense that it is not per-se designed to give answers, but to engage the reader and lay out a Security Operations thinking-frame.

How far is your company on its Security Operations journey?

Take this short survey to gauge your organization’s progress toward Security Operations leadership. Learn your strongest and weakest areas, and what you can do now to create a strategy that delivers results.

To address the criteria in this checklist for your organization, extensive selected resources are provided for sources of further research and information.

Start the Checklist

Below you will find a quick checklist designed to help you think about which Security Operations related domains to cover and 98 essential critical questions to check off in that domain.

The following domains are covered:

Security Operations, Operations security, Communications security, Competitive intelligence, Computer security, Controlled Unclassified Information, Email encryption, For Official Use Only, Information security, Intelligence cycle security, Loose lips sink ships, National Security Agency, Open source intelligence, Private sector, Security Culture, Sensitive but unclassified, Signal security, Social engineering, Social media, Special Operations OPSEC Education Fund, Transmission security, U. S. Grant Sharp Jr., United States military, Vietnam War, Washington Post, Women’s Army Corps, World War II:

Security Operations Critical Criteria:

Scan Security Operations decisions and describe which business rules are needed as Security Operations interface.

– Is the Security Operations organization completing tasks effectively and efficiently?

– Will Security Operations deliverables need to be tested and, if so, by whom?

– Who needs to know about Security Operations ?

Operations security Critical Criteria:

Scan Operations security failures and catalog what business benefits will Operations security goals deliver if achieved.

– What is our formula for success in Security Operations ?

– Is Security Operations Required?

Communications security Critical Criteria:

Interpolate Communications security engagements and oversee implementation of Communications security.

– How would one define Security Operations leadership?

– Are there recognized Security Operations problems?

– What is Effective Security Operations?

Competitive intelligence Critical Criteria:

Discuss Competitive intelligence leadership and catalog what business benefits will Competitive intelligence goals deliver if achieved.

– Think about the functions involved in your Security Operations project. what processes flow from these functions?

– Risk factors: what are the characteristics of Security Operations that make it risky?

– What business benefits will Security Operations goals deliver if achieved?

Computer security Critical Criteria:

Reorganize Computer security issues and observe effective Computer security.

– Think about the people you identified for your Security Operations project and the project responsibilities you would assign to them. what kind of training do you think they would need to perform these responsibilities effectively?

– Does your company provide end-user training to all employees on Cybersecurity, either as part of general staff training or specifically on the topic of computer security and company policy?

– Will the selection of a particular product limit the future choices of other computer security or operational modifications and improvements?

– What is the total cost related to deploying Security Operations, including any consulting or professional services?

– Is there any existing Security Operations governance structure?

Controlled Unclassified Information Critical Criteria:

Gauge Controlled Unclassified Information visions and explore and align the progress in Controlled Unclassified Information.

– Do those selected for the Security Operations team have a good general understanding of what Security Operations is all about?

– Does Security Operations analysis isolate the fundamental causes of problems?

– What are the Key enablers to make this Security Operations move?

Email encryption Critical Criteria:

Shape Email encryption strategies and separate what are the business goals Email encryption is aiming to achieve.

– How do we make it meaningful in connecting Security Operations with what users do day-to-day?

– Are there Security Operations problems defined?

For Official Use Only Critical Criteria:

Disseminate For Official Use Only failures and change contexts.

– Who will be responsible for deciding whether Security Operations goes ahead or not after the initial investigations?

– Does Security Operations systematically track and analyze outcomes for accountability and quality improvement?

Information security Critical Criteria:

Cut a stake in Information security strategies and perfect Information security conflict management.

– Does mgmt communicate to the organization on the importance of meeting the information security objectives, conforming to the information security policy and the need for continual improvement?

– Has specific responsibility been assigned for the execution of business continuity and disaster recovery plans (either within or outside of the information security function)?

– Has the organization established an enterprise-wide business continuity/disaster recovery program that is consistent with requirements, policy, and applicable guidelines?

– Is there an information security policy to provide mgmt direction and support for information security in accordance with business requirements, relevant laws and regulations?

– If a survey was done with asking organizations; Is there a line between your information technology department and your information security department?

– Do we have an official information security architecture, based on our Risk Management analysis and information security strategy?

– Does your company have a current information security policy that has been approved by executive management?

– Is there an up-to-date information security awareness and training program in place for all system users?

– Have the roles and responsibilities for information security been clearly defined within the company?

– Have standards for information security across all entities been established or codified into law?

– What best describes the authorization process in information security?

– Does the Security Operations task fit the clients priorities?

– How to achieve a satisfied level of information security?

– Does your company have an information security officer?

– What is the goal of information security?

– What is information security?

Intelligence cycle security Critical Criteria:

Understand Intelligence cycle security quality and get answers.

– What may be the consequences for the performance of an organization if all stakeholders are not consulted regarding Security Operations?

– What role does communication play in the success or failure of a Security Operations project?

Loose lips sink ships Critical Criteria:

Accumulate Loose lips sink ships quality and summarize a clear Loose lips sink ships focus.

– Where do ideas that reach policy makers and planners as proposals for Security Operations strengthening and reform actually originate?

– Have you identified your Security Operations key performance indicators?

National Security Agency Critical Criteria:

Debate over National Security Agency issues and revise understanding of National Security Agency architectures.

– Is Security Operations Realistic, or are you setting yourself up for failure?

– What are the record-keeping requirements of Security Operations activities?

– Which individuals, teams or departments will be involved in Security Operations?

Open source intelligence Critical Criteria:

Have a session on Open source intelligence tactics and document what potential Open source intelligence megatrends could make our business model obsolete.

– What tools do you use once you have decided on a Security Operations strategy and more importantly how do you choose?

– Are assumptions made in Security Operations stated explicitly?

Private sector Critical Criteria:

Administer Private sector outcomes and finalize specific methods for Private sector acceptance.

– Do the Security Operations decisions we make today help people and the planet tomorrow?

– What sources do you use to gather information for a Security Operations study?

– How do we maintain Security Operationss Integrity?

Security Culture Critical Criteria:

Disseminate Security Culture engagements and diversify disclosure of information – dealing with confidential Security Culture information.

– How do you determine the key elements that affect Security Operations workforce satisfaction? how are these elements determined for different workforce groups and segments?

– When a Security Operations manager recognizes a problem, what options are available?

– What are the Essentials of Internal Security Operations Management?

Sensitive but unclassified Critical Criteria:

Study Sensitive but unclassified planning and devote time assessing Sensitive but unclassified and its risk.

– In the case of a Security Operations project, the criteria for the audit derive from implementation objectives. an audit of a Security Operations project involves assessing whether the recommendations outlined for implementation have been met. in other words, can we track that any Security Operations project is implemented as planned, and is it working?

– What are the business goals Security Operations is aiming to achieve?

– How to Secure Security Operations?

Signal security Critical Criteria:

Ventilate your thoughts about Signal security results and assess and formulate effective operational and Signal security strategies.

– Do we aggressively reward and promote the people who have the biggest impact on creating excellent Security Operations services/products?

– What other jobs or tasks affect the performance of the steps in the Security Operations process?

– How do we go about Securing Security Operations?

Social engineering Critical Criteria:

Unify Social engineering goals and research ways can we become the Social engineering company that would put us out of business.

– What are the key elements of your Security Operations performance improvement system, including your evaluation, organizational learning, and innovation processes?

– Will our employees allow someone to tailgate into our facilities or will they give out their credentials to an attacker via social engineering methods?

– Who sets the Security Operations standards?

Social media Critical Criteria:

Win new insights about Social media engagements and triple focus on important concepts of Social media relationship management.

– Does Security Operations include applications and information with regulatory compliance significance (or other contractual conditions that must be formally complied with) in a new or unique manner for which no approved security requirements, templates or design models exist?

– Marketing budgets are tighter, consumers are more skeptical, and social media has changed forever the way we talk about Security Operations. How do we gain traction?

– What methodology do you use for measuring the success of your social media programs for clients?

– Which of the following are reasons you use social media when it comes to Customer Service?

– Do you have written guidelines for your use of social media and its use by your employees?

– What is our approach to Risk Management in the specific area of social media?

– What is the best way to integrate social media into existing CRM strategies?

– How have you defined R.O.I. from a social media perspective in the past?

– Do you have any proprietary tools or products related to social media?

– What are the best practices for Risk Management in Social Media?

– Do you offer social media training services for clients?

– Is social media the solution to bad Customer Service?

Special Operations OPSEC Education Fund Critical Criteria:

Accelerate Special Operations OPSEC Education Fund decisions and pay attention to the small things.

– How important is Security Operations to the user organizations mission?

– Which Security Operations goals are the most important?

Transmission security Critical Criteria:

Tête-à-tête about Transmission security issues and probe Transmission security strategic alliances.

– Who is the main stakeholder, with ultimate responsibility for driving Security Operations forward?

– Is Security Operations dependent on the successful delivery of a current project?

U. S. Grant Sharp Jr. Critical Criteria:

Recall U. S. Grant Sharp Jr. goals and gather practices for scaling U. S. Grant Sharp Jr..

– Are there any easy-to-implement alternatives to Security Operations? Sometimes other solutions are available that do not require the cost implications of a full-blown project?

– How will you know that the Security Operations project has been successful?

– What will drive Security Operations change?

United States military Critical Criteria:

Paraphrase United States military quality and test out new things.

– Think about the kind of project structure that would be appropriate for your Security Operations project. should it be formal and complex, or can it be less formal and relatively simple?

– What are your most important goals for the strategic Security Operations objectives?

Vietnam War Critical Criteria:

Review Vietnam War engagements and attract Vietnam War skills.

– Have all basic functions of Security Operations been defined?

Washington Post Critical Criteria:

Nurse Washington Post planning and differentiate in coordinating Washington Post.

Women’s Army Corps Critical Criteria:

Wrangle Women’s Army Corps tasks and optimize Women’s Army Corps leadership as a key to advancement.

World War II Critical Criteria:

Generalize World War II goals and find out.

– What are your results for key measures or indicators of the accomplishment of your Security Operations strategy and action plans, including building and strengthening core competencies?

– Do Security Operations rules make a reasonable demand on a users capabilities?

Conclusion:

This quick readiness checklist is a selected resource to help you move forward. Learn more about how to achieve comprehensive insights with the Security Operations Self Assessment:

store.theartofservice.com/Security-Operations-Complete-Self-Assessment/

Author: Gerard Blokdijk

CEO at The Art of Service | theartofservice.com

gerard.blokdijk@theartofservice.com

www.linkedin.com/in/gerardblokdijk

Gerard is the CEO at The Art of Service. He has been providing information technology insights, talks, tools and products to organizations in a wide range of industries for over 25 years. Gerard is a widely recognized and respected information expert. Gerard founded The Art of Service consulting business in 2000. Gerard has authored numerous published books to date.

External links:

To address the criteria in this checklist, these selected resources are provided for sources of further research and information:

Security Operations External links:

Security Operations Jobs, Employment | Indeed.com
www.indeed.com/q-Security-Operations-jobs.html

Army COOL Summary – ASI H3 – Physical Security Operations
www.cool.army.mil/enlisted/h3.htm

Operations security External links:

OSPA – The Operations Security Professional’s Association
www.opsecprofessionals.org

111 – Operations Security (OPSEC) Flashcards | Quizlet
quizlet.com/8609856/111-operations-security-opsec-flash-cards

U.S. Department of Labor — OASAM: Operations Security …
www.dol.gov/oasam/emc/opsec.htm

Communications security External links:

Communications Security and Compliance | 8×8, Inc.
www.8×8.com/why-8×8/security-and-compliance

[PDF]Communications Security – Tobyhanna Army Depot
www.tobyhanna.army.mil/mission/c4isr_mission/Comsec.pdf

Competitive intelligence External links:

Competitive Intelligence for Legal, Consulting, & …
www.alm.com/intelligence

Proactive Worldwide – Competitive Intelligence …
www.proactiveworldwide.com

Cutting Edge Info – Competitive Intelligence …
www.cuttingedgeinfo.com

Computer security External links:

Webroot® Computer Security – 20-Time PC Mag Winner
Ad · www.webroot.com/computer/security

SP 800-61 Rev. 2, Computer Security Incident …
csrc.nist.gov/publications/detail/sp/800-61/rev-2/final

[PDF]Guide to Computer Security Log Management – NIST
nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-92.pdf

Controlled Unclassified Information External links:

Blog of the Controlled Unclassified Information …
isoo.blogs.archives.gov/page/2

Controlled Unclassified Information (CUI) | National Archives
www.archives.gov/cui

About Controlled Unclassified Information (CUI) | …
www.archives.gov/cui/about

Email encryption External links:

Email Encryption | Texas Health and Human Services
hhs.texas.gov/about-hhs/find-us/email-encryption

Email Encryption Service – CryptnSend
cryptnsend.com

Email Encryption Login
mailsafe.mascomabank.com

For Official Use Only External links:

[PDF]For official use only: Customer Name Customer No.
www.treasurydirect.gov/forms/sav1025.pdf

[PDF]FOR OFFICIAL USE ONLY – CNIC
cnic.navy.mil/content/dam/cnic/cnrj/pdfs/NSFDG CCR 2016.pdf

For Official Use Only (FOUO) is a document designation, not a classification. This designation is used by Department of Defense and a number of other federal agencies to identify information or material which, although unclassified, may not be appropriate for public release.
Reference: dap.dau.mil/aap/pages/qdetails.aspx?cgiSubjectAreaID=1&cgi…

Information security External links:

Information Security – Download the Free Infographic
Ad · go.oracle.com/Info-Security/Infographic

Managed Security Services | Information Security …
www.intelisecure.com

Information Security
security.harvard.edu

Loose lips sink ships External links:

Loose Lips Sink Ships – amazon.com
Ad · amazon.com/Loose Lips Sink Ships

National Security Agency External links:

National Security Agency – The New York Times
www.nytimes.com/topic/organization/national-security-agency

National Security Agency for Intelligence Careers
www.intelligencecareers.gov/nsa

Open source intelligence External links:

NOSI – Naval Open Source Intelligence™ | …
nosi.org

Open Source Intelligence Meetups – Meetup
www.meetup.com/topics/osint

Private sector External links:

Private Sector | FEMA.gov
www.fema.gov/private-sector

Federal Agency (Non-Private Sector Employers) …
www.osha.gov/Publications/fedposter.html

What is private sector? – Definition from WhatIs.com
whatis.techtarget.com/definition/private-sector

Security Culture External links:

Enterprise security culture: Why you need it, and how …
www.helpnetsecurity.com/2017/08/14/enterprise-security-culture

6 ways to develop a security culture in your organization
techbeacon.com/6-ways-develop-security-culture-top-bottom

[PDF]Report of the Homeland Security Culture Task Force
www.dhs.gov/xlibrary/assets/hsac_ctfreport_200701.pdf

Sensitive but unclassified External links:

SENSITIVE BUT UNCLASSIFIED (SBU) INFORMATION …
www.ocio.usda.gov/sites/default/files/docs/2012/DM3550-002.htm

[PDF]SENSITIVE BUT UNCLASSIFIED January 2016 …
oig.state.gov/system/files/esp-16-01.pdf

12 FAM 540 SENSITIVE BUT UNCLASSIFIED …
fam.state.gov/FAM/12FAM/12FAM0540.html

Signal security External links:

Signal Security – Home | Facebook
www.facebook.com/signalsecurity

Signal Security & Communications | MD | Get a Bid | …
www.buildzoom.com/contractor/signal-security-communications-md

Lake Signal Security Inc 4699 Middle Ridge Rd Perry, …
www.mapquest.com/us/ohio/lake-signal-security-inc-353949061

Social engineering External links:

Avoiding Social Engineering and Phishing Attacks
www.us-cert.gov/ncas/tips/ST04-014

What Is Social Engineering? What Are Different Types …
fossbytes.com/what-is-social-engineering-types-techniques

4.5 Social Engineering Flashcards | Quizlet
quizlet.com/27501254/45-social-engineering-flash-cards

Social media External links:

SOCi Social Media Marketing & Management Platform
www.meetsoci.com

Sprinklr – Social Media Management – Customer …
www.sprinklr.com

Social Media Engagement App | Post Planner
www.postplanner.com

Special Operations OPSEC Education Fund External links:

special operations opsec education fund – October …
octobergallery.com/tag/special-operations-opsec-education-fund

Transmission security External links:

Transmission security is the component of communications security that results from the application of measures designed to protect transmissions from interception and exploitation by means other than cryptanalysis.
Reference: www.definitions.net/definition/transmission%20security

[PDF]TRANSMISSION SECURITY POLICY AND PROCEDURE
dhhs.michigan.gov/OLMWEB/EX/AP/Public/APL/68E-380.pdf

Transmission Security (TRANSEC) – Techopedia.com
www.techopedia.com/definition/25857

U. S. Grant Sharp Jr. External links:

Admiral U. S. Grant Sharp Jr., USN (Ret.) (1906-2001) | …
www.usni.org/heritage/sharp

U. S. Grant Sharp Jr. – YouTube
www.youtube.com/watch?v=yMtnzRxg_50

U. S. Grant Sharp Jr. – Revolvy
www.revolvy.com/main/index.php?s=U. S. Grant Sharp Jr.

United States military External links:

FACT CHECK: Did the United States Military Ban …
www.snopes.com/army-green-card-enlistment

United States Military Academy Preparatory School – …
www.facebook.com/USMAPS

United States Military Entrance Processing Command …
www.facebook.com/USMEPCOM

Vietnam War External links:

Vietnam War – Facts, Battles, Pictures & Videos – Histor…
www.history.com/topics/vietnam-war

SparkNotes: The Vietnam War (1945–1975): Summary …
www.sparknotes.com/history/american/vietnamwar/summary.html

Vietnam War Casualties- Main Alphabetical Index
virtualwall.org/iAlpha.htm

Washington Post External links:

Sudoku – The Washington Post
www.uclick.com/client/wpc/wpdom

Live Q&A’s – The Washington Post
live.washingtonpost.com

The Washington Post: My Profile
subscribe.washingtonpost.com/profile

Women’s Army Corps External links:

The Women’s Army Corps
history.army.mil/brochures/WAC/WAC.HTM

Women’s Army Corps | United States Army | Britannica.com
www.britannica.com/topic/Womens-Army-Corps

What is the Women’s Army Corps? (with pictures)
www.wisegeek.com/what-is-the-womens-army-corps.htm

World War II External links:

By the Numbers: World War II’s atomic bombs – CNN
www.cnn.com/2013/08/06/world/asia/btn-atomic-bombs/index.html

World War II Records | National Archives
www.archives.gov/research/military/ww2

World War II Valor in the Pacific National Monument …
www.nps.gov/valr