Cybersecurity Planning and Management
The intent of the Cybersecurity Planning and Management Knowledge Unit is to provide students with the ability to develop plans and processes for a holistic approach to cybersecurity for an organization.
Topics
- Develop processes and procedures for incident response
- Differentiate and provided examples of Operational, Tactical, and Strategic Planning and Management
- Managing the implementation of access controls
- Planning for protection of intellectual property
- Broad coverage of the cybersecurity Common Body of Knowledge (CBK) and how it affects planning and management.
- Identify requirements and create plans for Business Continuity / Disaster Recovery
- Develop contingency plans for various size organizations to include: business continuity, disaster recovery and incident response.
- Develop system specific plans for: a. The protection of intellectual property b. The implementation of access controls c. Patch and change management
- Outline and explain the roles of personnel in planning and managing security, including: a. Board of Directors b. Senior Management c. Chief Information Security Officer (CISO) d. IT Management (CIO, IT Director, etc) e. Functional Area Management f. Information Security personnel g. End users
- Making cybersecurity a strategic essential (part of core organizational strategy)
- Broad coverage of the cybersecurity Common Body of Knowledge (CBK) and how it affects planning and management
- Examine C-Level Functions which impact cybersecurity
- Managing patch and change control
- Examine C-Level Functions which impact cybersecurity.
- Differentiate and provided examples of Operational, Tactical, and Strategic Planning and Management.
Outcomes
- Examine the placement of security functions in a system and describe the strengths and weaknesses
- Develop contingency plans for various size organizations to include: business continuity, disaster recovery and incident response.
- Develop system specific plans for:
- Outline and explain the roles of personnel in planning and managing security, including:
- Identify requirements and create plans for Business Continuity / Disaster Recovery
- Develop system specific plans for: a. The protection of intellectual property b. The implementation of access controls c. Patch and change management
- The protection of intellectual property
- Develop contingency plans for various size organizations to include business continuity, disaster recover, and incident response
- b. The implementation of access controls
- Examine the placement of security functions in a system and describe the strengths and weaknesses.
- Develop system specific plans
- The implementation of access controls
- Patch and change management
- Outline and explain the roles of personnel in planning and managing security
- Outline and explain the roles of personnel in planning and managing security, including: a. Board of Directors b. Senior Management c. Chief Information Security Officer (CISO) d. IT Management (CIO, IT Director, etc) e. Functional Area Management f. Information Security personnel g. End users
- Functional Area Management
- Non-Technical Core - Cybersecurity Planning and Management (CPM)
- Board of Directors
- Senior Management
- Chief Information Security Officer (CISO)
- IT Management (CIO, IT Director, etc)
- Information Security personnel
- End users
KSA-T
Below are the Knowledge, Skills, Abilities and Tasks (KSA-T) identified as being required to perform this work role.
Learn More about the KAS-T's.
ID | DESCRIPTION |
---|---|
K0041 | Knowledge of incident categories, incident responses, and timelines for responses. |
K0042 | Knowledge of incident response and handling methodologies. |
K0230 | Knowledge of cloud service models and how those models can limit incident response. |
K0276 | Knowledge of security management. |
K0150 | Knowledge of enterprise incident response program, roles, and responsibilities. |
K0164 | Knowledge of functionality, quality, and security requirements and how these will apply to specific items of supply (i.e., elements and processes). |
K0400 | Knowledge of crisis action planning for cyber operations. |
K0006 | Knowledge of specific operational impacts of cybersecurity lapses. |
K0316 | Knowledge of business or military operation plans, concept operation plans, orders, policies, and standing rules of engagement. |
K0033 | Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists). |
K0007 | Knowledge of authentication, authorization, and access control methods. |
K0025 | Knowledge of digital rights management. |
K0512 | Knowledge of organizational planning concepts. |
K0094 | Knowledge of the capabilities and functionality associated with content creation technologies (e.g., wikis, social networking, content management systems, blogs). |
K0399 | Knowledge of crisis action planning and time sensitive planning procedures. |
K0519 | Knowledge of planning timelines adaptive, crisis action, and time-sensitive planning. |
K0146 | Knowledge of the organization's core business/mission processes. |
K0044 | Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). |
K0350 | Knowledge of accepted organization planning systems. |
K0566 | Knowledge of the critical information requirements and how they're used in planning. |
K0074 | Knowledge of key concepts in security management (e.g., Release Management, Patch Management). |
K0498 | Knowledge of operational planning processes. |
K0347 | Knowledge and understanding of operational design. |
ID | DESCRIPTION |
---|---|
S0365 | Skill to design incident response for cloud service models. |
S0054 | Skill in using incident handling methodologies. |
S0186 | Skill in applying crisis planning procedures. |
S0007 | Skill in applying host/network access controls (e.g., access control list). |
S0049 | Skill in the measuring and reporting of intellectual capital. |
S0055 | Skill in using knowledge management technologies. |
S0099 | WITHDRAWN: Skill in determining how a security system should work and how changes in conditions, operations, or the environment will affect these outcomes. (See S0027) |
S0367 | Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). |
S0367 | Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). |
ID | DESCRIPTION |
---|---|
A0121 | Ability to design incident response for cloud service models. |
A0034 | Ability to develop, update, and/or maintain standard operating procedures (SOPs). |
A0002 | Ability to match the appropriate knowledge repository technology for a given application or environment. |
A0125 | Ability to author a privacy disclosure statement based on current laws. |
A0123 | Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). |
ID | DESCRIPTION |
---|