•    Employment
  •    Academia
  •    Research
    • NICE Framework
    • CAE Program

Cybersecurity Planning and Management

The intent of the Cybersecurity Planning and Management Knowledge Unit is to provide students with the ability to develop plans and processes for a holistic approach to cybersecurity for an organization.

Topics

  1. Develop processes and procedures for incident response
  2. Differentiate and provided examples of Operational, Tactical, and Strategic Planning and Management
  3. Managing the implementation of access controls
  4. Planning for protection of intellectual property
  5. Broad coverage of the cybersecurity Common Body of Knowledge (CBK) and how it affects planning and management.
  6. Identify requirements and create plans for Business Continuity / Disaster Recovery
  7. Develop contingency plans for various size organizations to include: business continuity, disaster recovery and incident response.
  8. Develop system specific plans for: a. The protection of intellectual property b. The implementation of access controls c. Patch and change management
  9. Outline and explain the roles of personnel in planning and managing security, including: a. Board of Directors b. Senior Management c. Chief Information Security Officer (CISO) d. IT Management (CIO, IT Director, etc) e. Functional Area Management f. Information Security personnel g. End users
  10. Making cybersecurity a strategic essential (part of core organizational strategy)
  11. Broad coverage of the cybersecurity Common Body of Knowledge (CBK) and how it affects planning and management
  12. Examine C-Level Functions which impact cybersecurity
  13. Managing patch and change control
  14. Examine C-Level Functions which impact cybersecurity.
  15. Differentiate and provided examples of Operational, Tactical, and Strategic Planning and Management.

Outcomes

  1. Examine the placement of security functions in a system and describe the strengths and weaknesses
  2. Develop contingency plans for various size organizations to include: business continuity, disaster recovery and incident response.
  3. Develop system specific plans for:
  4. Outline and explain the roles of personnel in planning and managing security, including:
  5. Identify requirements and create plans for Business Continuity / Disaster Recovery
  6. Develop system specific plans for: a. The protection of intellectual property b. The implementation of access controls c. Patch and change management
  7. The protection of intellectual property
  8. Develop contingency plans for various size organizations to include business continuity, disaster recover, and incident response
  9. b. The implementation of access controls
  10. Examine the placement of security functions in a system and describe the strengths and weaknesses.
  11. Develop system specific plans
  12. The implementation of access controls
  13. Patch and change management
  14. Outline and explain the roles of personnel in planning and managing security
  15. Outline and explain the roles of personnel in planning and managing security, including: a. Board of Directors b. Senior Management c. Chief Information Security Officer (CISO) d. IT Management (CIO, IT Director, etc) e. Functional Area Management f. Information Security personnel g. End users
  16. Functional Area Management
  17. Non-Technical Core - Cybersecurity Planning and Management (CPM)
  18. Board of Directors
  19. Senior Management
  20. Chief Information Security Officer (CISO)
  21. IT Management (CIO, IT Director, etc)
  22. Information Security personnel
  23. End users

KSA-T

Below are the Knowledge, Skills, Abilities and Tasks (KSA-T) identified as being required to perform this work role.
Learn More about the KAS-T's.

  • Knowledge
  • Skills
  • Abilities
  • Tasks
ID DESCRIPTION
K0041 Knowledge of incident categories, incident responses, and timelines for responses.
K0042 Knowledge of incident response and handling methodologies.
K0150 Knowledge of enterprise incident response program, roles, and responsibilities.
K0164 Knowledge of functionality, quality, and security requirements and how these will apply to specific items of supply (i.e., elements and processes).
K0230 Knowledge of cloud service models and how those models can limit incident response.
K0276 Knowledge of security management.
K0400 Knowledge of crisis action planning for cyber operations.
K0316 Knowledge of business or military operation plans, concept operation plans, orders, policies, and standing rules of engagement.
K0006 Knowledge of specific operational impacts of cybersecurity lapses.
K0007 Knowledge of authentication, authorization, and access control methods.
K0033 Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists).
K0025 Knowledge of digital rights management.
K0512 Knowledge of organizational planning concepts.
K0519 Knowledge of planning timelines adaptive, crisis action, and time-sensitive planning.
K0094 Knowledge of the capabilities and functionality associated with content creation technologies (e.g., wikis, social networking, content management systems, blogs).
K0399 Knowledge of crisis action planning and time sensitive planning procedures.
K0146 Knowledge of the organization's core business/mission processes.
K0566 Knowledge of the critical information requirements and how they're used in planning.
K0350 Knowledge of accepted organization planning systems.
K0044 Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
K0074 Knowledge of key concepts in security management (e.g., Release Management, Patch Management).
K0498 Knowledge of operational planning processes.
K0347 Knowledge and understanding of operational design.
ID DESCRIPTION
S0054 Skill in using incident handling methodologies.
S0186 Skill in applying crisis planning procedures.
S0365  Skill to design incident response for cloud service models. 
S0007 Skill in applying host/network access controls (e.g., access control list).
S0049 Skill in the measuring and reporting of intellectual capital.
S0055 Skill in using knowledge management technologies.
S0099 WITHDRAWN: Skill in determining how a security system should work and how changes in conditions, operations, or the environment will affect these outcomes. (See S0027)
S0367 Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
S0367  Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). 
ID DESCRIPTION
A0121  Ability to design incident response for cloud service models. 
A0034 Ability to develop, update, and/or maintain standard operating procedures (SOPs).
A0125 Ability to author a privacy disclosure statement based on current laws.
A0002 Ability to match the appropriate knowledge repository technology for a given application or environment.
A0123  Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). 
ID DESCRIPTION