Jumat, 10 Maret 2017

Information Security Look Like Football

Information security inside an organization look like a football game. Each person has different role and responsibility but having a common goal. The goal is to securing data and information of organization from technical level to strategic level.

We can map the roles exists in football to each member of IT security team, such as:

- The goal keeper and defender, they are the sysadmin and infrastructure network team. Protecting the assets at all cost. Their solid defense is contributed not only by their skills and knowledge, but also from the support of tools like firewall, SIEM, etc.

- The midfielder, or the one who balance the team. Their position is vital to maintain the game-play. They can be in backward position and in forward position in another time. They go by the name Information Security Officer, Division of Risk Management Internal, and Division of Compliance.

- The strikers, or the man who play the offensive parts. They are Information Security Consultant and Pentester. Their sole purpose is to penetrate the foe and scored a goal.

- The coach is the Top management. They oversee the game and take all responsibility of all result. Giving morale, guide the team, and decide what tactic should be used in the game.

- The tactic is like a information-security framework. The framework manage the position and task for each person in the team. It is also used to deciding the process when the game is on, either going defensive, offensive, or fortify the middle position to maintain the balance. Every tactic has advantage and disadvantage.

- Last but not least, the supporter. They are the stakeholder who has interests and concerns to the organization. They will support the team to be successful in running the business process inside the organization.

Thanks to:


0 komentar: