Cybersecurity Operations Management

Dedicated time for ongoing cybersecurity program upkeep and support for new initiatives.

Cybersecurity programs need continuous management just like any other aspect of business. Our Cybersecurity Operations Management (COM) service has been built to provide your business with the ability to keep your cybersecurity program up to date. We also ensure that your business can prepare for new requirements and respond to changes in trends as they emerge.

Assumptions

We start with the assumption that your businesses has gone through an assessment process and has implemented the appropriate processes and practices to support the current needs of the organization. If not, we recommend working through engagements such as assessments and cybersecurity program development.

Methodology

First, we document the state of your cybersecurity program (requirements, people, processes, technology, assets, others) and establish goals based on business need. This information helps to determine an initial recommended frequency for the COM activities. This interval may be weekly dedicated time, twice monthly, or once a month depending on goals, and can be revised periodically as necessary. Typically, more time is spent up front to establish a baseline, and then the frequency changes as the program is further optimized.

Services

Within the dedicated blocks of time, we aim to manage certain operational aspects that require ongoing care:

  • Risk Management – We work to continually assess risk to your organization through vulnerability scanning and prioritization of remediation efforts. Also, we create and continuously update risk assessment documentation to prioritize cybersecurity program efforts. Further, we build and update risk mitigation plans to address these risks.
  • Security Assessment – Businesses require system security plans to be able to communicate the state of their cybersecurity program. Within the COM service, we continuously revise your SSP as your cybersecurity program changes. Your plan of actions and milestones (POAM) describes the organization’s future state with regard to cybersecurity, and updates to this document are also performed. We also assist in ensuring the collection of tools that deliver protections for your environment have been configured correctly to gather the proper logging, ensure alerting has been appropriately configured, and establish a method to monitor the effectiveness.
  • Situational Awareness – At Bound Planet, we subscribe to notices and advisories related to technology systems that many businesses use on a daily basis. Nearly every day, advisories are released detailing remediation actions such as patching, configuration changes, or other mitigation strategies. The longer a system remains vulnerable, the greater the chances of exploit. We keep you notified of these advisories and how they relate to your systems. Finally, we assist your MSP or IT team in planning and scheduling remediation.