What Does a Chief Security Officer Do?
Chief Security Officer (CSO). CSO can also be called CISO (abbreviation for Chief Information Security Officer) or ISO (abbreviation for Information Security Officer). Unique to the CIO (Chief Information Officer, acronym for Chief Information Officer).
Chief Security Officer
- The Chief Security Officer (CSO) is responsible for the security operations of the entire organization, including both physical security and digital information security. The CSO is responsible for monitoring and coordinating security work within the company, including information technology, human resources, communications, compliance,
- Because various factors motivate various security issues to be lumped together, they need to be protected by a single organization, and the role of CSO has emerged in the industry. Factors include the following:
- At the tactical level, technical elements are being injected into physical security tools, and these tools are constantly being
- Security policies usually need to be changed according to the different needs of the enterprise. Although different enterprises need different security policies, the security policy usually includes the following functions:
- 1. Monitor security agencies and service providers. Service providers are responsible for protecting corporate assets, intellectual property, and computer system security.
- 2. Determine the protection goals and protection systems in line with the company's strategic plan.
- 3. Develop and implement regional and global security policies, security standards, guidelines, and implementation procedures to ensure continued resolution of security issues. Information protection responsibilities include: network security structure, network access and policy monitoring, and employee training.
- 4. Comprehensively monitor the incident response plan like investigating the security gap, and help the security gap department to improve if necessary
- 1. Think that security issues are just technical issues
- 2. Try to compare macro issues with micro issues
- 3. Guess users are interested in security issues
- 4. Guess users know a lot about security issues
- Judging from the above CSO's role statement, he plays a pivotal role in the enterprise.
- Management skills. The CSO needs to design a security mechanism, formulate security rules, and communicate with the company's management. Why is such a security solution needed? His management ability should allow him to do what he decides.
- Security mechanisms include issues such as firewalls, IDS, and how IPS is deployed. In response to network vulnerabilities and hacking methods, CSOs should formulate security rules so that the heads of various departments of the company understand what needs to be done, and regularly check to evaluate the security of each department.
- For example, the online transaction business of a bank, the price and news information of this business comes from other companies. To get such information in time, the bank needs to connect to many different third-party companies. At the same time, the bank should also open the trading platform to the outside world so that users can log in, view prices, and buy and sell stocks. This kind of business is very complicated, involving important external, third-party, and internal materials, and there are many security issues to consider.
- To get news from a third party, you can only let the other party send in the news. There can be no internal information of the bank for the third party to obtain. The control is unilateral and there must be no errors in the middle. If hackers are mixed in and a fake news is posted, the market will be severely affected. To ensure that the third party's information has not been altered and that the transmission of the third party has not been interrupted, not just a technical issue. It is often unsafe to consider security purely from a technical standpoint.
- Externally, it involves how to control users, which requires some rules. For example, if a user types the password incorrectly three times, he / she cannot log in, and needs to pass other types of authentication to log in again. These rules are not only external but also internal. When users come in, do they need to have IPS and firewalls to prevent hackers, and whether the network server needs to be backed up, etc., all need to be considered.
- For the database of the bank, the management personnel cannot see the user's personal information, he can only manage the database. Is it necessary to add some security mechanism between the database and the web server, and how to do authentication to ensure the security of user data, etc. It is actually difficult to formulate these rules.
- CSOs also need to understand technology. Of course, the technical requirements are not very strong, but the CSO must know what the current new vulnerabilities and new attacks are, how they can be protected, and how to achieve the security requirements.
- For example, if an enterprise wants to purchase a firewall, the CSO must not only know why the firewall is installed, but also how to install it, how to centralize the network server and mail server in one area and separate it from the internal area to ensure that the company's internal area is protected.
- Now that IPS is popular, CSOs need to know how to use IPS, where they are placed, and which networks are very important. Hackers cannot enter. These are technically necessary to know.
- A CSO must have comprehensive knowledge, understand the company's operations, and have legal knowledge.
- For example, the bank's CSO has different security requirements for each department of the bank. CSO must have good knowledge to understand. Knowledge is not just about technology. He has to understand how specific departments work and use his technical capabilities to ensure the safety of various departments. The CSO also needs legal knowledge, and the laws involved in each department of the bank are different, so he also needs such knowledge.