Security Concept of Operations
- System Security Plan
- System Maintenance Plan
- Contingency/Incident Response
- Software Development Plan (for in-house development shops)
Plan Development: Step-by-Step
- Discovery: Companies with audited processes (e.g. ISO, CMMI, etc. can leverage this investment.)
- Planning: Grow cyber security capabilities along with the company’s organic growth.
- Tooling: Establish baseline tools, then grow as needed along with the adoption of the plan’s fiscal year goals.
The heart of a successful cyber security plan is the Security Concept of Operations.
Our first order of business is understanding yours. In the discovery phase our goal is to articulate a Security Concept of Operations. This is a window into your day-to-day operations – but is focused on where cyber security comes into play.
If your company has already been audited on defined processes (e.g. ISO, CMMI, etc.), we leverage this investment to move you through the Discovery phase much more quickly – the bulk of the work has already been done.
The Security Concept of Operations then presents an “As-Is” view of your security posture. This will become the foundation of the System Security Plan – the road map to getting to the “To-Be” posture.
(Click on the upper right menu to learn about the Executive and Technical Perspectives.)