Security Operations Presentation

Scenario: As the CISO, you have overseen the security operations center (SOC) implementation and your team has successfully handled a variety of security incidents. The buzz around the company is that the new SOC is friendly and quick to solve incoming requests. However, the NOC implementation has slowed because of project delays and concerns about budget overrun. 

One afternoon the chief financial officer (CFO) turned on her computer and opened an email from someone she knew. After she clicked a suspicious web link, the computer screen suddenly went dark then green text began to fill up the screen saying the computer files had been encrypted. The CFO called the help desk, and the SOC responded immediately. 

You later learned that your CFO was attacked by a new ransomware attack named Petya. The next morning the CFO called you into her office to explain that the board of directors has called an emergency meeting for next week to discuss the impact of the cyberattack and to learn more about how the NOC and SOC are designed to protect the company and its customers from security incidents like ransomware. She has asked you to prepare for a meeting with the board.

Part 1

Develop a 14- to 16-slide Microsoft owerPoint0resentation in which you:

Illustrate the information security portfolio hierarchy and the SOC functions that support the companyàoverall security program. The illustration should include at least three SOC functions.

Describe how security operations processes, policies, and procedures are integrated into SOC functions.

Explain how you will assess the security effectiveness of the SOC.

Describe how your approach could mitigate incidents like the Petya attack.

Illustrate the conflicting roles of security operations personnel in reporting audit findings, and offer a logical prediction of how the SOC plans to address these concerns given your current perspective.

All of the information required for this assignment MUST be on the main slides. Speaker notes will not be graded.

Part 2

Write a 2- to 3-page handout using Microsoft ord&or the meeting with the board of directors in which you:

Outline computer security incident response.

Explain the purpose of a security operations center and its staffing.

Describe at least three differences between security operations processes, policies, and procedures.

Select one approach to assessing the effectiveness of a security operations center.

Explain the possibility of conflicting roles of security operations personnel in reporting audit findings to raise awareness to senior management.