Discover Information Protection Needs (Discover Needs)
Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Time
5 hours 58 minutes
Difficulty
Intermediate
CEU/CPE
6
Video Transcription
00:00
>> Welcome back to cyberspace is of course,
00:00
I'm your instructor, Brent Roads.
00:00
Let's jump into the first part of
00:00
the ISSE process and that is
00:00
discovered information protection needs.
00:00
In this lesson, it's going to
00:00
follow a general format for all
00:00
of the different areas that we're going to
00:00
explore here in the ISSE process.
00:00
We're going to talk about tasks,
00:00
we're going to talk about source documents,
00:00
if that's part of what we're doing,
00:00
and we're going to have
00:00
some outputs we're going to review.
00:00
Before we get started here,
00:00
ISSE tasks come from the IATF,
00:00
the information assurance technical
00:00
framework 3.1, little old,
00:00
written in 2002 by the National Security Agency,
00:00
but it is still the best thing going out there when in
00:00
terms of what an ISSE is supposed to do.
00:00
As we noted previously when we started the ISSE course,
00:00
a lot of the ISSE course and a lot of what
00:00
the ISSE concentration is
00:00
focused on is government organizations,
00:00
in particular, Department of Defense
00:00
in the US government.
00:00
Keep that in mind, that frame there,
00:00
and that's why we're talking about this here,
00:00
but this is from a flow perspective.
00:00
These are things that you should know.
00:00
The first thing we do in ISSE tasks
00:00
here for discovery information protection needs,
00:00
so we've got to understand the mission
00:00
of business, that's pretty straightforward.
00:00
If you don't start with
00:00
understanding where are you working at,
00:00
and what you're doing, you're
00:00
not going to be able to do the next step,
00:00
which is help the customer determine what they
00:00
need to do from an
00:00
information [LAUGHTER] management perspective.
00:00
If you design something or you have a conversation with
00:00
a mission or business owner
00:00
and you're not able to support their stuff,
00:00
they're going to stop listening to you,
00:00
so you got to know that.
00:00
You need to work for
00:00
customer concurrence when you
00:00
develop that information management model.
00:00
Don't do it in a vacuum, involve them,
00:00
do the whiteboard session
00:00
with him, that's incredibly important.
00:00
Then of course you're going to want to
00:00
document those results.
00:00
Source documentation is when we're discovering
00:00
information protection needs
00:00
include operational doctrine.
00:00
Again, that ties back to the construct
00:00
of being a DOD type thing.
00:00
We have books in the DOD that are
00:00
written down for doctrine that says,
00:00
hey, this is how we do this mission,
00:00
and this vision, and this mission, super helpful.
00:00
If it's a standard business,
00:00
they're probably going to have a mission needs
00:00
statement or business needs statement.
00:00
The next thing could be a CONOPS.
00:00
If an organization that you're
00:00
working for has a concept of operations
00:00
that is a great place to understand what their needs are.
00:00
Then of course, many organizations
00:00
today have online documentation that
00:00
provides a wealth of
00:00
information when you're getting started
00:00
in discovering information protection needs.
00:00
What are the outputs here? Well, the primary output
00:00
of what an AC does
00:00
here is the information protection policy.
00:00
Those things come from the protection needs elicitation,
00:00
so elicitation is that conversation with
00:00
the customer looking at harmed information metrics.
00:00
Based on the classification,
00:00
not top-secret, secret that are unclassified,
00:00
but is it privacy information,
00:00
is it proprietary information,
00:00
whatever it is, that harmful information metrics,
00:00
what's the worst thing that can happen?
00:00
You're going to need that as an input to
00:00
the information protection policy
00:00
and then potentially harmful events.
00:00
Those could be things in virtual space,
00:00
or those could be things in the physical space,
00:00
so you need to know those potentially harmful events,
00:00
threats, and vulnerabilities we've talked
00:00
about in a previous lesson.
00:00
When we discover information protection needs,
00:00
what is the ISSE do?
00:00
They're going through an understanding
00:00
the mission needs and
00:00
business needs of the organization,
00:00
and they're looking to capture
00:00
as much potential information
00:00
about the threats and everything like
00:00
that to get it into
00:00
the information protection policy or the IPP.
00:00
If you remember anything from this,
00:00
out of discovering information protection needs,
00:00
the ISSE is going to create an IPP.
00:00
In this lesson, we looked at
00:00
ISSE tasks related to
00:00
discovering information protection needs.
00:00
We've talked about source documents
00:00
that are incredibly valuable to use,
00:00
and we talked about
00:00
the output of this particular process area,
00:00
and that is the information protection policy.
00:00
We'll see you next time.
Up Next
Similar Content
