With all of the hype, both good and bad, surrounding cybersecurity, it is important for businesses and organizations to continually review the positions that typically fill out the cybersecurity department. It’s important for any organization to be well-stocked with information security managers.
A distinction in terms is probably helpful here, as most information security managers are not typically managers in the traditional sense of supervising and directing the work of others. Rather, they use information security tools and techniques to carry out various cybersecurity functions. What they “manage” is their employer’s level of cybersecurity readiness and response.
What do information security managers do?
Information security managers play a key role in avoiding disasters by identifying any weak points that might make information systems vulnerable. They use various tools in the cybersecurity realm to detect threats before they turn into problems. They assess an organization’s security measures such as anti-virus software, passwords, and firewalls.
This is often times referred to collectively as an organization’s security “posture.” To identify any areas that might make information systems vulnerable to attack, an information security manager constantly scans the company’s computer perimeter. They also analyze reports generated by the monitoring system to identify anything that may indicate a future risk.
Such potential risks are managed in cooperation with a penetration testing firm, which gather information and carries out a so-called “white box” simulated attack. The information security manager can then analyze the results achieved to find out where to shore up protection and defense.
Information security managers also manage backup and security systems, such as camera or surveillance systems. They look after the recovery of data in disaster situations and oversee security violation investigations. They pull data from the logs that human resources might need to take a look at.
Information security managers also provide training for employees, explaining security risks as well as the need for using strong passwords and protecting data when using mobile devices outside the office. Based on seniority and job function, employees and managers are typically given different levels of access to company data. The fact that there are levels of data and the determining of “who” has “what” access can usually be traced back to an information security manager.
Job function and daily operations
Some of the detailed job duties include the following:
Monitor all operations and infrastructure. This could be something you do by yourself, or you could be leading a team. Monitoring your company’s footprint, including video and data logs.
Maintain all security tools and technology.
Monitor internal and external policy compliance. If you happen to be with a company that has to keep up with NIST or GDPR … well, you have my condolences.
Work with different departments in the organization to reduce risk and increase defensive posture.
Implement new technology. If your organization is looking at a new technology, then you must evaluate it and help implement any controls that might mitigate the risk of its operation and your company.
Audit policies and controls continuously. Cybersecurity is a circular process, and as a manager, you must drive that process forward. You must always seek to better the companies processes and procedures.
Craft and maintain the security incident response program. Every organization should have a well-defined and documented plan of action to put into place if a security incident does occur. If it is not written down, then it doesn’t exist.
Of course, the reason why there is continued interest in the areas of information security and continued interest in the position of information security manager is that the onslaught of bad actors is relentless. Malefactors of one strip or another will never stop trying to break through whatever defenses have been put in place to stop them.
One of the areas of rapid change and specialization for information security managers to be keenly aware of is artificial intelligence (AI). AI is increasingly important for building, maintaining, and strengthening your security posture. The capacity of AI to analyze massive quantities of data at lightning speed means security threats can be detected in real time, or even predicted based on risk modeling.
I have often thought that because computers are getting smarter that people think they (people) can get dumber. This is not the case. Information security managers must increase their knowledge and understand how to use the new tools that AI brings with it.
These tools and the knowledge of how to use them allow the right person to handle more and more data and security logs and really monitor risk, in real time. More analysis means less threats and a safer network. AI, Machine learning and big data continue to be on the spearpoint of growth in all areas of technology, including security management.
Education and certification
For background, I highly recommend a four-year degree. You can usually do them in math or computer science, but currently there are a lot of schools that offer bachelor’s or master’s degrees in cybersecurity. Obtaining one of these will put you on the right road to obtaining a respected position.
You must also be a critical thinker and, without a doubt, have the soft skills that employers are seeking. Even though you will be examining logs and doing a lot of back-room analysis, you will need to interact with a lot of different groups. Don’t forego the soft skills … they are crucial.
When it comes to certifications, I still think this level of employee would benefit from the CISSP — offered by (ISC)² — and ISACA’s CRISC. These two certifications are still two of the best out there. To top off your certifications, you may want to think about getting a CEH (certified ethical hacker) certification from EC-Council.
This blend will demonstrate to potential employers that you understand both the theory and the real-world application of information security. It will show them you can fend off attacks because you know how to go about initiating one yourself.
If you choose to go into this line of work, then you can rest assured that there will always be growth in your future. You can always count on the fact that there will be good people doing bad things, and bad people doing worse things. You, however, will have a bright and optimistic future starting out as an information security manager. I wish you a long and happy path.