Cyber And Data Breach Incident Management
Detect and report cyber and data-related incidents, identify affected systems and user groups, trigger alerts and announcements to relevant stakeholders and efficient resolution of the situation.
Level 1 (Follow)
Level 2 (Assist)
Level 3 (Apply)
- Develop incident management procedures and synthesise incident-related analyses to distil key insights, resolve incidents and establish mitigating and preventive solutions.
- Apply and maintain specific security controls as required by organisational policy and local risk assessments.
- Communicate security risks and issues to business managers and others.
- Perform basic risk assessments for small information systems.
- Contribute to the identification of risks that arise from potential technical solution architectures.
- Suggest alternate solutions or countermeasures to mitigate risks.
- Define secure systems configurations in compliance with intended architectures.
- Support investigation of suspected attacks and security breaches.
Level 4 (Ensure)
- Provide guidance on the application and operation of elementary physical, procedural and technical security controls.
- Explain the purpose of security controls and perform security risk and business impact analysis for medium complexity information systems.
- Identify risks that arise from potential technical solution architectures.
- Design alternate solutions or countermeasures and ensure identified risks are mitigated.
- Investigate suspected attacks and support security incident management.
- Formulate incident response strategies and direct teams in the remediation, resolution, communication and post-mortem of large- scale, unpredictable cyber and data incidents.
- Develop and communicate corporate information security policy, standards and guidelines.
- Ensure architectural principles are applied during design to reduce risk.
- Drive adoption and adherence to policy, standards and guidelines.
- Provide advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards.
- Contribute to development of information security policy, standards and guidelines.
- Obtain and act on vulnerability information and conduct security risk assessments, business impact analysis and accreditation on complex information systems.
- Investigate major breaches of security, and recommend appropriate control improvements.
- Develop new architectures that mitigate the risks posed by new technologies and business practices.
Level 5 (Strategise)
- Direct the development, implementation, delivery and support of an enterprise information security strategy aligned with the business strategy.
- Ensure compliance between business strategies and information security.
- Lead the provision of information security expertise, guidance and systems needed to execute strategic and operational plans.
- Secure organisational resources to execute the information security strategy.
- Contribute to the development of organisational strategies that address information control requirements.
- Identify and monitor environmental and market trends and proactively assess impact on business strategies, benefits and risks.
- Lead the provision of authoritative advice and guidance on the requirements for security controls in collaboration with subject matter experts.
- Drive cross-collaboration efforts to co-develop strategies to manage cyber and data incidents on an industry, national or international scale.