1 Reply Latest reply on Feb 9, 2015 7:28 PM by Pete Chargin

    Final Mission Statement

      Share This:

      Let me know if people have any final thoughts/comments

       

      1. 1.       General

      The SecOps Advisory Council (SOAC) consist of practitioners and executives that are industry experts in Automation and information Security practices. Organization members include representatives from corporations and professional organizations, government agencies and other international organizations with varied interests in best practices across security and operations.

       

      1. 2. Practices

      The main purpose of the group is to help its member organizations increase their security while maintaining operational efficiency.  We believe that improving the understanding of the differing objectives and challenges in the security (InfoSec) and IT operations teams will lead to improved processes and business outcomes from both groups’ perspectives.  

       

      Specifically, our goal is to streamline the interactions between the security and operations teams through improved collaboration and understanding.  By highlighting processes improvement opportunities and technical integration points, we hope to reduce the time and resources required to identify, analyze, respond to, and remediate vulnerabilities. We will create and share best practices  - for people, processes and technology -  to help all organizations improve their results. 

       

        • 1. Re: Final Mission Statement

          A few comments.

          1. Overall, it looks good. The main purpose of the group is perfect. 
          2. I would reword the second and third paragraph as follows:

          The main purpose of the group is to help its member organizations increase their security while maintaining operational efficiency.  We believe that one of the main impediments to operationally efficient security is the fact that the security (InfoSec) and IT operations teams have different primary objectives.  Operations is primarily responsible for maintaining system availability and performance.  InfoSec is primarily responsible for identifying potential security vulnerabilities.  Improving the understanding of the differing objectives and challenges in the security (InfoSec) and IT operations teams will lead to improved processes and business outcomes from both groups’ perspectives. 


          Therefore, we strive to streamline the interactions between the security and operations teams through improved collaboration and understanding.  By highlighting processes improvement opportunities and technical integration points, we hope to reduce the time and resources required to identify, analyze, respond to, and remediate vulnerabilities.


          We will create and share best practices  - for people, processes and technology -  to help all organizations improve their results.

           

          3. I thought that the name of the group was the SecOps Council