Tuesday, January 27, 2015

[Free Book] Ten Strategies of a World-Class Cybersecurity Operations Center

MITRE has made available a free book on building and running a world-class cyber operations center. While it is geared toward people who are in the cyber operations center business, it does provide useful general information on the following:

* Log collection
* Correlation
* Vulnerability Analysis
* Fusion Analysis
* Much more

The book does spend a lot of time discussing roles and responsibilities, how to build teams, what to look for during the hiring process, etc. Examining how these topics are employed and used in an operational context will help those new to the field of cyber to get a better grasp of these and many other topics.

The following is a quick example from the book which uses a Venn diagram to show the difference between True positives, False positives, False negatives and True negatives:

This is one of the best depictions of the four categories of activity I have seen in a while. It makes it easy to see and understand them in relation to each other. The section in which this figure can be found also provides some great discussion of the cost of false positives.

The book is free and has some good nuggets of information in it even for seasoned cyber folks.

Image: http://www.sssus.com/images/awesomecyberpicture.jpg

1 comment: