5.1 Flashcards
information security policies
the big list of all security-related policies. centralized resource for processes
sldc
software development lifecycle, systems development life cycle
playbooks
conditional steps to follow. step by step set of processes and procedures
SOAR
Security Orchestration, Automation, and Response
enables security teams to integrate and coordinate separate tools into streamlined threat response workflows
governance structures for an organization
boards-panel of specialists
committees-subject matter experts
govt entities
centralized(one location)/decentralized(different locations)
regulatory
regulations are often mandated
legal
legal responsibilties reporting illegal activites etc
geographical security
national- federal and national defense
global- multinational, legal concerns vary by country
data roles
data controller-manages the purpose
data processor- processes on behalf of the controller
data custodian- responsible for securing data
data custodian
responsible for securing data