1A: Information Security Roles

Non-repudiation

A subject cannot deny doing something, such as creating, modifying, or sending a resource.

Core cybersecurity tasks (the five functions)

Identify
Protect
Detect
Respond
Recover

Security Operations Center (SOC)

Location where security professionals monitor and protect critical information assets across other business functions. Usually employed by larger corporations.

Development and Operations (DevOps)

Highly orchestrated environment that encourages much more collaboration between developers and system administrators. IT personnel and developers can build, test, and release software faster and more reliably.

DevSecOps

Extends the DevOps boundary to security specialists/personnel, reflecting the shift left principle.

Shift Left

Principle that security needs to be a primary consideration at every stage of software development and deployment. Considerations need to be made during requirements and planning phases, not grafted on at the end.

Cyber Incident Response Team (CIRT)

A single point-of-contact for the notification of security incidents. May be handled by SOC or may be an independent business unit.