Abstract
Security operations is a mindset. Healthcare entities do not necessarily need to have a dedicated security operations center or contract with a managed service provider delivering virtual security operations center (SOC) services. But the mindset needs to be there. Once the overarching cybersecurity program is designed and implemented, the real work on implementing security begins. In the forward to Snort: IDS and IPS Toolkit, Stephen Northcutt talks about the difference between managing security via checklists and policies and understanding how to implement security. This means frameworks like the NIST Cybersecurity Framework (CSF) are great tools to guide entities in implementing security, risk assessment, and management strategies – but more is needed. Entities must perform threat assessments and in-depth analysis of vulnerabilities and attack vectors to implement high-functioning detection capabilities. This comes from knowledge of the network traffic characteristics and how to protect it from malicious use. As the security operations center grows in maturity, higher levels of visibility and understanding create opportunities for granular detection of specific activities in the environment.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Kohlenberg, Toby, Snort IDS and IPS Toolkit Syngress Publishing 2007
- 2.
Reproduced by permission of David J. Bianco; https://t.co/6OQLetonoN?amp=1
- 3.
- 4.
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2020 Eric C. Thompson
About this chapter
Cite this chapter
Thompson, E.C. (2020). Where to Go from Here. In: Designing a HIPAA-Compliant Security Operations Center. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4842-5608-4_8
Download citation
DOI: https://doi.org/10.1007/978-1-4842-5608-4_8
Published:
Publisher Name: Apress, Berkeley, CA
Print ISBN: 978-1-4842-5607-7
Online ISBN: 978-1-4842-5608-4
eBook Packages: Professional and Applied ComputingProfessional and Applied Computing (R0)Apress Access Books