Where to Go from Here

Thompson, Eric C.

doi:10.1007/978-1-4842-5608-4_8

Eric C. Thompson²

633 Accesses

Abstract

Security operations is a mindset. Healthcare entities do not necessarily need to have a dedicated security operations center or contract with a managed service provider delivering virtual security operations center (SOC) services. But the mindset needs to be there. Once the overarching cybersecurity program is designed and implemented, the real work on implementing security begins. In the forward to Snort: IDS and IPS Toolkit, Stephen Northcutt talks about the difference between managing security via checklists and policies and understanding how to implement security. This means frameworks like the NIST Cybersecurity Framework (CSF) are great tools to guide entities in implementing security, risk assessment, and management strategies – but more is needed. Entities must perform threat assessments and in-depth analysis of vulnerabilities and attack vectors to implement high-functioning detection capabilities. This comes from knowledge of the network traffic characteristics and how to protect it from malicious use. As the security operations center grows in maturity, higher levels of visibility and understanding create opportunities for granular detection of specific activities in the environment.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

1.
Kohlenberg, Toby, Snort IDS and IPS Toolkit Syngress Publishing 2007
2.
Reproduced by permission of David J. Bianco; https://t.co/6OQLetonoN?amp=1
3.
www.franklincovey.com/the-7-habits.html
4.
www.malware-traffic-analysis.net/2018/06/14/index.html

Author information

Authors and Affiliations

Dekalb, IL, USA
Eric C. Thompson

Authors

Eric C. Thompson
View author publications
You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

Copyright information

About this chapter

Cite this chapter

Thompson, E.C. (2020). Where to Go from Here. In: Designing a HIPAA-Compliant Security Operations Center. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4842-5608-4_8

Download citation

DOI: https://doi.org/10.1007/978-1-4842-5608-4_8
Published: 26 February 2020
Publisher Name: Apress, Berkeley, CA
Print ISBN: 978-1-4842-5607-7
Online ISBN: 978-1-4842-5608-4
eBook Packages: Professional and Applied ComputingProfessional and Applied Computing (R0)Apress Access Books

Publish with us

Policies and ethics