I predict that Cyber-Impact-Mgmt will become a very lucrative specialization for IT infrastructure architects in the next couple of years.
@rysiek (Re-)Architecting IT infrastructures in a way that allows you to respond/contain incidents with a measured deactivation/isolation of systems.
@rysiek Without having to shutdown the Internet for the whole location/data center every time you have an active adversary on the network.
@seb that totally sounds like a fun role, if there is enough buy-in from management and the rest of devops/sysops
@rysiek buy-in from Management comes with the second cyber induced large scale outage at the latest ;-)
@duncanhart I think it is a combination of network (micro-)segmentation, privilege access management, infrastructure high availability, vuln mgmt, patch mgmt.
All of these disciplines applied to specific application stacks or services that organization cannot effort downtime for.
@duncanhart From a management objective perspective you are trying to break apart a risk domain. That is when a specific business unit has more or less risk appetite than the rest of the org.
INDICATORS OF COMPROMISE (IOC)
InfoSec Community within the Fediverse. Newbies, experts, gurus - Everyone is Welcome! Instance is supposed to be fast and secure.
We have a Getting Started Guide here: https://guide.ioc.exchange
HAVE FUN and STAY SAFE!