Free Essay about Operation Security Domain

Published: 2022-07-12
Free Essay about Operation Security Domain
Type of paper:  Research paper
Categories:  Cyber security Information systems
Pages: 7
Wordcount: 1666 words
14 min read

Security operations management takes concepts originating from criminal justice schools as well as business administrations and integrates them into the security management world. In the book, Security Operation Management, Robert McCrie (2015), provides comprehensive research that focuses on research-oriented as well as a theoretical approach to the key principles that governs security operation management. Operation security also termed as procedural security can be categorized as the process in risk management that encourages managers to consider operations from adversary perspectives to protect sensitive information from getting into unauthorized individuals (Plachkov et al., 2017). Initially, operation security management was common in the military, but the private sector has employed these procedures and processes to protect their sensitive information. It involves processes such as habits as well as behavior monitoring on platforms such as social media. It involves also inhibiting employees from sharing logins credentials via text messages or emails.

Trust banner

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Operation security encompasses five operations steps aimed at protecting individual data. They include identification of data that is sensitive, such as financial statement, intellectual property, and individual research among others. Identifying the data that need protection is essential to ensure that the resources needed to protect such data are allocated. The next step involves possible threats identification (Plachkov et al., 2017). It involves identifying possible harm to the information that is identified as sensitive. This is important in identifying effective strategies for protecting such information. The next step should involve analyzing essential vulnerabilities and security holes. Again, this is critical in ensuring that the proper protocol and process that will be put in place to protect such data is effective and efficient (Bouffard and Galiana, 2008). The next step involves appraising the risk levels that are linked with each vulnerability. The last place involves ensuring that proper countermeasures aimed at protecting the data are put in place.

Importance of the domain certification to becoming a chief information security officer

Operational security management certification is essential to becoming a chief information security officer. This is because one of the goals of a chief information security officer is to ensure that sensitive information is protected from possible threats. This to include the ability to analyze possible threats to the information and establishing a comprehensive security level to protect such information (Lewis, Erera and White, 2003). In most cases, the chief information security officer also has the responsibility of leading a team of Information Technology (IT) experts aimed at protecting important information (Bouffard and Galiana, 2008). The certification is a proof beyond doubt that such individuals can be trusted with the responsibility of safeguarding such information, especially in private sectors. Chef information security office can also have the responsibility of carrying out the important protocol in securing city operation management such as screening exercise. Such regular exercises are essential to keep the system updated on possible threats that can compromise the security of the essential information.

Security and risk management domains

One of the primary goals of every organization is the protection of confidential information. Organizations such as banks, insurance companies as well as healthcare sectors need to safeguard important information. Risk management encompasses comprehensive risk mitigation, analysis and understanding techniques aimed at ensuring the organization attains their objective of protecting essential information. The risk is inherent fundamentally in every decision making pertaining information security. Analysis of each risk is a critical step in helping each decision that needs to be made in protecting such risk is efficient and effective. Various components of security and risk management are essential for CISSP. They include security models or information security within the organization. The principles for security governance, guidelines, procedures and policies aimed at protecting data, threat modeling as well as risk management concepts.

Importance of the domain certification to becoming a chief information security officer

The main goals of information security in a given organization from a perspective of risks managements include ensuring that controls protocols are in place aimed at supporting the organization decisions. Other objectives include ensuring that all the decision carried out are aimed at ensuring the organization is tolerance from potential risks, and this is done cost-effectively for the benefit of the organization. The core issues involved in this domain compliance, regulatory as well as legal issues, professional ethics as well as protocol, guidelines, and procedures.

To become a certified chief information security officer, it is important to understand the security and risk management domain. According to Choi and colleagues (2017), domain is aimed at ensuring understand the security governance principles. These principles are essential in enabling deep and critical understanding of risk mitigation process. Understanding of these risks is essential in building information protection program that is of essential to any organization. Certification on this domains means that individuals can understand compliance. Securing of information requires compliance of established guidelines and principles. For instance, information securing should not interfere with the privacy of other individuals in a given organization. Berry and Berry (2018), illustrates that individuals should be able to understand the regulatory as well as legal issues about security and risk management. This involves respecting the legal guidelines that govern security and risk management protocols. The domain certification also ensures that individuals can understand professional ethics involved in the domain (Ilvonen et al. 2019). This is critical in guiding their day to day operations. To become a certified chief information security officer, it is essential also to understand the guidelines, procedures, standards as well as security policies involved in the domain. The primary goals of a chief security officer in the security and risk management perspective include an understanding of the evaluation procedures as well as risk mitigation protocol under established processes. This one of the domains in CISSP that provide a comprehensive understating of the strategies of risk mitigations in securing given data.

Communication and Network Security Domain

Network technology, as well as communication, expands rapidly. Platforms that require secure communication channels that can be trusted include remote working, virtual conference as well as online payments systems (Bello et al. 2017). Network eavesdropping and internet connection are frequent cyber-attacks that can cause damage to individuals as well as institutions. Such attacks can cause institutions to lose intellectual properties. Institutions such as banks can compromise accounts of their clients. It is thus critical to understand the manner information is transmitted through communication to enable development of secure communication channels. This includes the development of communication software's as well as tools that are secure and hard to compromise. The communication, as well as network security domain under the CISSP, covers the principals involved in securing channels of communications. Communications channels that are secure can be approached in two processes, the authentication protocols as well as secure communication protocols.

There usually many communication procedures that define guidelines for different machines that are sharing as well as exchanging information. The rules can be error, semantics and syntax detection of the pocket of data. They enable effective an efficient transmission of data that occurs in various entities. The communication process' parties must agree to ensure that message pass from one entity to another entity (Haus et al. 2017). Different software's, as well as hardware involved in the processes, make it a complicated mission to coordinate issues such as multi-vendors as well as interoperability that supports logical addressing (Bello et al. 2017). The model that was developed initially includes open system interconnection (OSI) aimed at breaking downs issues as well as assigning duties to seven layers in a communication network. The layers include application, presentation, session, transport, network, and datalink. The model gave way to the establishment of four -layered transmission control and internet protocol (TCP/IP). Other models that are used include Secure Socket Layers (SSL), Transport Layer Security (TLS) among others.

Importance of the domain certification to becoming a chief information security officer

Certification of this domain is important to become chief information security of officer. The domain provides a critical understanding of the processes involved in ensuring that secure communication channels are used in communication. The protocols involved in securing such channels are also addressed. This is because one of the responsibilities of a chief information security officer is to identify the possible risk of communication channels. In addition to that, screening communication channels is also another duty and responsibility of chief information security officer (Kompara and Holbl, 2018). Different organizations employ different channels of communication. Understanding the manner in which different channels operate important to such individuals. This is because they have the responsibility of advising the organization they work on essential channels that promote confidentiality and security among its users. This can be done while putting factors such as cost and benefits in place. Certification in communication, as well as network domain, can be essential in indenting mitigation strategies in risks involved in a communication network.


Bello, O., Zeadally, S., & Badra, M. (2017). Network layer inter-operation of Device-to-Device communication technologies in Internet of Things (IoT). Ad Hoc Networks, 57, 52-62.

Berry, C. T., & Berry, R. L. (2018). An initial assessment of small business risk management approaches for cyber security threats. International Journal of Business Continuity and Risk Management, 8(1), 1-10.

Bouffard, F., & Galiana, F. D. (2008, July). Stochastic security for operations planning with significant wind power generation. In Power and energy society general meeting-conversion and delivery of electrical energy in the 21st century, 2008 IEEE(pp. 1-11). IEEE.

Choi, T. M., Chan, H. K., & Yue, X. (2017). Recent development in big data analytics for business operations and risk management. IEEE transactions on cybernetics, 47(1), 81-92.

Haus, M., Waqas, M., Ding, A. Y., Li, Y., Tarkoma, S., & Ott, J. (2017). Security and privacy in device-to-device (D2D) communication: A review. IEEE Communications Surveys & Tutorials, 19(2), 1054-1079.

Ilvonen, I., Jussila, J., & Karkkainen, H. (2019). A Business-Driven Process Model for Knowledge Security Risk Management: Tackling Knowledge Risks While Realizing Business Benefits. In Effective Knowledge Management Systems in Modern Society (pp. 308-325). IGI Global.

Kompara, M. and Holbl, M., 2018. Survey on security in intra-body area network communication. Ad Hoc Networks, 70, pp.23-43.

Lewis, B., Erera, A., & White III, C. (2003). Optimization approaches for efficient container se...

Cite this page

Free Essay about Operation Security Domain. (2022, Jul 12). Retrieved from

Request Removal

If you are the original author of this essay and no longer wish to have it published on the SpeedyPaper website, please click below to request its removal:

Liked this essay sample but need an original one?

Hire a professional with VAST experience!

24/7 online support

NO plagiarism