Responsibilities in blue team operations
Blue teams operate in many information security sectors. Let’s look at them one by one.
The CISO, who is the lead of the blue team, always stands in every sector as the product owner to those sectors:
- Firstly, the infrastructure sector: Here, we see network security personnel whose prime function is to prevent attackers from disrupting operations and getting data out of payloads. This personnel includes firewall monitoring analysts, network operation analysts, network engineers, and cybersecurity engineers. Generally, their goal is to protect the network and stop interruptions to the operations of that network or infrastructure.
- Secondly, the system sector: Here, we have operational personnel who handle the systems of an organization, making sure that everything works as planned and no one strays away from normal operations. Roles deriving from this sector include operations analysts, systems analysts, and cybersecurity...