(ii) Information Security Operations The primary duty of Information Security Operations (SecOps) is to protect organisations against cyberattacks. To be effective, our cybersecurity architecture is organised in accordance with the US National Institute of Standards and Technology (NIST) Cybersecurity Framework which lays out five core functions of SecOps as illustrated in the diagram below. Each of these functions is performed concurrently and continuously to create an operational culture that addresses dynamic information security risk. Identify Recover Protect Respond Detect SECURITY OPERATION FRAMEWORK Develop an understanding of all systems, assets, data and their capabilities Implement appropriate safeguards to ensure the delivery of critical information services and deployment of best technology Conduct appropriate activities to identify the occurrence of information security events Undertake appropriate action in response to detection of information security events Maintain plans for resilience and to restore any capabilities or services that were impaired due to information security events Our SecOps division is tasked with continuously monitoring and improving the Group’s cybersecurity and information security position. The team holds a number of responsibilities including: • Investigate potential incidents • Triage and prioritise detected incidents • Coordinate an incident response • Monitor new and trending threats • Identify and deploy solutions to new threats • Address employee enquiries • Report to management 1 1 6 C A P I T A L A B E R H A D Economic (cont’d.)
RkJQdWJsaXNoZXIy ODU0MjU5