SFIA View: Cybersecurity Beta
Cybersecurity
Information security SCTY
(unchanged)
Defining and operating a framework of security controls and security management strategies.
Security operations SCAD
(modified)
Manages and administers security measures, using tools and intelligence to protect assets, ensuring compliance and operational integrity.
Incident management USUP
(modified)
Coordinating responses to a diverse range of incidents to minimise negative impacts and quickly restore services.
Identity and access management IAMT
(new)
Manages identity verification and access permissions within organisational systems and environments.
Vulnerability assessment VUAS
(unchanged)
Identifying and classifying security vulnerabilities in networks, systems and applications and mitigating or eliminating their impact.
Penetration testing PENT
(unchanged)
Testing the effectiveness of security controls by emulating the tools and techniques of likely attackers.
Threat intelligence THIN
(unchanged)
Developing and sharing actionable insights on current and potential security threats to the success or integrity of an organisation.