Knowledge Management in Cybersecurity
Data has been called “the new oil.” Ensuring that the right people have access to the data that they need, and that users cannot access sensitive data without proper authorization, is an important role within an organization.
The National Institute of Standards and Technology has developed the NICE framework in an attempt to standardize terminology and job roles across the cybersecurity industry. The role of knowledge manager is defined in this framework, as well as its associated duties and the knowledge, skills and abilities necessary to be effective in the role.
What Is a Knowledge Manager?
As defined in NIST’s NICE framework, the role of a knowledge manager is to manage the flow of data throughout an organization. This includes oversight over tools and processes related to identifying, documenting and accessing the organization’s stored data and intellectual property.
What Does a Knowledge Manager Do?
Knowledge managers are tasked with managing all aspects of an organization’s intellectual capital. This includes ensuring that users have access to the data they need to perform their duties and that all data is properly secured within the organization. The tasks performed by an individual in the role of knowledge manager include the following:
- Identify Needs: The knowledge manager is responsible for determining what information can be beneficial to an end user for fulfillment of their duties
- Provide Access: The role includes developing portals and other means of making access to data easy for end users
- Promote Usage: The knowledge manager should promote the available data access portals and the use of data throughout the organization, including the sharing of information across boundaries (e.g., eroding silos)
- Infrastructure: This role includes ensuring that the organization has the infrastructure necessary to make full use of their available data, including databases, portals, indexing systems and storage devices
- Project Management: The knowledge manager is responsible for managing any projects related to knowledge management
The purpose of the knowledge manager is to ensure that data is available where and when an end user may need it, making the job one with multiple different responsibilities.
What Do I Need to Know?
The knowledge manager role has many different responsibilities that require knowledge and skills from a variety of different domains. Beyond the “soft skills” of being able to communicate requirements and promote available solutions, the knowledge manager also needs technical knowledge and skills in the fields of computer security, data management and legal and risk management.
Computer Security
A knowledge manager needs a fundamental understanding of computer science and computer security. A large amount of valuable data is under their control and it is their responsibility to ensure that it is properly managed and protected. In order to accomplish this task, the knowledge manager needs to know the fundamentals of networking and network security.
They also need to be familiar with cybersecurity topics including potential vulnerabilities, how they can be exploited and the impacts of an exploit upon the security of their sensitive data. This also includes familiarity with the assessment tools used for testing the security of networks, databases and endpoints that may be storing, processing or transmitting sensitive data.
Data Management
The majority of the role of a knowledge manager is managing an organization’s data resources. In order to accomplish this, the manager needs skills in data collection, organization and sharing.
The first data management skill set that is necessary is data collection. In order to accurately track all of an organization’s data, the knowledge manager needs to be able to find it first. This stage involves knowing possible source of information (wikis, blogs, social media and so on), performing information searches, data mining and measuring and reporting any collected data.
Once the data has been found, it needs to be organized into a usable form. A key component of this is knowledge of databases and database theory, since this is likely how data will be stored and accessed. It’s also important to know how to use other knowledge management technologies (like bookmarking engines) and how to pick the appropriate technology for a given task or environment. Finally, the knowledge manager should know how to perform knowledge mappings in order to track what is stored in each repository.
One of the most important jobs of the knowledge manager is ensuring that end users have easy access to the collected data. Accomplishing this part of the job requires knowledge of collaboration tools (SharePoint and so on) and how data and tools will synchronize across multiple platforms (i.e., mobile, PC or cloud).
Legal and Risk Management
A final and important consideration for anyone working with sensitive data is the legal and risk management implications of the role. Many regulations exist that are designed to protect the privacy of end users and limit the collection, processing and storage of Personally Identifiable Information (PII) and Protected Health Information (PHI). A knowledge manager is responsible for knowing the relevant regulations (including but not limited to GDPR, HIPAA and PCI) and their responsibilities under these regulations.
Knowledge managers should also be very familiar with risk management processes and data classification standards and methodologies. All data should be labeled, stored and disseminated in a way that provides the necessary level of privacy and security.
How Do I Get Started?
The knowledge manager role is largely a mix of computer science and cybersecurity. From a computer science standpoint, it’s necessary to have a solid understanding of networking, databases and endpoints (PC, mobile and so on). From a cybersecurity perspective, it’s important to understand the threats against these systems and the laws and regulations regarding them.
Most information security certifications will provide the background necessary for protecting systems on an organization’s premises. However, the move to cloud means that pursuing a Certificate of Cloud Security Knowledge (CCSK) may be a good idea for an aspiring knowledge manager. Bolstering this with some courseware on databases and data collection should cover all of the bases.
Sources
- NICE Cybersecurity Workforce Framework, NIST
- NICE Supplement, NIST (Download)
- NICE Framework, NIST (Download)
- Why Obtain the CCSK?, CSA