...
Target group | Description |
---|---|
Management/governance | People engaged at different managerial levels in organizations and/or infrastructure. They need to understand the role of security and the need to recognize and support security on organizational level. Management should be expected to lead by example. |
Architect, designer (infrastructure, software, AAI) | People responsible for design of a new system and/or its significant adaptations. They need to understand implications and impacts of security precautions, identify security requirements and address them by the design. |
Admins/operators (Systems management, system administrators, network engineers) | People responsible for operations of particular infrastructure components. The components cover a range of services, from network, through operating systems and middleware to end applications. |
Security specialists | People responsible for particular aspects related directly to security management and/or operations. The role involves (among others) incident handling and response, forensics, security monitoring (log analysis, using IDS), vulnerability management, software assessment. In addition to technical skills, there are also other important aspects, like communication. |
User coordinators (responsible for group of users, main contact point) | People responsible for management of a community or group of end users. They are typically responsible for granting access to resources, use/run identity management related to their users, suspending/banning their users, etc. They often serve as an interface between the infrastructure (service providers) and users. |
Users and special communities | End users who use the services available from the infrastructure. They are not supposed to have deep security skills and need to adapt to a few basic rules (e.g. related to credential management, reporting suspicious behavior, etc.). |
Software developers | People who produce code on various levels. Application programmers write specific software (usually part of the user community that uses the software), middleware programmers are responsible for common services used by the infrastructure. Also system operators should know basics about security coding (e.g. for scripting). |
Acquisition | People responsible for acquisition of new facilities (hardware, software). |
...