I have the opportunity to redefine some roles of our Network
Security group and Operations group.
More specifically, Operations want to be more involved in
day-to-day security activities like incident management and
security monitoring. The goal is to make both groups more
effective and valuable to our customers (and each other).
I realize that solution will be specific to our organization
and how we do business. But I hope to have a head-start and
hopefully avoid some mistakes.
It would be helpful to hear from the list how these groups
seem to work best together and what division of labor has
worked best to "leverage" their particular strengths.
Private responses welcomed, and I'd be happy to report back
to the list if there is interest in the results.