Ciso Mindmap 2020 What Security Professionals Really Do?
Uploaded by
AJGMFAJCiso Mindmap 2020 What Security Professionals Really Do?
Uploaded by
AJGMFAJSecurity
Operations
Threat Prevention Threat Detection Incident Management
Network/Application Log Analysis/correlation/SIEM Create adequate
CISO MindMap 2020
Firewalls Incident Response
Alerting (IDS/IPS, FIM, capability
Vulnerability WAF, Antivirus, etc)
Management Media Relations
What Security Professionals
NetFlow analysis
Incident Readiness Assessment
DLP
Scope Forensic Investigation
Really Do? Operating Systems
Threat hunting and Insider threat
Data Breach
Preparation
Automate
Network Devices Threat
Hunting Update and Test
Applications
Incident Response Plan
MSSP integration
Databases
Set Leadership
Security Projects Threat Detection Expectations
Code Review
capability assessment
Business Case Development Media Relations
Physical Security
ROSI Business Continuity
Cloud misconfiguration testing Gap assessment
Plan
Alignment with IT Projects
Mobile Devices Prioritization to fill gaps
Budget Forensic and IR
FTE and contractors
IoT SOC Operations Partner, retainer
Balancing budget for
Identify Cyber Risk Insurance
People, Trainings, and
Tools/Technology SOC Resource Mgmt Adequate Logging
Periodic SOC Staff continuous training Breach exercises
(e.g. simulations)
Comprehensive Shift management
Acquisition Risk Assessment
Ransomware
Classify SOC procedures
Integration Cost Mergers and Acquisitions
Identity Management SOC Metrics and Reports
Tie with BC/DR Plans
Risk Based Approach
Cloud architecture SOC and NOC Integration
Devise containment
Prioritize strategy
Strategy and Guidelines SOC Tech stack management
Mitigation Ensure adequate backups
Cloud risk evaluation Threat Intelligence Feeds
and proper utilization
Periodic backup test
Compliance
Fix SOC DR exercise
Mock exercises
Ownership/Liability/Incidents
Verify Partnerships with ISACs
Implement machine
Vendor's Financial Strength
Measure Long term trend analysis integrity checking
SLAs
Unstructured data from IoT Automation and SOAR
Infrastructure Audit Baseline
Cloud Computing Integrate new data
Proof of Application Security sources (see areas Playbooks
Metric
under skills development)
SaaS Strategy
Disaster Recovery Posture Use Awareness
Skills Development
Program as a tool
Application Architecture
Application
Integration of Identity
Security Machine Learning
Management/Federation/SSO
Skill Development
SaaS Policy and Guidelines
Understand
Application Development
Log integration Algorithm Biases
Standards
VIrtualized security appliances IOT
Secure Code
Training and Review Autonomous
Policy
Vehicles
Application
Technology Vulnerability Testing Drones
Lost/Stolen devices Mobile Technologies Change Control Medical Devices
File Integrity Monitoring
BYOD
Industrial Control
Web Application Systems (ICS)
Mobile Apps Inventory
Firewall
HR/On Boarding/Termination Blockchain &
Integration to SDLC Smart Contracts
Processes
Business Partnerships and Project Delivery
MITRE ATT&CK
Business Continuity and Disaster Recovery IPS
Business Enablement DevOps Integration
Understand industry trends (e.g. retail, financials, etc) Identity Management
Prepare for unplanned work
Eveluating Emerging Information Security Policy
Technologies (e.g. SDN, Virtual/Augmented Reality, Use of AI and Data Analytics
DLP
Autonomous Vehicles, connected medical devices, etc)
Anti Malware, Anti-spam
IOT Frameworks Use of computer
Proxy/Content Filtering vision in physical
Hardware/Devices security features
security
DNS security/ filtering
IOT Communication Protocols
Log Anomaly Detection
Patching
Device Identity, Auth and Integrity
Red team/blue team exercises
DDoS Protection
Over the Air updates
Integrate threat intelligence platform (TIP)
Hardening guidelines
Track and Trace
Deception technologies
IOT
Desktop security for breach detection
Condition Based Monitoring
Encryption, SSL Full packet inspection
Customer Experience
IOT Use cases
PKI
Smart Grid
Security Health Checks
Smart Cities / Communities
Last Update - June 13, 2020 Secure DevOps/ DevSecOps
Others ...
Twitter: @rafeeq_rehman
IoT SaaS Platforms Version 2020
Data Analytics Downloads Credentialing
Virtual Reality
http://rafeeqrehman.com Account Creation/Deletions
Augmented Reality Single Sign On (SSO, Simplified sign on)
Crypto currencies Repository (LDAP/Active Directory)
BlockChain Federation
Artificial Intelligence
InfoSec Professionals 2-Factor Authentication
Drones Responsibilities Role-Based Access Control
5G Ecommerce and Mobile Apps
Edge Computing
Identity Management Password resets/self-service
HR Process Integration
Integrating cloud-based identities
Requirements
IoT device identities
Design
IAM SaaS solutions
Security Testing Project Delivery Lifecycle
Unified identity profiles
Certification and Accreditation
Voice signatures
Password-less authentication
Face recognition
Network Segmentation
Application protection
Strategy and business alignment
Defense-in-depth
COSO
Remote Access
COBIT
Encryption Technologies
ISO
Backup/Replication/Multiple Sites
Risk Mgmt/Control Frameworks ITIL
Cloud/Hybrid/Multiple Cloud Vendors Security Architecture
NIST - relevant NIST standards and guidelines
Software Defined Networking
FAIR
Network Function Virtualization
Visibility across multiple frameworks
Zero trust models
SASE Model
Governance Resource Management
Roles and Responsibilities
Overlay networks, secure enclaves
Data Ownership
Conflict Management
CCPA, Data Privacy & GDPR
Operational Metrics
PCI
Metrics and Reporting Executive Metrics and Reporting
SOX
Validating effectiveness of metrics
HIPAA and HITECH
IT, OT, IoT/IIoT Convergence
Regular Audits Compliance and Audits
SSAE 18
Aligning with Corporate
NIST/FISMA
Objectives
Other compliance needs
Continuous Mgmt Updates, metrics
Innovation and Value Creation
Data Discovery and Data Ownership Selling InfoSec (Internal) Expectations Management
Vendor Contracts Build project business cases
Investigations/Forensics Show progress/ risk reduction
Attorney-Client Privileges Legal and Human Resources
Data Retention and Destruction
Enable Secure Application access
Team development, talent management
Secure expanded attack surface
Work from Home
Security of sensitive data accessed from home
Physical Security
Vulnerability Management
Ongoing risk assessments/pen testing
Integration to Project Delivery (PMO)
Code Reviews
Use of Risk Assessment Methodology and framework
Focus areas for 2020
Policies and Procedures
Testing effectiveness Phishing and Associate Awareness
Improve SOC analyst productivity with SOAR
Data Discovery
Reduction/consolidation of tools/technologies
Data Classification
Better protection & monitoring of Cloud
Access Control Explore new architecture models like SASE
Data Centric
Data Loss Prevention - DLP Approach Consider zero trust, secure enclaves
Edge computing security
Partner Access Risk Management Include deception technologies as part of security tools
Encryption/Masking COVID19 and Work from Home
Monitoring and Alerting
IoT Technologies
© Copyright 2020 - Rafeeq Rehman
Industrial Controls
Systems
PLCs
Operational Technologies
SCADA
HMIs
Use data from
Security Reports
Vendor risk management
Risk scoring
You might also like
- A Practitioner's Guide to Adapting the NIST Cybersecurity FrameworkFrom EverandA Practitioner's Guide to Adapting the NIST Cybersecurity FrameworkNo ratings yet
- Operationalizing Information Security: Putting the Top 10 SIEM Best Practices to WorkFrom EverandOperationalizing Information Security: Putting the Top 10 SIEM Best Practices to WorkNo ratings yet
- Cyber Boot Camp - Day 05 - Cyber Security FrameworkNo ratings yetCyber Boot Camp - Day 05 - Cyber Security Framework3 pages
- Threat Mind Map: Threat Landscape and Good Practice Guide For Internet InfrastructureNo ratings yetThreat Mind Map: Threat Landscape and Good Practice Guide For Internet Infrastructure1 page
- The SOC Hiring Handbook: Your Guide To Building and Retaining A Strong Security Team100% (1)The SOC Hiring Handbook: Your Guide To Building and Retaining A Strong Security Team28 pages
- Affirm Your Expertise, Advance Your Career.: See What'S Next As A CismNo ratings yetAffirm Your Expertise, Advance Your Career.: See What'S Next As A Cism4 pages
- Isc2 Cissp 1 16 1 Security and Risk Management Key PointsNo ratings yetIsc2 Cissp 1 16 1 Security and Risk Management Key Points3 pages
- Qgif9PcRuHJHQtVLvEAA_2024 FRSecure CISSP Mentor Program - Class 12No ratings yetQgif9PcRuHJHQtVLvEAA_2024 FRSecure CISSP Mentor Program - Class 12112 pages
- CISSP Domain One: Security and Risk Management-What You Need To Know For The Exam100% (1)CISSP Domain One: Security and Risk Management-What You Need To Know For The Exam14 pages
- IT Controls (Including IS) Plus Control Review Matrix - 2017 NEW v2No ratings yetIT Controls (Including IS) Plus Control Review Matrix - 2017 NEW v2258 pages
- CISO Handbook Cybersecurity Metrics Budgeting 1716720867No ratings yetCISO Handbook Cybersecurity Metrics Budgeting 171672086719 pages
- Australian Cyber Security Strategy 2023 2030 1712274961No ratings yetAustralian Cyber Security Strategy 2023 2030 171227496164 pages
- CISSP - 1 Information Security & Risk ManagementNo ratings yetCISSP - 1 Information Security & Risk Management60 pages
- CISSP Referenced The Reddit Forum WeeklyNo ratings yetCISSP Referenced The Reddit Forum Weekly2 pages
- Content: Cross Functional Core Team Examples 3 Impact Area Overview 6 Sample Severity Matrix 7No ratings yetContent: Cross Functional Core Team Examples 3 Impact Area Overview 6 Sample Severity Matrix 75 pages
- 2023+CISSP+Domain+3+Study+Guide+by+ThorTeaches Com+v3 1No ratings yet2023+CISSP+Domain+3+Study+Guide+by+ThorTeaches Com+v3 167 pages
- Four Ciso Tribes and Where To Find Them: Gary Mcgraw, Ph.D. Sammy Migues Brian Chess, PH.DNo ratings yetFour Ciso Tribes and Where To Find Them: Gary Mcgraw, Ph.D. Sammy Migues Brian Chess, PH.D24 pages
- Get Official ISC 2 Guide to the CISSP ISSEP CBK 1st Edition Susan Hansche Cissp free all chapters100% (18)Get Official ISC 2 Guide to the CISSP ISSEP CBK 1st Edition Susan Hansche Cissp free all chapters60 pages
- CISM Chapter4-Info Security Incident ManagementNo ratings yetCISM Chapter4-Info Security Incident Management60 pages
- My Cissp Success Journey: (Lalit Kumar, CISSP, CISA, ISO 27001 LA, CEH, ITIL, DBA, System Admin)No ratings yetMy Cissp Success Journey: (Lalit Kumar, CISSP, CISA, ISO 27001 LA, CEH, ITIL, DBA, System Admin)2 pages
- Certified Authorization Professional Standard RequirementsFrom EverandCertified Authorization Professional Standard RequirementsNo ratings yet
- How To Develop Boys To Men: For The Prevention of The Narcissistic Personality DisorderFrom EverandHow To Develop Boys To Men: For The Prevention of The Narcissistic Personality DisorderNo ratings yet
- Qualified Security Assessor Complete Self-Assessment GuideFrom EverandQualified Security Assessor Complete Self-Assessment GuideNo ratings yet
- General Access Control Guidance For Cloud Systems PDFNo ratings yetGeneral Access Control Guidance For Cloud Systems PDF34 pages
- The Art of Recognizing and Surviving SOC BurnoutNo ratings yetThe Art of Recognizing and Surviving SOC Burnout29 pages
- The Six-Step Covid-19 Business Continuity Plan For Smes: Date: April 2020No ratings yetThe Six-Step Covid-19 Business Continuity Plan For Smes: Date: April 202012 pages
- First Full Version of The Cyber Security Body of Knowledge PublishedNo ratings yetFirst Full Version of The Cyber Security Body of Knowledge Published3 pages
- AlienVault 360 Q418 AWS Security Monitoring For Beginners PDFNo ratings yetAlienVault 360 Q418 AWS Security Monitoring For Beginners PDF12 pages
- CSA White Paper The Treacherous 12 Top Threats To Cloud Computing Plus Industry InsightsNo ratings yetCSA White Paper The Treacherous 12 Top Threats To Cloud Computing Plus Industry Insights60 pages
- Ransomware - Penetration Testing and Contingency Planning by Ravindra DasNo ratings yetRansomware - Penetration Testing and Contingency Planning by Ravindra Das132 pages
- The AdES Family of Standards - CAdES XAdES PAdESNo ratings yetThe AdES Family of Standards - CAdES XAdES PAdES11 pages
- Refer.3.3.3.AskF5 - Manual Chapter - AFM DoS - DDoS ProtectionNo ratings yetRefer.3.3.3.AskF5 - Manual Chapter - AFM DoS - DDoS Protection2 pages
- DES, AES and Blowfish: Symmetric Key Cryptography Algorithms Simulation Based Performance Analysis100% (1)DES, AES and Blowfish: Symmetric Key Cryptography Algorithms Simulation Based Performance Analysis7 pages
- Cyber Forensic Interview Questions With AnswersNo ratings yetCyber Forensic Interview Questions With Answers24 pages
- A.2.3 Describe How A DBMS Can Be Used To Promote Data Security. Database SecurityNo ratings yetA.2.3 Describe How A DBMS Can Be Used To Promote Data Security. Database Security3 pages
- Tdif 06b Openid Connect 1.0 Profile - Release 4.8 - Finance 1No ratings yetTdif 06b Openid Connect 1.0 Profile - Release 4.8 - Finance 191 pages
- A Network Coding and DES Based Dynamic Encryption Scheme For Moving Target DefenseNo ratings yetA Network Coding and DES Based Dynamic Encryption Scheme For Moving Target Defense6 pages
- VPNs Part of The CCIE EI Workbook Orhan ErgunNo ratings yetVPNs Part of The CCIE EI Workbook Orhan Ergun46 pages
- Authority-Based User Authentication in Quantum Key DistributionNo ratings yetAuthority-Based User Authentication in Quantum Key Distribution7 pages
