Scribd Logo
Upload

Welcome to Scribd!

  • CISOMind Map

    Uploaded by

    Krishna Kumar T H
    4 views2 pages

    Original Title

    CISOMindMap

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    4 views2 pages

    CISOMind Map

    Uploaded by

    Krishna Kumar T H

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    C I S O M I N D M A P v . 1 .

    Security Operations Legal and Regulatory Business


    Enablement
    P r e v e n tio n D e te c tio n Co m p lia n c e P r iv a c y In v e s tig a tio n s
    • D a ta P r o te c tio n • L o g M a n a g e m e n t/ S IE M • PCI • P r iv a c y S h ie ld • e D is c o v e r y P r o d u c t S e c u r ity
    C U R R I C U L U M - E n c r y p tio n , P K I, T L S • C o n tin u o u s M o n ito r in g • Secu re D evO p s
    • SO X • EU G D PR • F o r e n s ic s
    Get the right training to build and lead a world-class security team. - D a ta L o s s P r e v e n tio n (D L P ) • N e tw o r k S e c u r ity M o n ito r in g • H IP A A • S e c u r e D e v e lo p m e n t L ife c y c le
    - E m a il S e c u r ity • N e t F lo w A n a ly s is Au d it In t e lle c t u a l P r o p e r t y
    F OU N DAT I ON A L • F F IE C , C A T P r o te c tio n • B u g B o u n tie s
    • N e tw o r k S e c u r ity • A d v a n c e d A n a ly t ic s • SSAE 16
    MGT512 MGT414
    • FERPA • W e b , M o b ile , C lo u d A p p S e c
    S A N S S e c u r it y L e a d e r s h ip E s s e n t ia ls fo r S A N S T r a in in g P r o g r a m fo r
    - F ir e w a ll, ID S / IP S , P r o x y F ilt e r in g • T h r e a t H u n tin g • SO C 2 C o n tr a c t R e v ie w
    M a n a g e r s w it h K n o w le d g e C o m p r e s s io n ™ C IS S P ® C e r tifi c a tio n
    • N E R C C IP • IS O 2 7 0 0 1 C lo u d C o m p u t in g
    GSLC GISP
    - V P N , S e c u r ity G a te w a y • P e n e tr a tio n T e s tin g C u sto m e r
    - D D o S P r o te c tio n • R ed Team • N IS T S P 8 0 0 -3 7 • F IS M A a n d F e d R A M P • C lo u d S e c u r it y A r c h it e c t u r e
    SEC566
    Im p le m e n t in g a n d A u d it in g t h e C r it ic a l
    MGT525
    IT P r o je c t M a n a g e m e n t , E ffe c t iv e a n d 8 0 0 -5 3 R e q u ir e m e n ts • C lo u d G u id e lin e s
    S e c u r it y C o n t r o ls – In - D e p t h C o m m u n ic a tio n , a n d P M P ® E x a m P r e p • A p p lic a t io n S e c u r it y • V u ln e r a b ilit y S c a n n in g • N IS T S P 8 0 0 -5 3 A
    GCCC GCPM
    - T h r e a t M o d e lin g • H u m a n Sen so r L a w s u it R is k M o b ile
    • CO SO
    CO R E - D e s ig n R e v ie w • D a ta L o s s P r e v e n tio n (D L P ) • B r in g Y o u r O w n D e v ic e (B Y O D )
    MGT514 MGT415 - S e c u r e C o d in g • S e c u r ity O p e r a tio n s C e n te r (S O C ) • M o b ile P o lic y
    IT S e c u r it y S t r a t e g ic P la n n in g , P o lic y , A P r a c tic a l In tr o d u c tio n to
    a n d L e a d e r s h ip C y b e r s e c u r ity R is k M a n a g e m e n t - S t a t ic A n a ly s is • T h r e a t In t e llig e n c e E m e r g in g T e c h n o lo g ie s
    GSTRT
    LEG523
    - W e b A p p S c a n n in g • T h r e a t In fo r m a tio n S h a r in g • In te r n e t o f T h in g s (Io T )
    MGT517 L a w o f D a ta S e c u r ity a n d In v e s tig a tio n s - W A F, R A SP • In d u s tr y P a r tn e r s h ip s
    M a n a g in g S e c u r ity O p e r a tio n s : GLEG • A u g m e n t e d R e a lit y ( A R )
    D e t e c t io n , R e s p o n s e , a n d In t e llig e n c e • E n d p o in t S e c u r ity R esp o n se • V ir t u a l R e a lit y ( V R )
    - A n t i- v ir u s , A n t i- m a lw a r e • In c id e n t H a n d lin g P la n
    SP E C IA L I Z AT I ON
    - H ID S / H IP S , F IM M e r g e r s a n d A c q u is itio n s
    AUD507 MGT433 MGT305 • B r e a c h P r e p a r a tio n
    A u d itin g & M o n ito r in g N e tw o r k s , S e c u r in g th e H u m a n : T e c h n ic a l C o m m u n ic a tio n a n d - A p p W h it e lis t in g • T a b le t o p E x e r c is e s • S e c u r it y D u e D ilig e n c e
    P e r im e te r s , a n d S y s te m s H o w t o B u ild , M a in t a in , a n d M e a s u r e P r e s e n t a t io n S k ills fo r S e c u r it y
    a H ig h - Im p a c t A w a r e n e s s P r o g r a m P r o fe s s io n a ls • S e c u r e C o n fi g u r a tio n s • F o r e n s ic A n a ly s is
    C Y B E R L E A D E R
    GSNA

    • A c tiv e D e fe n s e • C r is is M a n a g e m e n t
    • P a tc h in g • B r e a c h C o m m u n ic a tio n s
    Identity and Access
    Risk Management Management
    P r o v is io n in g / D e p r o v is io n in g
    Security R is k F r a m e w o r k s
    • F A IR
    • N IS T R M F
    S in g le S ig n O n ( S S O )
    F e d e r a t e d S in g le S ig n O n ( F S S O )
    Leadership • O CTAVE
    • TARA Governance
    M u lt i- F a c t o r A u t h e n t ic a t io n
    R o le - B a s e d A c c e s s C o n t r o l ( R B A C )
    R is k A s s e s s m e n t M e t h o d o lo g y Stra te g y R o le s a n d R e s p o n s ib ilit ie s Id e n tity S to r e (L D A P , A c tiv e D ir e c to r y )
    P O S T E R B u s in e s s Im p a c t A n a ly s is
    B u s in e s s A lig n m e n t W o r k fo r c e P la n n in g
    R is k A s s e s s m e n t P r o c e s s
    R is k M a n a g e m e n t R eso u rce M a n a g em en t
    R is k A n a ly s is a n d Q u a n t ifi c a t io n Leadership Skills
    P ro g ra m Fra m ew o rk s D a t a C la s s ifi c a t io n
    S e c u r ity A w a r e n e s s
    • N IS T C S F S e c u r it y P o lic y B u s in e s s S tr a te g y S t a k e h o ld e r M a n a g e m e n t F in a n c ia l P la n n in g
    V u ln e r a b ilit y M a n a g e m e n t • IS O 2 7 0 0 0
    CISO Mind Map C r e a t in g a S e c u r it y C u lt u r e In d u s t r y K n o w le d g e N e g o tia tio n s B u d g e tin g
    V e n d o r R is k M a n a g e m e n t
    Version 1.1 C o n tro l Fra m e w o rk s S e c u r ity T r a in in g B u s in e s s A c u m e n M is s io n a n d V is io n In n o v a tio n
    P h y s ic a l S e c u r ity • N IS T 8 0 0 -5 3
    AND • A w a r e n e s s T r a in in g C o m m u n ic a t io n S k ills V a lu e s a n d C u lt u r e M a r k e tin g
    D is a s te r R e c o v e r y (D R ) • C IS C o n t r o ls
    Security Operations Center (SOC) B u s in e s s C o n t in u it y P la n n in g
    • R o le - B a s e d T r a in in g P r e s e n t a t io n S k ills R o a d m a p D e v e lo p m e n t L e a d in g C h a n g e
    P ro g ra m Stru ctu re M e tr ic s a n d R e p o r tin g
    Essential Functions P o lic ie s a n d P r o c e d u r e s S t r a t e g ic P la n n in g B u s in e s s C a s e D e v e lo p m e n t C u s t o m e r R e la t io n s h ip s
    P ro g ra m M a n a g em en t IT P o r t fo lio M a n a g e m e n t
    R is k T r e a tm e n t T e c h n ic a l L e a d e r s h ip P r o je c t M a n a g e m e n t T e a m B u ild in g
    For Cyber Leaders of Today and Tomorrow C o m m u n ic a t io n s P la n Change M anagem ent
    • M it ig a t io n P la n n in g , V e r ifi c a t io n S e c u r it y C o n s u lt in g E m p lo y e e D e v e lo p m e n t M e n to r in g
    s a n s .o r g / c u r r ic u la / m a n a g e m e n t • R e m e d ia tio n , C y b e r In s u r a n c e B o a r d C o m m u n ic a tio n s
    Based on CISO MindMap by Rafeeq Rehman @rafeeq_rehman http://rafeeqrehman.com Used with permission.
    MGT-PSTR-CISO/SOC-0118
    Security Operations Center (SOC) Essential Functions
    H IS T O R IC A L A S S E S S M E N T Learn how to design, build, operate, and mature a
    W IT H N E W IO C s Security Operations Center (SOC)
    MGT517: Managing Security Operations: Detection, Response, and Intelligence
    O VERALL P RO CESS
    www.sans.org/MGT517
    Honeypots Full PCAP
    H IG H -V A L U E IN D IC A T O R S • L O N G -T E R M A N A L Y S IS
    • D A T A M IN IN G CO RRELATE ALERTS
    A N D L O G E N T R IE S
    IS O L A T E A N D • S T U D Y O F IN T E R A C T IO N TO R AW D ATA
    C O N T A IN A S S E T S : • T H R E A T H U N T IN G
    • L O G IC A L L Y
    Business Units • P H Y S IC A L L Y External Systems

    C O L L E C T O P E N -SO U R C E R E T A IN A D V E R S A R Y
    N E T W O R K ID S W IR E L E S S ID S IN F O C H A R A C T E R IS T IC S
    N ETW O RK LO G S H O ST LO G S
    S W E E P E N T E R P R IS E
    Open-Source Resources Attribution Info
    IN T E R N A L T H R E A T A C T O R
    A T T R IB U T IO N A N D C H A R A C T E R IS T IC S
    H O S T ID S M ALW ARE
    Steering Committee D E T O N A T IO N A P P L IC A T IO N L O G S
    Internal
    Incident response works with Systems C O L L E C T IN T E R N A L A D V E R S A R Y IN F O CO RRELATE EVEN TS
    T H R E A T H U N T IN G TO TH R E AT ACTO R S
    other SOC functions to:
    • O B T A IN S U P P O R T A N D A N A L Y S IS
    • P R O V ID E S T A T U S A N D R E P O R T IN G E R A D IC A T E R E TU R N TO
    IS S U E S S E R V IC E

    S E C U R I T Y O P E R AT I O N S C E N T E R
    Management Internal Information Sources

    Network
    Incident Threat
    Security
    Response Intelligence
    Monitoring
    Configuration Monitoring Penetration Testing
    • C R E A T E B A S E L IN E S • M O D E L A T T A C K E R S C E N A R IO S
    • ID E N T IF Y C O N F IG U R A T IO N C H A N G E S • E X P L O IT S Y S T E M S
    P R O V ID E IN F O R E L A T E D T O C A S E • M A IN T A IN S Y S T E M S • R E C O N N A IS S A N C E ,
    IO C S F O R IN V E S T IG A T IO N
    Command Self O R G A N IZ A T IO N A L IN T E L L IG E N C E
    Host Forensics Forensics
    M E M O R Y A N D D IS K A C Q U IS IT IO N Center Assessment • D E C O N F L IC T IO N
    Network Forensics
    Reverse L O G , E V E N T IN F O , Vulnerability Assessment Exercises
    Engineering A N D P C A P A C Q U IS IT IO N
    • ID E N T IF Y R IS K A N D E X P O S U R E • T A B L E T O P S C E N A R IO S
    D E V IC E , S O F T W A R E ,
    O R C O D E A C Q U IS IT IO N • AN ALYZE ASSET • S C A N S Y S T E M S F O R K N O W N V U L N E R A B IL IT IE S • M O D EL TH REATS AN D EVEN TS
    • M A IN T A IN C H A IN O F C U S T O D Y
    • E N S U R E A S S E T IN T E G R IT Y
    • IM P A C T O F N E W V U L N E R A B IL IT IE S • T R A IN A N D A S S E S S S T A F F
    • D R/B CP

    • STATU S REP O RTS


    LO G SERVER N ETW O RK FU LL PCAP • N EW S RELEASES Building a SOC
    • PRO BLEM REPO RTS • T H IR D -P A R T Y N O T IF IC A T IO N
    Internal Systems Network and Related Artifacts • R E C O R D IN G S What do you need to consider when utilizing a
    • R E P O R T IL L E G A L A C T IV IT Y
    • O U TREACH AW AREN ESS Managed Security Service Provider (MSSP) vs. building a SOC in-house?
    • S E E K A D V IC E
    O u t s o u r c in g P r o s O u t s o u r c in g C o n s
    • P o t e n t ia l c o s t s a v in g s – b u ild in g a S O C is e x p e n s iv e • U n f a m i l i a r w i t h o r g a n i z a t i o n ’s b u s i n e s s d r i v e r s / i n d u s t r y
    MSSP Onboarding Checklist
    • F u lly t r a in e d a n d q u a lifi e d s t a ff • L im it e d o n d e p t h o f s e r v ic e a n d c a p a b ilit ie s
    O r g a n iz a t io n a l R e q u ir e m e n t s H ir in g P r a c t ic e s R e p o r ts
    • E x p e r ie n c e h a n d lin g s t r e s s fu l s it u a t io n s • O p t im iz e s it s s y s t e m s t o s c a le a n d s e r v ic e s a la r g e v o lu m e
    D e fi n e d o w n e r s h ip o f s e c u r ity D ru g te sts M e tr ic s a n d d a s h b o a r d s o f cu sto m e rs
    • E x p e r ie n c e h a n d lin g a ll t y p e s o f s e c u r it y e v e n t s e ffe c t iv e ly
    G o o d c u lt u r a l fi t C itiz e n s h ip r e q u ir e m e n ts S t a t u s d e liv e r y fr e q u e n c y a n d e ffi c ie n t ly • L a r g e c u s t o m e r b a s e , la c k s in t im a t e k n o w le d g e
    B u s in e s s p a r tn e r s h ip M TTD , M TTR
    S u p p lie r s , P a r t n e r s , a n d R e s e lle r s • A u g m e n t s e x is t in g s t a ff/ fi lls g a p s in h ir in g s k ills p r o fe s s io n a ls • L a c k o f d e d ic a te d r e s o u r c e s & s u p p o r t fo r y o u r o r g a n iz a tio n
    H ir in g S t a n d a r d s A cce ss to cu sto m e r d a ta O r g a n iz a t io n a l S t a b ilit y • T h r e a t In t e llig e n c e – k e e p s y o u c u r r e n t o n e m e r g in g t h r e a t s • F o c u s e d o n m a x im iz in g p r o fi ts
    B a ck g ro u n d ch eck s C o n n e c tio n to n e tw o r k Y e a r s in b u s in e s s Users or Help Desk Law Enforcement Public • H e lp s y o u le v e r a g e s e c u r it y in t e llig e n c e a c r o s s in d u s t r ie s • L a c k o f s p e c ia liz a t io n , e x c e ls a t p r o v id in g s t a n d a r d s e c u r it y
    C r e d it c h e c k s Report Issue s e r v ic e s v s . c u s to m iz e d
    F in a n c ia lly s t a b le • In d u s tr y in fo r m a tio n s h a r in g
    C o m m u n ic a t io n T o o ls • M in im a l o p p o r t u n it ie s fo r c o r r e la t io n u n le s s a ll d a t a
    S e c u r it y c le a r a n c e S L A s a n d fa ilo v e r c a p a b ilit y • E n a b le s o r g a n iz a t io n s t o fo c u s o n c o r e t a s k s
    R e fe r e n c e s C a s e m a n a g e m e n t s o lu t io n a re se n t to th e M SSP
    E x it s tr a te g y • B r e a k s d o w n b a r r ie r s in o r g a n iz a t io n s w h e r e s ilo s e x is t
    In fo r m a tio n s h a r in g p o r ta l • O u t s o u r c e d t h r e a t in t e llig e n c e h a s a s h o r t life s p a n
    C e r tifi c a tio n s Getting C-Level Support to Ensure a High-Impact SOC Rollout • E n a b le s 2 4 x 7 x 3 6 5 r e q u ir e m e n t
    Secu re ch a t • N o in c e n t iv e t o h e lp im p r o v e y o u r o p e r a t io n s
    A d e q u a t e ly S t a ffe d http://www.sans.org/u/nnD • P r o v id e s S L A s o n h o w s e r v ic e w ill b e p r o v id e d
    • L im it e d a b ilit y t o s t o r e d a t a
    S ta ffi n g m e m b e r r a tio s By John Pescatore • W e ll- d e fi n e d r u n b o o k

    You might also like