Cybersecurity Landscape

Secure Application
Data Protection Network Design Development

CASS
Cloud Security

Security Architecture Secure System

Federated Identity build
Access Control

Security Cryptography
Identity Management IS
Engineering

NIST
Privileged Access Identity and Access
Management Management

Certifications

Training Conferences

Career Development
 Physical Security

4th Party Risk

Assets Inventory
Baseline
Configuration
Vulnerability Scan
3rd Party Risk
Social Engineering

Blue Team Applications

Risk Assessment
SO/IEC CoBIT

Penetration Tests Red Team Infrastructure

SANS/CSC

`Framework &
Standard Data Centric Risk Assessment Data Flow Map

Source Code Scan

Industry Specific
 DR

Peer Groups Self Study

Domain

BCP
Recovery

Detection User Education

Prevention Protection

SIEM Active Training (New Sk

Security Operations Defense
SOC
Awareness
Data
Incident (Reinforced)
Vulnerability Leakage
Response
Management

Breach Con
Notification Forensic

Containment Eradication
 Federal
ns Blackbox Whitebox
Laws and Regulations
State
Governance

Executive Management Involvement

Audit
Risk Informed Reports & Scorecards

Threat Intelligence
kills)
KPIs/KRIs

Policy
External Internal Compliance & Enforcement

Procedures
Guidelines
ntextual IOCs Intel Sharing
Standards