Author Archives: Rafeeq Rehman

About Rafeeq Rehman

Consultant, Author, Researcher.

Verizon White Paper: CISO’s Guide to Cloud Security

Verizon security recently published a white paper titled “CISO’s Guide to Cloud Security: What to know and what to ask before you buy” that points out five steps to help decision making on purchasing Cloud products and services. For each step, the white paper also provides recommendations to consider. This is a summary of this white paper. Continue reading

Posted in InfoSec | Tagged , , | Comments Off on Verizon White Paper: CISO’s Guide to Cloud Security

CISO MindMap 2019: What Do InfoSec Professionals Really Do?

Just like other areas of information technology, information security landscape continues to change at a fast pace. The updated CISO MindMap for 2019 covers important changes in the security landscape. In some bright areas, technologies using machine learning (ML) to … Continue reading

Posted in InfoSec | Tagged , , | Comments Off on CISO MindMap 2019: What Do InfoSec Professionals Really Do?

Book: Cybersecurity Arm Wrestling – Chapters 1-3

Winning the perpetual fight against crime by building a modern Security Operations Center I am happy to announce that first three chapters of my book “Cybersecurity Arm Wrestling: Winning the perpetual fight against crime by building a modern Security Operations … Continue reading

Posted in SOC | Tagged , , | Comments Off on Book: Cybersecurity Arm Wrestling – Chapters 1-3

Major Security Risks and Mitigation Strategies for 2019

Many security vendors are published their threat reports and making recommendations to CISOs and other leaders for better protection of security assets. After reading many of these reports, following is a summary of major risks identified by these reports and … Continue reading

Posted in InfoSec | Comments Off on Major Security Risks and Mitigation Strategies for 2019

SOC Book: Chapter 1 Available for Download

Just published first chapter draft of the my latest book: “CyberSecurity Arm Wrestling: Winning the perpetual fight against crime by building a modernSecurity Operations Center“. This chapter is available for immediate download by clicking here. The chapter covers the following … Continue reading

Posted in InfoSec, SOC | Tagged , | Comments Off on SOC Book: Chapter 1 Available for Download

Security of Connected Vehicles Part II: Reference Material

Following is the list of reference material for my presentation on connected vehicles to the ISSA Infosec Summit on May 23rd. McKinsey & Company – Shifting gears in cyber security for connected vehicles NXP:  Automotive Gateway: A Key Component to Securing the Connected … Continue reading

Posted in Leadership | Comments Off on Security of Connected Vehicles Part II: Reference Material

Security of Connected Vehicles – Part I

While there could be many definitions of what a connected vehicle is, following is how Wikipedia defines a “connected car”. “A connected caris a carthat is equipped with Internet access, and usually also with a wireless local area network. This allows the carto … Continue reading

Posted in Leadership | Comments Off on Security of Connected Vehicles – Part I

Scalable Log Collection as Foundation of SOC

Logs provide a wealth of information and that is one of the reasons that almost all security standards and frameworks (NIST, ISO, PCI, and others) emphasize on collection, storage, and analysis of log data as one of the key aspects … Continue reading

Posted in InfoSec, SOC | Tagged , , , | Comments Off on Scalable Log Collection as Foundation of SOC