Author Archives: Rafeeq Rehman

About Rafeeq Rehman

Consultant, Author, Researcher.

Four Questions CISOs Should Ask Themselves Everyday

While there is a huge list of CISO responsibilities as we discussed in CISO Mindmap, keeping oneself focused on value creation and security program improvements is not easy. The following four questions will help improve efficiency of the program by … Continue reading

Posted in Entrepreneurship, Leadership | Tagged , | Comments Off on Four Questions CISOs Should Ask Themselves Everyday

Software Bill of Material and Vulnerability Management Blind Spots

Open source software is everywhere (which is not a bad thing in itself). However, many buyers don’t have inventory of open source components included in software products they are buying. Business even fail in keeping tack of open source components … Continue reading

Posted in InfoSec, Open Source | Tagged , | Comments Off on Software Bill of Material and Vulnerability Management Blind Spots

Podcast: CISO MindMap and Recommendations for 2022-23

Recently we recorded a podcast with CISO Tradecraft focusing on CISO MindMap 2022 and recommendations for 2022-23. As a reference the latest CISO MindMap is available here and detailed recommendations page is also available here. You can listen to the … Continue reading

Posted in InfoSec, Leadership, SOC | Tagged , , , , | Comments Off on Podcast: CISO MindMap and Recommendations for 2022-23

EBK-Cybersecurity: Understanding Stock Market Terminology

Basic Stock Market Terminology for CyberSecurity Professionals and Why Should They Care! June 26, 2022 – Rafeeq Rehman The role of InfoSec professionals has morphed into a critical business function. One should expect getting involved in “business” discussion often, and … Continue reading

Posted in EBK-Security | Tagged , , | Comments Off on EBK-Cybersecurity: Understanding Stock Market Terminology

Essential Business Knowledge for InfoSec Professionals

June 18, 2022 – By Rafeeq Rehman The role of InfoSec professionals has morphed into a critical business function. One should expect getting involved in “business” discussion often, and at increasing higher levels of business structure up to board of … Continue reading

Posted in InfoSec, Leadership | Tagged , , | Comments Off on Essential Business Knowledge for InfoSec Professionals

CISO MindMap 2022 – Recommendations

I have included six specific recommendations with the recent publication of CISO MindMap. This article is to further elaborate on these recommendations, why these matter, and what actions information security leaders can take. The objective of this article is to … Continue reading

View post to subscribe to site newsletter.

Posted in cisomindmap, InfoSec | Tagged , , , | Comments Off on CISO MindMap 2022 – Recommendations

CISO MindMap 2022: What do InfoSec Professionals really do?

NOTE: An updated version of CISO MindMap has been published here. Let me start with the quote from last year: Most people outside the Cybersecurity profession don’t fully realize and appreciate the complexity of a security professional’s job. Since 2012, … Continue reading

Posted in cisomindmap | Tagged , , , | Comments Off on CISO MindMap 2022: What do InfoSec Professionals really do?

Essential skills to start any career path in information security

Many career paths in information security are well-established and new ones are emerging. Although there are specific skills required for each career path, some skills are fundamental and essential for each of these career paths. These essential skills are listed … Continue reading

View post to subscribe to site newsletter.

Posted in Leadership | Comments Off on Essential skills to start any career path in information security

Why we need to redefine CIA triad of information security

Whether it is opening a firewall port, relaxing a permission on an S3 bucket, or mailing a confidential document to a private email address, people often try to circumvent information security controls with a “good intention of getting things done”. … Continue reading

View post to subscribe to site newsletter.

Posted in Leadership | Comments Off on Why we need to redefine CIA triad of information security

SIX MODELS FOR A SUCCESSFUL CAREER

Six fundamental models that always fill my personal and professional life with joy, pleasure and satisfaction Do the right thing, always – This is my first model of a joyful life, explained to me by a school senior friend. If … Continue reading

Posted in Leadership | Tagged , , , , | Comments Off on SIX MODELS FOR A SUCCESSFUL CAREER