Author Archives: Rafeeq Rehman

About Rafeeq Rehman

Consultant, Author, Researcher.

CISO MindMap 2025: What do InfoSec Professionals Really Do?

Many individuals outside the realm of cybersecurity often underestimate the intricacies involved in a security professional’s role. Since its inception in 2012, the CISO MindMap has served as a valuable educational resource, offering insights into CISO responsibilities and aiding security professionals in crafting and enhancing their security programs. Continuously adapting to reflect the evolving landscape of cybersecurity, the CISO MindMap has been updated to accommodate the latest developments in the field. Here is the most recent iteration of the CISO MindMap for 2025, featuring numerous enhancements and fresh recommendations for the next 12-18 months covering the year 2025-26. Continue reading

Posted in cisomindmap | Tagged , , , | Comments Off on CISO MindMap 2025: What do InfoSec Professionals Really Do?

How to Use GenAI in Cybersecurity Operations

When GenAI can be used in Cybersecurity programs today and using the tools that are already available? This brief article is to explore some use cases that create immediate value for any Cybersecurity program, small or large. Continue reading

Posted in AI | Tagged , , , | Comments Off on How to Use GenAI in Cybersecurity Operations

GenAI Risk Categories

Let us make it simple: All GenAI risks can be grouped into three high level risk categories (as explained win this document). These three buckets will help better understand GenAI risks and to apply strategy recommendations Continue reading

Posted in AI, Risk Management | Tagged | Comments Off on GenAI Risk Categories

Ten Best Practices for Cybersecurity Risk Management

Cybersecurity risk management is a critical process for organizations aiming to safeguard their assets, systems, and data from potential threats. Effective risk management involves the following ten best practices. Continue reading

Posted in cisomindmap, InfoSec | Tagged , | Comments Off on Ten Best Practices for Cybersecurity Risk Management

Run LLM Models on Macbook – Part II

This is a continuation of my previous blog post on running open source models locally. In this blog we add Open WebUI as a web interface to provide the end user similar experience as ChatGPT. Continue reading

Posted in AI | Tagged , , , | Comments Off on Run LLM Models on Macbook – Part II

Post-Quantum Cryptography Resources

This blog post provides essential resources for security professionals and software developers looking to secure data in the post-quantum era. It highlights key organizations such as NIST, the Linux Foundation, and the Post-Quantum Cryptography Alliance, which are leading efforts in quantum-resistant cryptography. Additionally, it introduces open-source libraries that facilitate the implementation of quantum-safe encryption algorithms, offering practical tools for integrating cutting-edge security measures into your systems. Continue reading

Posted in AI, InfoSec, Quantum | Comments Off on Post-Quantum Cryptography Resources

Run LLM Models on a Macbook

As the use of GenAI models becomes increasingly prevalent, it’s crucial for organizations to ensure the security and ownership of their intellectual property. One way to achieve this is by running open-source GenAI models locally on your own infrastructure. Why … Continue reading

Posted in AI | Comments Off on Run LLM Models on a Macbook

Navigating the Landscape of Risk Management Frameworks

In the realm of information security, the quest to effectively manage risk is paramount. However, amidst the myriad of frameworks available, distinguishing between those explicitly designed for risk management and those that serve as broader guidelines can be a daunting … Continue reading

Posted in Risk Management | Tagged , , , | Comments Off on Navigating the Landscape of Risk Management Frameworks

CISO MindMap 2024: What do InfoSec Professionals Really Do?

Many individuals outside the realm of cybersecurity often underestimate the intricacies involved in a security professional’s role. Since its inception in 2012, the CISO MindMap has served as a valuable educational resource, offering insights into CISO responsibilities and aiding security … Continue reading

Posted in cisomindmap | Tagged , , , , , | Comments Off on CISO MindMap 2024: What do InfoSec Professionals Really Do?

Building Generative AI (GenAI) Applications

Four key considerations for business executives Harnessing the potential of Generative AI (GenAI) to create user applications that drive business value may appear daunting, yet it doesn’t need to be. With the GenAI field advancing swiftly and offering a plethora … Continue reading

Posted in AI, Leadership | Tagged , , | Comments Off on Building Generative AI (GenAI) Applications