Author Archives: Rafeeq Rehman

About Rafeeq Rehman

Consultant, Author, Researcher.

What is a Next Generation SOC and does it Cost More?

Historically Security Operations Centers (SOC) have been a combination of people, processes, and technology designed to protect information systems, detect and respond to incidents to minimize damage. Many times SOC were built to meet fundamental needs for log collection and … Continue reading

Posted in InfoSec, SOC | Tagged , , , , , , , | Comments Off on What is a Next Generation SOC and does it Cost More?

The Case for a SOC Conference

With digital economy taking a foothold, the CISO’s work is just getting more complex as new technologies are adopted by businesses, strict privacy laws are enacted globally, and attack surface is expanding by each day. Networks are no longer confined to data centers or corporate offices, and older ideas of managing security operations are obsolete. Continue reading

Posted in InfoSec, SOC | Tagged , , , , , , , , , , | Comments Off on The Case for a SOC Conference

CISO MindMap 2020: Summary of Recommendations for Updating Security Programs

Cybersecurity is a complicated business. Many people outside this profession don’t fully realize and appreciate the complexities of the job. CISO MindMap is an effort to educate public about Cybersecurity professionals’ job responsibilities. The MindMap also enables Cybersecurity professionals design … Continue reading

Posted in InfoSec | Tagged , , , , , , | Comments Off on CISO MindMap 2020: Summary of Recommendations for Updating Security Programs

CISO MindMap 2020: What do InfoSec professionals really do?

Most people outside Cybersecurity profession don’t fully realize and appreciate the complexity of security professionals’ job. I have been publishing and updating this MindMap for many years, not only as an effective educational tool but also enable professionals use this … Continue reading

Posted in InfoSec | Tagged , , , , , | Comments Off on CISO MindMap 2020: What do InfoSec professionals really do?

Run Away from People with Defeatist Attitude

While negativity usually becomes very toxic for any team fairly quickly, defeatist attitude is probably the worst. Defeatists give up even before trying and urge others to do the same. They fear change. “A defeatist is the opposite of an … Continue reading

Posted in Leadership | Tagged , | Comments Off on Run Away from People with Defeatist Attitude

CISO Tools to Build (or Tweak) a Cybersecurity Roadmap, Create Business Case and Request Funding

I am not telling you anything new when I say that an essential part of a CISO’s job is to build a Cybersecurity program, communicate it to stakeholders, and continuously tweak it based upon continuously changing threat landscape. Job of … Continue reading

Posted in InfoSec, Leadership | Tagged , , , , , , , | Comments Off on CISO Tools to Build (or Tweak) a Cybersecurity Roadmap, Create Business Case and Request Funding

A 3-3-4-5 Model for CISO Strategy

Many CISOs and Infosec leaders I meet face continuous challenge to communicate their strategy that is simple and others in their organization can understand and relate to. I have created a simple model for CISOs to explain it on a single page and have found it to be an effective tool. Continue reading

Posted in InfoSec, Leadership | Tagged , , | Comments Off on A 3-3-4-5 Model for CISO Strategy