About Rafeeq Rehman
Consultant, Author, Researcher.
What is a Third Party Third parties generally refer to external entities with whom you enter into contractual agreements to deliver products or services. These external partners may offer essential services to support your business operations or extend services to … Continue reading →
Like this:
Like Loading...
Three use cases of Large Language Models (LLMs) to save time and immediately enhance productivity While there is tremendous hype around LLMs, many people in Cybersecurity are still struggling to put news tools like ChatGPT and Google Bard to practice. … Continue reading →
Like this:
Like Loading...
When a CISO joins a new organization, it is important to start with basics. Following is a TODO list for every new CISO. Subscribe to Blog
Like this:
Like Loading...
Posted in InfoSec, Leadership
|
Tagged ciso
|
As shown in CISO MindMap 2023, job of security professionals is complex and Security Operations Center (SOC) is a significant part of this job. SOC analysts are stressed out by overwhelming number of incidents and dealing with these incidents in a timely … Continue reading →
Like this:
Like Loading...
This post is an updated version of six fundamental principles that always fill my professional and personal life with joy, pleasure and satisfaction. So here they are! Subscribe to Blog Recent Posts
Like this:
Like Loading...
NOTE: A new version of CISO MindMap has been published and is available at this link. Most people outside the Cybersecurity profession don’t fully realize and appreciate the complexity of a security professional’s job. Since 2012, CISO MindMap has been … Continue reading →
Like this:
Like Loading...
In a previous blog post, I discussed qualitative, quantitative, and scoring methods of risk assessment. Irrespective of which method we use, estimating “control strength” is an important part of calculating overall risk (especially in qualitative and quantitative methods). To improve … Continue reading →
Like this:
Like Loading...
Information security community has been performing risk assessment for as long as the profession existed. The risk assessment is typically classified as qualitative (e.g. Critical, High, Medium, Low) or quantitative (a dollar amount). Risk scoring is a relatively new phenomenon … Continue reading →
View post to subscribe to site newsletter.
Like this:
Like Loading...
While there is a huge list of CISO responsibilities as we discussed in CISO Mindmap, keeping oneself focused on value creation and security program improvements is not easy. The following four questions will help improve efficiency of the program by … Continue reading →
Like this:
Like Loading...
Open source software is everywhere (which is not a bad thing in itself). However, many buyers don’t have inventory of open source components included in software products they are buying. Business even fail in keeping tack of open source components … Continue reading →
Like this:
Like Loading...