About Rafeeq Rehman
Consultant, Author, Researcher.
The final draft of “Cybersecurity Arm Wrestling – Winning the perpetual fight against crime by building a modern Security Operations Center (SOC)” book is complete and is available for download and your comments. The book consists of ten chapters as … Continue reading →
View post to subscribe to site newsletter.
Like this:
Like Loading...
Over years of my professional work and research, I found six ingredients absolutely necessary for success of any SOC, big or small. When you combine these ingredients with continuous improvement activities, you will get excellent business results. On the other … Continue reading →
View post to subscribe to site newsletter.
Like this:
Like Loading...
Draft of Chapter 7 of my book “Cybersecurity Arm Wrestling – Winning the perpetual fight against crime by building a modern Security Operations Center” is complete and available for download. This chapter is about “Operate” part of the “Plan-Design-Build-Operate” strategy and … Continue reading →
View post to subscribe to site newsletter.
Like this:
Like Loading...
Historically Security Operations Centers (SOC) have been a combination of people, processes, and technology designed to protect information systems, detect and respond to incidents to minimize damage. Many times SOC were built to meet fundamental needs for log collection and … Continue reading →
Like this:
Like Loading...
Once SOC analysts declare an event as a security incident, the CSIRT takes the ownership of the incident, take necessary actions and close it. The objective of CSIRT is to execute workflow for responding to the incidents once it is … Continue reading →
View post to subscribe to site newsletter.
Like this:
Like Loading...
With digital economy taking a foothold, the CISO’s work is just getting more complex as new technologies are adopted by businesses, strict privacy laws are enacted globally, and attack surface is expanding by each day. Networks are no longer confined to data centers or corporate offices, and older ideas of managing security operations are obsolete. Continue reading →
Like this:
Like Loading...
Posted in InfoSec, SOC
|
Tagged API, automation, cloud, containers, DFIR, forensic, IoT, Open Source, serverless, SOC, SOC conference
|
No matter the size of your InfoSec budget, it is prudent to take a more critical look at security programs and find ways of ways for program management. So where should a CISO be paying attention to find waste and … Continue reading →
Like this:
Like Loading...
SOC staff is dealing with threats and investigations on regular basis every day. In many cases these threats are repetitive. Dealing with continuous onslaught of Cyber threats makes SOC staff stressed. Stress and burnout are real problem. What is stress? … Continue reading →
Like this:
Like Loading...
Posted in InfoSec
|
Tagged ciso, SOC
|
Cybersecurity is a complicated business. Many people outside this profession don’t fully realize and appreciate the complexities of the job. CISO MindMap is an effort to educate public about Cybersecurity professionals’ job responsibilities. The MindMap also enables Cybersecurity professionals design … Continue reading →
Like this:
Like Loading...
Please note that an updated 2021 version of MindMap is available at https://rafeeqrehman.com/2021/07/11/ciso-mindmap-2021-what-do-infosec-professionals-really-do/ Most people outside Cybersecurity profession don’t fully realize and appreciate the complexity of security professionals’ job. I have been publishing and updating this MindMap for many years, … Continue reading →
Like this:
Like Loading...