Category Archives: InfoSec

CISO MindMap 2026: What do InfoSec Professionals Really Do?

The job of a Chief Information Security Officer (CISO) is complex. Many individuals outside the realm of cybersecurity often underestimate the intricacies involved in a security professional’s role. Since its inception in 2012, the CISO MindMap has served as a valuable educational resource, offering insights into CISO responsibilities and aiding security professionals in crafting and enhancing their security programs. Continuously adapting to reflect the evolving landscape of cybersecurity, the CISO MindMap has been updated to accommodate the latest developments in the field. Here is the most recent iteration of the CISO MindMap for 2026, featuring numerous enhancements and recommendations for the next 12-18 months covering the year 2026-27.
Continue reading →

Posted in InfoSec, Leadership | Tagged ciso, CISO MindMap, cybersecurity, infosec, leadership, MindMap, Security, SOC | Comments Off

Ten Best Practices for Cybersecurity Risk Management

Cybersecurity risk management is a critical process for organizations aiming to safeguard their assets, systems, and data from potential threats. Effective risk management involves the following ten best practices. Continue reading →

Posted in cisomindmap, InfoSec | Tagged infosec, risk management | Comments Off

Post-Quantum Cryptography Resources

This blog post provides essential resources for security professionals and software developers looking to secure data in the post-quantum era. It highlights key organizations such as NIST, the Linux Foundation, and the Post-Quantum Cryptography Alliance, which are leading efforts in quantum-resistant cryptography. Additionally, it introduces open-source libraries that facilitate the implementation of quantum-safe encryption algorithms, offering practical tools for integrating cutting-edge security measures into your systems. Continue reading →

Posted in AI, InfoSec, Quantum | Comments Off

Security Hygiene

While responsibilities of leaders in information security are very extensive as shown in the CISO MindMap, following are seven foundational and “must-have” capabilities that every information security program should have. If any of these capabilities is missing, the first priority … Continue reading →

Posted in InfoSec | Tagged ciso, information security programs, leadership, SOC, strategy | Comments Off

No-Hype Use of LLMs in Cybersecurity

Three use cases of Large Language Models (LLMs) to save time and immediately enhance productivity While there is tremendous hype around LLMs, many people in Cybersecurity are still struggling to put news tools like ChatGPT and Google Bard to practice. … Continue reading →

Posted in AI, InfoSec, Leadership, SOC | Tagged ciso, cybersecurity, infosec, LLM, SIEM, SOC | Comments Off

A New CISO’s TODO List

When a CISO joins a new organization, it is important to start with basics. Following is a TODO list for every new CISO. Subscribe to Blog

Posted in InfoSec, Leadership | Tagged ciso | Comments Off

Risk Assessment – Qualitative, Quantitative and Scoring

Information security community has been performing risk assessment for as long as the profession existed. The risk assessment is typically classified as qualitative (e.g. Critical, High, Medium, Low) or quantitative (a dollar amount). Risk scoring is a relatively new phenomenon … Continue reading →

Posted in InfoSec | Tagged cybersecurity, risk management, strategy | Comments Off

Software Bill of Material and Vulnerability Management Blind Spots

Open source software is everywhere (which is not a bad thing in itself). However, many buyers don’t have inventory of open source components included in software products they are buying. Business even fail in keeping tack of open source components … Continue reading →

Posted in InfoSec, Open Source | Tagged Open Source, vulnerability | Comments Off

Podcast: CISO MindMap and Recommendations for 2022-23

Recently we recorded a podcast with CISO Tradecraft focusing on CISO MindMap 2022 and recommendations for 2022-23. As a reference the latest CISO MindMap is available here and detailed recommendations page is also available here. You can listen to the … Continue reading →

Posted in InfoSec, Leadership, SOC | Tagged cybersecurity, infosec, MindMap, Security, SOC | Comments Off

Essential Business Knowledge for InfoSec Professionals

June 18, 2022 – By Rafeeq Rehman The role of InfoSec professionals has morphed into a critical business function. One should expect getting involved in “business” discussion often, and at increasing higher levels of business structure up to board of … Continue reading →

Posted in InfoSec, Leadership | Tagged business, leadership, skills | Comments Off

Rafeeq Rehman | Cyber Security | Board Advisory

Rafeeq Rehman – Personal Blog

Category Archives: InfoSec

CISO MindMap 2026: What do InfoSec Professionals Really Do?

Like this:

Ten Best Practices for Cybersecurity Risk Management

Like this:

Post-Quantum Cryptography Resources

Like this:

Security Hygiene

Like this:

No-Hype Use of LLMs in Cybersecurity

Like this:

A New CISO’s TODO List

Like this:

Risk Assessment – Qualitative, Quantitative and Scoring

Like this:

Software Bill of Material and Vulnerability Management Blind Spots

Like this:

Podcast: CISO MindMap and Recommendations for 2022-23

Like this:

Essential Business Knowledge for InfoSec Professionals

Like this:

Subscribe to Blog via Email

Recent Posts

Top Posts & Pages

Subscribe to Blog via Email

Recent Posts

Category Archives: InfoSec

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Subscribe to Blog via Email

Recent Posts

Top Posts & Pages

Subscribe to Blog via Email

Recent Posts