Category Archives: InfoSec

PDF Version of Book: Cybersecurity Arm Wrestling available for download

The PDF version of my latest book “Cybersecurity Arm Wrestling – Winning the perpetual fight against crime by building a modern Security Operations Center (SOC)” is now available for download. You can share this link, print it, and use it … Continue reading

View post to subscribe to site newsletter.

Posted in Education, InfoSec, SOC | Tagged , , | Comments Off on PDF Version of Book: Cybersecurity Arm Wrestling available for download

Perspectives on Information Security Architecture

There are few things that every architect should do but most forget. As you know, there is no shortage of technology architecture frameworks and standards. You may have come across TOGAF for enterprise architecture and SABSA (Sherwood Applied Business Security … Continue reading

Posted in InfoSec | Tagged , | Comments Off on Perspectives on Information Security Architecture

Six Essential Ingredients for Building a Successful Security Operations Center (SOC)

Over years of my professional work and research, I found six ingredients absolutely necessary for success of any SOC, big or small. When you combine these ingredients with continuous improvement activities, you will get excellent business results. On the other … Continue reading

View post to subscribe to site newsletter.

Posted in InfoSec, SOC | Tagged , , , | Comments Off on Six Essential Ingredients for Building a Successful Security Operations Center (SOC)

Achieving Excellence in SOC Operations and Incident Response

Draft of Chapter 7 of my book “Cybersecurity Arm Wrestling – Winning the perpetual fight against crime by building a modern Security Operations Center” is complete and available for download. This chapter is about “Operate” part of the “Plan-Design-Build-Operate” strategy and … Continue reading

View post to subscribe to site newsletter.

Posted in InfoSec, SOC | Tagged , , , | Comments Off on Achieving Excellence in SOC Operations and Incident Response

What is a Next Generation SOC and does it Cost More?

Historically Security Operations Centers (SOC) have been a combination of people, processes, and technology designed to protect information systems, detect and respond to incidents to minimize damage. Many times SOC were built to meet fundamental needs for log collection and … Continue reading

Posted in InfoSec, SOC | Tagged , , , , , , , | Comments Off on What is a Next Generation SOC and does it Cost More?

The Case for a SOC Conference

With digital economy taking a foothold, the CISO’s work is just getting more complex as new technologies are adopted by businesses, strict privacy laws are enacted globally, and attack surface is expanding by each day. Networks are no longer confined to data centers or corporate offices, and older ideas of managing security operations are obsolete. Continue reading

Posted in InfoSec, SOC | Tagged , , , , , , , , , , | Comments Off on The Case for a SOC Conference

CISO Tools to Build (or Tweak) a Cybersecurity Roadmap, Create Business Case and Request Funding

I am not telling you anything new when I say that an essential part of a CISO’s job is to build a Cybersecurity program, communicate it to stakeholders, and continuously tweak it based upon continuously changing threat landscape. Job of … Continue reading

Posted in InfoSec, Leadership | Tagged , , , , , , , | Comments Off on CISO Tools to Build (or Tweak) a Cybersecurity Roadmap, Create Business Case and Request Funding

A 3-3-4-5 Model for CISO Strategy

Many CISOs and Infosec leaders I meet face continuous challenge to communicate their strategy that is simple and others in their organization can understand and relate to. I have created a simple model for CISOs to explain it on a single page and have found it to be an effective tool. Continue reading

Posted in InfoSec, Leadership | Tagged , , | Comments Off on A 3-3-4-5 Model for CISO Strategy