Category Archives: Leadership

Book “Cybersecurity Arm Wrestling” Published.

My latest book “Cybersecurity Arm Wrestling: Winning the perpetual fight against crime by building a modern Security Operations Center (SOC)” is published and available on amazon.com worldwide. This is a relatively short book with 11 chapters, three sections and about … Continue reading →

Posted in Leadership | Tagged Book, ciso, CISO Book, cybersecurity | Comments Off

Final Draft of Book – Cybersecurity Arm Wrestling

The final draft of “Cybersecurity Arm Wrestling – Winning the perpetual fight against crime by building a modern Security Operations Center (SOC)” book is complete and is available for download and your comments. The book consists of ten chapters as … Continue reading →

Posted in Leadership | Comments Off

Setting up Computer Security Incident Response Team (CSIRT)

Once SOC analysts declare an event as a security incident, the CSIRT takes the ownership of the incident, take necessary actions and close it. The objective of CSIRT is to execute workflow for responding to the incidents once it is … Continue reading →

Posted in Leadership | Comments Off

Run Away from People with Defeatist Attitude

While negativity usually becomes very toxic for any team fairly quickly, defeatist attitude is probably the worst. Defeatists give up even before trying and urge others to do the same. They fear change. “A defeatist is the opposite of an … Continue reading →

Posted in Leadership | Tagged leadership, workshop | Comments Off

CISO Tools to Build (or Tweak) a Cybersecurity Roadmap, Create Business Case and Request Funding

I am not telling you anything new when I say that an essential part of a CISO’s job is to build a Cybersecurity program, communicate it to stakeholders, and continuously tweak it based upon continuously changing threat landscape. Job of … Continue reading →

Posted in InfoSec, Leadership | Tagged awareness program, business case, CISO MindMap, cybersecurity, information framework, information security programs, information security roadmap, information security strategy | Comments Off

A 3-3-4-5 Model for CISO Strategy

Many CISOs and Infosec leaders I meet face continuous challenge to communicate their strategy that is simple and others in their organization can understand and relate to. I have created a simple model for CISOs to explain it on a single page and have found it to be an effective tool. Continue reading →

Posted in InfoSec, Leadership | Tagged ciso, model, strategy | Comments Off

A Threat Modeling Process to Improve Resiliency of Cybersecurity Program

Many organizations with mature Cybersecurity program have implemented controls to safeguard their digital assets. However, controls can give a false sense of security as many times mere existence of a control does not mean that it is (a) adequate and/or (b) effective. Protecting crown jewels requires continuous monitoring and evaluating controls. This article describes a 5-step threat modeling process to improve resiliency of your program, identify gaps and close these gaps. Continue reading →

Posted in Digital Transformation, InfoSec, Leadership | Tagged cybersecurity, threat modeling | Comments Off

Security of Connected Vehicles Part II: Reference Material

Following is the list of reference material for my presentation on connected vehicles to the ISSA Infosec Summit on May 23rd. McKinsey & Company – Shifting gears in cyber security for connected vehicles NXP: Automotive Gateway: A Key Component to Securing the Connected … Continue reading →

Posted in Leadership | Comments Off

Security of Connected Vehicles – Part I

While there could be many definitions of what a connected vehicle is, following is how Wikipedia defines a “connected car”. “A connected caris a carthat is equipped with Internet access, and usually also with a wireless local area network. This allows the carto … Continue reading →

Posted in Leadership | Comments Off

CISO MindMap 2018 – What Do InfoSec Professionals Really Do?

Like last year, ransomware continues to be a major issue for many organizations. One of the best things any organization can do to itself is to prepare for dealing with ransomware incidents. While ransomware is morphing into crypto currency mining … Continue reading →

Posted in InfoSec, Leadership, SOC | Tagged blockchaiin, ciso, framework, infosec, MindMap, ransomware | Comments Off

Rafeeq Rehman – Personal Blog

Information Security | Entrepreneurship | Digital Enterprises

Category Archives: Leadership

Book “Cybersecurity Arm Wrestling” Published.

Like this:

Final Draft of Book – Cybersecurity Arm Wrestling

Like this:

Setting up Computer Security Incident Response Team (CSIRT)

Like this:

Run Away from People with Defeatist Attitude

Like this:

CISO Tools to Build (or Tweak) a Cybersecurity Roadmap, Create Business Case and Request Funding

Like this:

A 3-3-4-5 Model for CISO Strategy

Like this:

A Threat Modeling Process to Improve Resiliency of Cybersecurity Program

Like this:

Security of Connected Vehicles Part II: Reference Material

Like this:

Security of Connected Vehicles – Part I

Like this:

CISO MindMap 2018 – What Do InfoSec Professionals Really Do?

Like this:

Subscribe to Blog via Email

Follow me on Twitter

Recent Posts

Top Posts & Pages

Category Archives: Leadership

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Subscribe to Blog via Email

Follow me on Twitter

Recent Posts

Top Posts & Pages