Category Archives: Leadership

A 3-3-4-5 Model for CISO Strategy

Many CISOs and Infosec leaders I meet face continuous challenge to communicate their strategy that is simple and others in their organization can understand and relate to. I have created a simple model for CISOs to explain it on a single page and have found it to be an effective tool. Continue reading →

Posted in InfoSec, Leadership | Tagged ciso, model, strategy | Comments Off

A Threat Modeling Process to Improve Resiliency of Cybersecurity Program

Many organizations with mature Cybersecurity program have implemented controls to safeguard their digital assets. However, controls can give a false sense of security as many times mere existence of a control does not mean that it is (a) adequate and/or (b) effective. Protecting crown jewels requires continuous monitoring and evaluating controls. This article describes a 5-step threat modeling process to improve resiliency of your program, identify gaps and close these gaps. Continue reading →

View post to subscribe to site newsletter.

Posted in Digital Transformation, InfoSec, Leadership | Tagged cybersecurity, threat modeling | Comments Off

Security of Connected Vehicles Part II: Reference Material

Following is the list of reference material for my presentation on connected vehicles to the ISSA Infosec Summit on May 23rd. McKinsey & Company – Shifting gears in cyber security for connected vehicles NXP: Automotive Gateway: A Key Component to Securing the Connected … Continue reading →

Posted in Leadership | Comments Off

Security of Connected Vehicles – Part I

While there could be many definitions of what a connected vehicle is, following is how Wikipedia defines a “connected car”. “A connected caris a carthat is equipped with Internet access, and usually also with a wireless local area network. This allows the carto … Continue reading →

Posted in Leadership | Comments Off

CISO MindMap 2018 – What Do InfoSec Professionals Really Do?

Like last year, ransomware continues to be a major issue for many organizations. One of the best things any organization can do to itself is to prepare for dealing with ransomware incidents. While ransomware is morphing into crypto currency mining … Continue reading →

Posted in cisomindmap, InfoSec, Leadership, SOC | Tagged blockchaiin, ciso, framework, infosec, MindMap, ransomware | Comments Off

Information Security Leaders Handbook

Few years ago, I wrote Information Security Leaders Handbook but it was not listed as a download on this blog. With this post, I would like to put it here and also check the level of interest from InfoSec community … Continue reading →

Posted in InfoSec, Leadership | Tagged ciso, cybersecurity, decision making, MindMap, ROSI | Comments Off

CISO MindMap 2017 – What Do InfoSec Professional Really Do?

Note: An updated version of CISO MindMap (2018) is published here While Ransomware may be the talk of the town these days, many other profound changes are happening in the industry that impact job of information security professionals. Keeping in … Continue reading →

Posted in cisomindmap, InfoSec, IoT, Leadership | Tagged ciso, cybersecurity, infosec, mind map, MindMap | Comments Off

Aligning Business Goals with InfoSec Strategy

How do you align yourself with the business you are supporting? What value are you creating? These are the questions that every CISO should be thinking on regular basis. In a typical organization, the CEO has a list of business … Continue reading →

Posted in InfoSec, Leadership | Tagged business, infosec, leadership | Comments Off

Three Fundamental Questions for Strategic Decision Making

How to pick the right projects for the next year or the next thing to work on? Recently, this was the major point of discussion in the planning meeting of a non-profit organization. Irrespective of for-profit or non-profit status, all … Continue reading →

Posted in Digital Transformation, Entrepreneurship, Leadership | Tagged decision making, goal setting, strategy | Comments Off

Customer Experience: The Missing Pillar of Information Security Programs

Few days back, an information security executive asked for help. He has been struggling with demonstrating “tangible business value” of his information security program. We started our dialog about the company business, revenue sources, key issues, competitors and how he … Continue reading →

Posted in Digital Transformation, InfoSec, Leadership | Tagged business, customer experience, digital transformation, ecommerce, innovation, strategy | Comments Off

Rafeeq Rehman | Cyber Security | Board Advisory

Rafeeq Rehman – Personal Blog

Category Archives: Leadership

A 3-3-4-5 Model for CISO Strategy

Like this:

A Threat Modeling Process to Improve Resiliency of Cybersecurity Program

Like this:

Security of Connected Vehicles Part II: Reference Material

Like this:

Security of Connected Vehicles – Part I

Like this:

CISO MindMap 2018 – What Do InfoSec Professionals Really Do?

Like this:

Information Security Leaders Handbook

Like this:

CISO MindMap 2017 – What Do InfoSec Professional Really Do?

Like this:

Aligning Business Goals with InfoSec Strategy

Like this:

Three Fundamental Questions for Strategic Decision Making

Like this:

Customer Experience: The Missing Pillar of Information Security Programs

Like this:

Subscribe to Blog via Email

Recent Posts

Top Posts & Pages

Subscribe to Blog via Email

Recent Posts

Category Archives: Leadership

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Subscribe to Blog via Email

Recent Posts

Top Posts & Pages

Subscribe to Blog via Email

Recent Posts