Tag Archives: cybersecurity

Third Party Risk Management – Considerations for creating a program standard

What is a Third Party Third parties generally refer to external entities with whom you enter into contractual agreements to deliver products or services. These external partners may offer essential services to support your business operations or extend services to … Continue reading

Posted in Leadership | Tagged , , | Comments Off on Third Party Risk Management – Considerations for creating a program standard

No-Hype Use of LLMs in Cybersecurity

Three use cases of Large Language Models (LLMs) to save time and immediately enhance productivity While there is tremendous hype around LLMs, many people in Cybersecurity are still struggling to put news tools like ChatGPT and Google Bard to practice. … Continue reading

Posted in InfoSec, Leadership, SOC | Tagged , , , , , | Comments Off on No-Hype Use of LLMs in Cybersecurity

A Conference Dedicated to Security Operations Center (SOC)

As shown in CISO MindMap 2023, job of security professionals is complex and Security Operations Center (SOC) is a significant part of this job. SOC analysts are stressed out by overwhelming number of incidents and dealing with these incidents in a timely … Continue reading

Posted in SOC | Tagged , , , | Comments Off on A Conference Dedicated to Security Operations Center (SOC)

CISO MindMap 2023: What do InfoSec Professionals Really do?

Most people outside the Cybersecurity profession don’t fully realize and appreciate the complexity of a security professional’s job. Since 2012, CISO MindMap has been an effective educational tool to communicate CISO responsibilities and has enabled security professionals to design and … Continue reading

Posted in cisomindmap, Leadership | Tagged , , , , , , | Comments Off on CISO MindMap 2023: What do InfoSec Professionals Really do?

Risk Assessment – Qualitative, Quantitative and Scoring

Information security community has been performing risk assessment for as long as the profession existed. The risk assessment is  typically classified as qualitative (e.g. Critical, High, Medium, Low) or quantitative (a dollar amount). Risk scoring is a relatively new phenomenon … Continue reading

View post to subscribe to site newsletter.

Posted in InfoSec | Tagged , , | Comments Off on Risk Assessment – Qualitative, Quantitative and Scoring

Podcast: CISO MindMap and Recommendations for 2022-23

Recently we recorded a podcast with CISO Tradecraft focusing on CISO MindMap 2022 and recommendations for 2022-23. As a reference the latest CISO MindMap is available here and detailed recommendations page is also available here. You can listen to the … Continue reading

Posted in InfoSec, Leadership, SOC | Tagged , , , , | Comments Off on Podcast: CISO MindMap and Recommendations for 2022-23

EBK-Cybersecurity: Understanding Stock Market Terminology

Basic Stock Market Terminology for CyberSecurity Professionals and Why Should They Care! June 26, 2022 – Rafeeq Rehman The role of InfoSec professionals has morphed into a critical business function. One should expect getting involved in “business” discussion often, and … Continue reading

Posted in EBK-Security | Tagged , , | Comments Off on EBK-Cybersecurity: Understanding Stock Market Terminology

CISO MindMap 2022 – Recommendations

I have included six specific recommendations with the recent publication of CISO MindMap. This article is to further elaborate on these recommendations, why these matter, and what actions information security leaders can take. The objective of this article is to … Continue reading

View post to subscribe to site newsletter.

Posted in cisomindmap, InfoSec | Tagged , , , | Comments Off on CISO MindMap 2022 – Recommendations

CISO MindMap 2022: What do InfoSec Professionals really do?

NOTE: An updated version of CISO MindMap has been published here. Let me start with the quote from last year: Most people outside the Cybersecurity profession don’t fully realize and appreciate the complexity of a security professional’s job. Since 2012, … Continue reading

Posted in cisomindmap | Tagged , , , | Comments Off on CISO MindMap 2022: What do InfoSec Professionals really do?

PDF Version of Book: Cybersecurity Arm Wrestling available for download

The PDF version of my latest book “Cybersecurity Arm Wrestling – Winning the perpetual fight against crime by building a modern Security Operations Center (SOC)” is now available for download. You can share this link, print it, and use it … Continue reading

View post to subscribe to site newsletter.

Posted in Education, InfoSec, SOC | Tagged , , | Comments Off on PDF Version of Book: Cybersecurity Arm Wrestling available for download