Information security Strategy & Business Stakeholder On-Boarding & SOC Design - Outsourced /

Employee Behaviour Threat Management Incident Management

Governance Body Alignment Relationships termination MSSP / Co-Sourced
• Terms of Reference • Maturity assessments & • Alignment with corporate • Staff • Employee awareness / risk
Benchmarking strategy culture: • Knowledge transfer • Alerting from security tools • Participation of all stakeholders:
• Ensuring relevance of content • Business Partners / Clients
• Security strategy definition & • Updates: leadership & staff • Awareness & training • Resource commitments • Log analysis, correlation, SIEM • Exec Board
• Member engagement • Suppliers Netflow analysis
articulation • Conflict management • Phishing simulation tests • Metrics & KPIs • IT, HR, Legal, Comms /
• Security programme: • Supplier management • Open Source & commercial Marketing / Media Relations
Organisation Design • Innovation, value creation • Investigations & forensics threat feeds
• Tactical quick wins
Securing New Business • Clients / Customers, Suppliers
• Expectations management • Threat hunting: automated &
• Long term roadmap Initiatives • Incident process
• Operating model • Coordination with others: CSO, SOC Design - In-House manual
CRO, DPO, General Counsel • Identification of new initiatives • Runbooks for critical incident
• Roles & Responsibilities • DNS, Social Media & Dark Web types: ransomware &
• Org design • Engagement with new initiatives • Recruitment
Mergers & Acquisitions customer-facing breaches
• Team cohesion Metrics & Reporting Finance • Development, retention & promotion • Incident testing
SOC Operations
• Org change management • Risk management: before, • Knowledge retention • Crisis plan: cyber-attack
Business Continuity during & after acquisition
• Talent sourcing • Operational & Exec metrics • Business case & ROI • Team & shift management • SOC Procedures & Runbooks scenario
Planning • Integration of acquired targets • Continuous training
• Talent development: • Key Risk Indicators • Alignment with wider portfolio • Metrics & KPI reporting • Security Orchestration/SOAR
• Cyber apprenticeships • Validation of metric effectiveness • Security of BC Plans • Identity integration • Managed Detection &
• Budgeting & tracking • SOC / NOC / Svc Desk
• Team development • Cyber attack scenario planning • Technology integration integration Response / MDR
Vulnerability Management
• Succession planning • Partnerships with Info Sharing & • Integration with related plans
Securing The Business • Identification: Analysis Centres • Crisis plan
Strategy, Leadership & Governance
• Scoping & Asset discovery • DR exercises • Personal Data Breach plan
• Supplier liability & operational risk • Business Continuity Plan
Risk & Controls Security Platform • Forensics & 24x7 support
of scanning
Risk management Risk assessment, Operations
• Remediation:
framework treatment & acceptance
• Approach to fixing vulnerabilities • Platform lock-down, operations &
• Control frameworks: • Risk assessment plan • Verification monitoring
• COSO/SOX • Risk ownership & governance Stakeholder engagement Commercial & strategic focus • Metrics & baselines • Technology upgrades
• COBIT • Risk articulation & management Stakeholder communications Building Leading Collaboration & influencing
• ISO27000 review Security Operations
Conflict management Driving innovation
• NIST, FAIR, CIS • Risk acceptance processes Relationships Change
• Control assurance Simplify the complex Driving change
Continuous Network security Cloud security Data security
• Management risk & control Improvement:
reviews & reporting
• Internal & External Audit • Security health checks: Inspiring leadership • DDOS protection • SaaS Strategy: • Data & process mapping
• Testing Org design • Firewalls, IDS, IPS • Governance & compliance • Data analytics security
enforcement
• Tech risk landscape Leading Managing • Secure remote access • Encryption & masking:
CISO
Cyber Risk Insurance Team management Budgeting
• Remediation roadmaps • Proxy / Content Filtering • Cloud specific DR & BCP • PKI
Talent development
• Broker & underwriter engagement • Incident readiness assessments People Finance Business case • Secure Wireless Networks • Supplier risks • Encryption at rest
• Covered scenarios • IT Controls assessments Driving behavioural change • Network function virtualisation & • SLAs & performance mgt • Encryption in transit
• Limits & Self-insured retentions • Penetration tests Engaging comms SD WAN • Data ownership, liability, • Business partner access:
• Pre-Breach risk & control maturity • Threat detection capability incidents, privacy compliance • Access approval
assessments assessments • Security assurance • Access reviews
Resilience
BYOD Security
• Post Breach engagement • Prioritised remediation planning • Mgt of Shadow IT • Access removal
Flexibility & pragmatism • Cloud security controls:
Core Managing The Commercial negotiations
• Policy considerations:
• Cloud security architecture
• Identity federation & access
Legal & Compliance Focus on results • Commercial opportunities automation
Compliance Assurance E- Discovery & Legal Hold Initiative Behaviours Supply Chain Supplier management • Personal data privacy • Cloud identity / CASB • Data Loss Prevention:
• HR, financial & tax • Virtual Machine security • DLP & Data classification
Difficult decision making
• External assurance: ISAE3402 / • Preparation of data repositories • Data security • Virtualised security appliances policy
Cultural awareness / Cloud-to-Cloud integration • Data loss channels
SSAE18 / SOC1 / SOC2 for e-discovery • Policy enforcement
• Internal assurance: • Enforcement of Legal Hold • Monitoring/log integration • DLP enforcement
• Internal Management Review • Access to corp data from non- technologies
Internal Compliance Securing The Technology Innovation - Exploiting corp devices
• Internal Audit
Requirements Emerging Tech
Externally-imposed Infrastructure & Server Email security IOT / Operational
• Security policies & standards Identity & access • AI, ML & Robotics
Compliance Requirements OS security Technology security
• Project NFRs Securing The Supply Chain • Crypto currencies
• NIST / FISMA / HIPAA / HITECH • Publication & awareness • Service Continuity & Disaster • Anti-Spam control • IOT Risks:
Pre-Contract Due • Credential & password • Blockchain
• China CSL • Supply chain compliance Recovery management: • Phishing & impersonation • Connected office devices
Diligence • 5G protections
• PCI • Hardening • Password strength / • Connected medical devices
Data Retention & • Self-assessment • Drones • Email encryption
• Sarbanes Oxley • Patching complexity • At home
Destruction • Audits • VR & AR
• Data Protection Regulations • Anti-Malware & APT protection • Password self-service resets • Planes, trains & automobiles
• Independent assurance • Wearables Endpoint Security
• Government Certifications: • Data retention policies • Backups, replication, multiple • Multi-Factor Authentication • Industrial control systems,
sites • Autonomous vehicles
• Privacy Shield • Retention schedules • Starters, movers, leavers: • Hardening SCADA, PLCs, HMIs
• Cyber Essentials + • Enforcement within business • HIPS • Account creation & approvals • IOT Security:
• Patching / software updates
functions • Security monitoring • Account reviews Physical security • IOT Frameworks
Contracts • Anti-Malware
• Account removal • HIPS / EDR • Vulnerability mgt
Securing New Initiatives • New contracts • HR process integration • Landlord services • Security monitoring / UBA • Comms protocols
Application security
Integrating Security & Risk Security Testing & • Contract renewals • Single sign-On • Physical access control & • Encryption • Device authentication &
in SDLC / PMO Assurance • IAM SaaS solutions monitoring integrity
• Data access governance: • PIN / password enforcement
• IAM Data Analytics • Intrusion detection & response • Network segregation
• Waterfall, Agile & DevOps • Code reviews Reviews & Assurance • Information ownership & • Apps inventory & deployment
• Identity repository & federation • Theft prevention control • Device protection
• App vulnerability testing custodianship
Design • Mobile app access control • Environmental controls/ Power & • Containerisation / data • Over The Air updates
• Penetration tests • Self-assessment • Application access controls
• IOT device identities HVAC segregation
• Continuous assurance • Audits: • Role-Based Access Controls
• Secure coding training & review • Fire detection & suppression
• Certification & accreditation • Security monitoring • Lost/stolen devices
• App development standards • Right to Audit & remediation • Redundancy Based on
requirements • File integrity monitoring • Cloud storage of data
• Security requirements & NFRs • Independent assurance • BCP / Work Area Recovery sites http://rafeeqrehman.com
• Device tracking