SECURITY PROFESSIONALS RESPONSIBILITIES

Periodic Opera�ng Systems

Cloud architecture Network/Applica�on Firewalls Scope
Comprehensive Network Devices
Strategy and Guidelines Vulnerability Management Iden�fy
Vendor's Financial Strength Applica�ons
Cloud risk evalua�on Applica�on Security Classify

Project Delivery
SLAs Compliance management
Acquisi�on Risk Assessment Databases
IPS Mi�ga�on Risk Based Approach
Infrastructure Audit Integra�on Cost Code Review
Ownership/Liability/Incidents Iden�ty Management Measure Priori�ze

Lifecycle
Proof of Applica�on Security Iden�ty Management Requirements Physical Security
SaaS Strategy Informa�on Security Policy
Disaster Recovery Posture Cloud log integra�on/APIs Design reviews Cloud misconfigura�on tes�ng

Threat Preven�on
Security Tes�ng DLP
Applica�on Architecture Cloud configura�on monitoring Fix Mobile Devices
Integra�on of Iden�ty Management/Federa�on/SSO Cer�fica�on and Accredita�on An� Malware, An�-spam
VIrtualized security appliances Verify IoT
SaaS Policy and Guidelines Proxy/Content Filtering
Cloud na�ve apps security
Containers-to-container communica�on security DNS security/ filtering
Baseline
Service mesh, micro services Patching Applica�on Development Standards
Metric
serverless compu�ng security DDoS Protec�on Secure Code Training and Review
Policy Use Awareness Program as a tool
Technology Hardening guidelines Applica�on Vulnerability Tes�ng
Lost/Stolen devices Security Projects Desktop security Change Control File Integrity Monitoring
Mergers and Acquisi�ons Automate Threat Hun�ng
BYOD Business Case Development Encryp�on, SSL Web Applica�on Firewall

Business Enablement

Budget
Mobile Apps Inventory Cloud Compu�ng PKI Integra�on to SDLC and Project Delivery
Mobile Technologies Alignment with IT Projects
Balance FTE and contractors Security Health Checks Inventory open source components
Processes Source code supply chain security
Business Con�nuity and Disaster Recovery Balancing budget for People, Trainings, and Tools/Technology
Cyber Risk Insurance Secure DevOps, DevSecOps Machine Learning Skill Development
HR/On Boarding/Termina�on Understand industry trends (e.g. retail, financials, etc)
Business Partnerships Evelua�ng Emerging Technology amor�za�on Understand Algorithm Biases
Log Analysis/correla�on/SIEM
Technologies (e.g. SDN, Virtual/Augmented Reality, IOT
Aler�ng (IDS/IPS, FIM,WAF, An�virus, etc)
Autonomous Vehicles, connected medical devices, etc) Autonomous Vehicles
NetFlow analysis

Security Opera�ons
IOT Frameworks
IOT Drones
Hardware/Devices security features DLP
IOT Communica�on Protocols Data Analy�cs Medical Devices
Threat hun�ng and Insider threat
Device Iden�ty, Auth and Integrity Virtual Reality Industrial Control Systems (ICS)
MSSP integra�on

Threat Detec�on
Over the Air updates Augmented Reality Tradi�onal Network Segmenta�on Gap assessment Blockchain & Smart Contracts
Threat Detec�on capability assessment

Security Architecture
IOT Use cases Crypto currencies Micro segmenta�on strategy Priori�za�on to fill gaps MITRE ATT&CK
SOC Opera�ons
IoT SaaS Pla�orms Applica�on protec�on
BlockChain Use of AI and Data Analy�cs
Ar�ficial Intelligence Defense-in-depth Red team/blue team exercises (and whatever
Track and Trace Drones Remote Access you want to call them) SOC Resource Mgmt
Condi�on Based Monitoring 5G use cases and security Encryp�on Technologies Integrate threat intelligence pla�orm (TIP) SOC Staff con�nuous training

Use of computer vision in physical security

Customer Experience Backup/Replica�on/Mul�ple Sites Shi� management
Edge Compu�ng Decep�on technologies for breach detec�on
Smart Grid Cloud/Hybrid/Mul�ple Cloud Vendors SOC procedures
Smart Ci�es / Communi�es Full packet inspec�on

ML model training, retraining

So�ware Defined Networking Detect misconfigura�ons SOC Metrics and Reports
Others ... Train InfoSec teams

Log Anomaly Detec�on

Secure models Network Func�on Virtualiza�on SOC and NOC Integra�on
Securing training and test data Zero trust models and roadmap SOC Tech stack management
Adversarial a�acks SASE strategy, vendors Threat Intelligence Feeds and proper u�liza�on
Chatbots and NLP Overlay networks, secure enclaves Update and Test Incident Response Plan SOC DR exercise
Set Leadership Expecta�ons Partnerships with ISACs

Legal and Human

Media Rela�ons Long term trend analysis
Resources Business Con�nuity Plan Unstructured data from IoT
Forensic and IR Partner, retainer Integrate new data sources
Data Discovery and Data Ownership
Adequate Logging (see areas under skills development)

Incident Management
Vendor Contracts
Breach exercises (e.g. simula�ons) Skills Development
Inves�ga�ons/Forensics
A�orney-Client Privileges DevOps Integra�on
Data Reten�on and Destruc�on
Team development, talent management CISO MindMap 2021 Create adequate Incident Response capability
Media Rela�ons
Incident Readiness Assessment
Prepare for unplanned work

Iden�fy cri�cal systems

(Permanent) Work from

Forensic Inves�ga�on Perform ransomware BIA Playbooks

Data Breach Prepara�on Tie with BC/DR Plans
Enable Secure Applica�on access Ransomware Devise containment strategy
Automa�on and SOAR Ensure adequate backups Plan for government shutdown
Home

Secure expanded a�ack surface

Security of sensi�ve data accessed from Supply chain incident mgmt Periodic backup test of cri�cal so�ware or service
home Mock exercises providers
Implement machine integrity checking

Creden�aling
Account Crea�on/Dele�ons
Iden�ty Management

Single Sign On (SSO, Simplified sign on) Strategy and business alignment COSO
Repository (LDAP/Ac�ve Directory, Cloud Iden�ty, Local ID stores) Risk Mgmt/Control Frameworks COBIT
Compliance and Audits

Federa�on Resource Management

Governance
ISO
CCPA, Data Privacy & GDPR 2-Factor (mul�-factor) Authen�ca�on - MFA Roles and Responsibili�es ITIL
Role-Based Access Control Voice signatures
PCI Data Ownership, sharing, and data privacy NIST - relevant NIST standards and guidelines
Ecommerce and Mobile Apps Face recogni�on
SOX Conflict Management FAIR
HIPAA and HITECH Password resets/self-service Metrics and Repor�ng Visibility across mul�ple frameworks
Regular Audits HR Process Integra�on IT, OT, IoT/IIoT Convergence
SSAE 18 Integra�ng cloud-based iden��es Explore op�ons for coopera�ve SOC, collabora�ve infosec
NIST/FISMA IoT device iden��es Tools and vendors consolida�on Opera�onal Metrics
Execu�ve order on improving the Na�on's Cybersecurity IAM SaaS solu�ons Maintaining a roadmap/plan for 1-3 years Execu�ve Metrics and Repor�ng
Other compliance needs Unified iden�ty profiles Valida�ng effec�veness of metrics
Password-less authen�ca�on
IAM with Zero Trust technologies

Selling InfoSec
Aligning with Corporate
Tes�ng effec�veness Objec�ves

(Internal)
Physical Security Con�nuous Mgmt Updates, metrics
Risk Management

Vulnerability Management Innova�on and Value Crea�on

Data Discovery
Data Classifica�on
Ongoing risk assessments/pen tes�ng FOCUS AREAS FOR 2021-22 Expecta�ons Management
Build project business cases
Integra�on to Project Delivery (PMO)
Access Control Show progress/ risk reduc�on
Code Reviews
Data Loss Preven�on - DLP ROSI
Use of Risk Assessment Methodology and framework
Partner Access 1. Re-evaluate your ransomware defenses, do a business impact analysis
Policies and Procedures
Encryp�on/Masking 2. Reduce/consolidate security tools/technologies and vendors (less is more in many cases)
Phishing and Associate Awareness
Monitoring and Aler�ng
Data Centric Approach 3. Monitor Cloud mis-configura�ons in real �me and at machine speed Author:Rafeeq Rehman
Opera�onal Technologies 4. Adopt borderless network strategies (SASE, Zero Trust, and/or whatever you want to call it) Twi�er Account:@rafeeq_rehman
Industrial Controls Systems Use data from Security Reports 5. Think about coopera�ve/collabora�ve SOC strategy
PLCs Vendor risk management 6. Train staff on business, ML models, model training, service mesh, containers, DevSecOps Copy of this MindMap can be downloaded from blog site
SCADA Risk scoring 7. Plan for government shutdown of a cri�cal so�ware or service provider due to security issues https://rafeeqrehman.com
HMIs
Copyright c 2021 Rafeeq Rehman -All Rights reserved