#86 - The CISO MindMap (with Rafeeq Rehman) - podcast episode cover

#86 - The CISO MindMap (with Rafeeq Rehman)

CISO Tradecraft®
Jul 11, 202245 minEp. 86
--:--
--:--
Listen in podcast apps:
Apple Podcasts
Spotify
Download
YouTube
Overcast
Pocket Casts
Episodes.fm
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

This episode features Rafeeq Rehman.  He discusses the need for a CISO Mindmap and 6 Focus Areas for 2022-2023:

1.  Re-evaluate ransomware defenses, detection and response capabilities, perform a business impact analysis and identify critical processes, applications and data.

2.  Reduce/consolidate security tools/technologies and vendors. More tools don’t necessarily reduce risk but do add the need for maintaining expertise on security teams.

3.  To serve your business better, train staff on business acumen, value creation, influencing and human experience.

4.  Take an inventory of open source software (standalone and libraries) and make it part of your vulnerability management program.

5.  Build team expertise in technology fields including machine learning (ML) models, model training, API security, service mesh, containers, DevSecOps.

6.  Maintain a centralized risk register. Even better: integrate into your enterprise risk management program. Track risk for technology, insiders, processes, third parties, compliance and skill gaps.

Links:

  • CISO MindMap Link
  • CISO MindMap 2022 Recommendations Link
  • Information Security Leaders Handbook Link
  • Cybersecurity Arm Wrestling Link
For the best experience, listen in Metacast app for iOS or Android