Please enable JavaScript.
Coggle requires JavaScript to display documents.
CISO-People-Processes-Technology - Coggle Diagram
CISO-People-Processes-Technology
SOC-Tools
Threat Intelligence platform
MISP Open Source Threat Intelligence plaform
Strategic Planning
Porters 5 forces
- Analyze competition in an industry to understand business strategy
Strategy Map
- Link business obj to sec proj & initiative
Values/Culture
- How to effectively operate in org
Asset Analysis
- Identify & classify the crow jewels of org
Power/Interest Grid
- prioritize stakeholders to dev relationship plan
PEST Analysis
- External forces that create cyber risk & opportunities
SIPOC
- key processes to identify stakeholders
Kill Chain & MITRE ATT&CK
- understand attacker TTPs to plan defense
Historical Analysis
-Analyze Org past to inform future dev
key areas of knowledge encompass many of the duties of an enterprise security manager
Develop and implement security related service level agreements
Develop risk measurement and management programs
Delineate roles and responsibilities of employees, managers, data owners, and security personnel from a security perspective
ntegrate personnel security with business operations.
Develop an enterprise wide security plan
Oversee enterprise wide security awareness and training programs.
Develop and implement security processes.
Develop and implement a data classification program throughout org
Develop an enterprise wide security policy.
Develop certification and accreditation strategies
Apply the concepts of availability, integrity, and confidentiality to the enterprise
Address privacy issues and requirements.
Understand the goals, mission, and the objectives of the organization from an enterprise perspective
Oversee security assessment practices
Market security programs to management and stakeholders.
Measure and leverage protection of enterprise resources