Cyber Mind Map DOC ID 2017063 V1R1
-
Upload
wwwsecurekmcom-secure-knowledge-management-inc -
Category
Business
-
view
1.187 -
download
16
Transcript of Cyber Mind Map DOC ID 2017063 V1R1
Credits Mark E.S. Bernard
Credits Mark E.S. Bernard
Credits Mark E.S. Bernard
Cyber Mind Map
*** THIS DOCUMENT HAS BEEN CLASSIFIED FOR PUBLIC ACCESS BY SECUREKM ***
Governance
Communication
Chief Cyber
Security Officer Architecture
Risk Management
Monitoring
Integration
Knowledge Management
Legal obligations
Known Vulnerabilities
Awareness
Training
Incident Management SIEM, IDS, IPS, HID
Audit
Events & Incidents
ISO 27001
NIST
ITIL
Program Management
Security Testing
Legal Registry
Executive Oversight
Roles and Responsibilities
COSO ERM
Statutes
Regulations
Contracts
Penetration Testing
Vendor Management
Enterprise Security Policy
Access Control
Service Management
NIST CSF
Incident Management
Tacit
Vendor Management
Operational RiskFinancial Risk
Strategic Risk
Hazard Risk
Compliance Risk
Risk Management
Explicit Implicit
Employee Induction
Contractor
Vendor /Supplier Customer Breach or Privacy Breach , media /Enterprise Q&A speaking points
(both) short /long, predefined scriptsService Continuity Management
Investigations
Procurement Management
Contract Management
Development
Vulnerability Management Plan
Change Management
Release Management
Progressive Disciplinary
OWSAP
SSDLC
RM Policy
InfoSec Policy
Acceptable Use Policy
BYOD Policy
Resource Allocation
Budget Allocation
Project Management
Continual Improvement
SOC
Business Plan Strategic, Tactical Goals, Objectives
KPI, KRI,
Information Architecture
Application Architecture
Infrastructure Architecture
Triage
Annual Strategy /Plan
Social Engineering
Insider ThreatFraud
Supply ChainAssuranceSSAE16, ISAE3402, SOC1, SOC2, SOC3
FISMA
ITAR
GDPR
QA
Configuration Management
Asset ManagementValuation
UAT
Security Standards /4IQ Configuration Items
DOC ID: 2017063 V1R2
Problem Management
Law EnforcementPlaybookSOX
PCI DSS
HITECHHIPPA
IPO Due Diligence
Engineering Methodology
CSIRT
Termination
General Counsel
Threat Intelligence
RFP, RFI, RFQ
Cryptography
NIST SP 800-53
NIST SP 800-171
NOTE: This illustration is not the “absolute” complete Cyber mind map, but it is as much as I could fit on one page to provide some context on the subject while identifying 8 critical processes.
Biz User
Privileged User
FedRAMP
NERC CIP
PMO
ISO 9001
ISO 22301
ISO 31000
ISO 38500
Risk Registry
Risk Treatment Plan
3PE Assessment
Black, Grey, Blue, White Box Security Testing
Vulnerability Scanning
FOIPPA
PIPEDA
Risk Treatment Plan
Risk Registry
GAAP
IFRS
SFFAC
PCAOB
NIST
COSO ERM
SLA /SLO
Internal Facing
External Facing
Forensics
Service Continuity
People Management
Performance Management
Designated point of contact
Capacity Management