Enterprise Cyber Security Reference Architecture (by Boris Taratine)

Enterprise Cyber Security Reference Arc ...Operation and supportCyber strategyBusiness Strategy Alignment - The BoardVision, Goals, ObjectivesCurrent stateFuture business development scenariosGoverning principlesFunding modelRisk tolerance statementRoadmapGovernanceOwnership and accountabilityCollaborationIntelligence analysisReconcile conflicting needsCertification and accreditationAgile cybersecurity investmentCyber strategy alignmentCyber Target Operating ModelCurrent and future stateTransition planningProcesses definitionCyber control frameworkLink KPI/KRI to business KIRoles and responsibilitiesBAU ownersCapability and Maturity modelsArchitecture and GovernanceData governance and Information risk man ...Critical information assets - CIACritical business processes - CBPData governance frameworkDLP rules and policiesRecords managementOwnership & StewardshipPrivacy impact assessmentRetention rules and policiesIntellectual property and Digital rightsData qualityNon-Critical information assetsNon-Critical business processesRisk assessmentMetadata control and Data segregationLabelling and handlingKnowledge managementData devaluation and Secure data disposa ...Data classificationCIA & CBP MappingAccountabilityAudit and compliancePolicy Standards LifecycleRegulations and LegislationsVulnerability managementCritical data assurancePrioritisationAudit and compliance monitoringService ComplianceAction trackingGood vs Best practicesCompliance metrics translation to cyber ...Risk ManagementCyber risk assessmentRisk categorisationScenario analysisAssurance review and oversightAssurance findingsAudit findingsThreat and vulnerabilityAction trackingCyber risk metrics (KRI)Cyber risk management frameworkControl assessmentMaterial breach reportingMaterial event reportingsk and regulatory reporting (ext. and in ...Cyber resilience vs BenchmarkingRisk metrics translation to cyber securi ...Communication and PRThe BoardGovernmentColleaguesSuppliersStandardised press releasesRegulatorsCustomersPartnersBusiness LiaisonSocial MediaCyber awarenessService desk and Call centreColleagues cyber supportCustomers cyber supportCyber awarenessEducation and AwarenessNon-ExecutivesExecutives3rd parties cyber readinessPhysical securityStakeholders managementRole based trainingColleaguesCustomer-facing staffCall centreService deskSocial engineeringCertification and AccreditationHigh risk colleaguesCyber aware cultureService deliveryService catalogRecovery plansPolicies and standardsKPI/KRIBusiness focussed SLAHuman ResourcesBackground screeningRetain best skills in-houseEngagementSegregation of dutiesAwarenessSkills developmentVettingJoiners Movers Leavers - JMLCode of ConductLegalSupport prosecution of offendersContracts and Exit strategyE-DiscoveryIncident response legal preparation3rd parties ManagementCertification and AccreditationContracts and Exit strategyCollaborationContacts and security schedulesAuditInformation sharingMonitoringTesting and readinessCentralised repositoryReporting servicesDashboardBusiness intelligenceManagement intelligenceData miningPoliciesFinanceKPI/KRIReporting toolsRegular cyber drillsDesk Top exercisesKRI/KPIKnowledge managementOperating modelRoles and responsibilitiesWorkflow processRepositoryCyber intelligence libraryIndicators of compromiseThreats, vulnerabilities and solutionsPlaybooksCyber incidents historic trendsTrends analysisGuidance and FAQsBest practicesIntelligence analysis reportsBusiness impact analysis reportsForensics historyCyber standards and patternsTools and contentCyber and Infosec knowledge repositoryControl policyTaxonomy asset classificationControl policyWorkflow and categorizationDocument management and collaboration pl ...Robustness (preventative measures)Architecture and DesignRisk basedPrinciple drivenStandardisedAgileInformation privacyData leakage protectionClient DLPChannel DLPData protection labelsData sharing labelsPrivacy impact assessmentsAnti-malwareWeb scanEmail scanWhite listingSandboxingSignature file reductionAdvanced malware protectionBehavioural analyticsChannel separationIsolation and segregationData accessIn-transit protectionAt-rest protectionIn-use protectionCompartmentalisationSecure APIOpportunistic encryptionCrypto servicesPKIPGPKey managementCertificates managementIdentity and Access ManagementIdentity lifecycle managementID and Entitlement provisioningPhysical access integrationRole managementSegregation of dutiesAccess restrictionAccess managementSystem authenticationStrong authenticationWeb access managementToxic identity combinationsPrivileged identity managementOn demand privilege escalationPrivileged accountsPrivileged sessionsPrivileged passwordsBreak-glass processMonitoring and recertificationApplications and platformsApplication specific access controlsPlatform specific access controlsToxic identity combinationsInteroperabilityIdentity services and federationIdentity federationSingle sign onVettingIdentification and verificationAuthentication, authorization, and audit ...Identity stores synchronisation servicesInfrastructure securityInternal and external networkSegregation and compartmentalisationReduce statefulnessDDoS defenceAccess controlShared servicesIoT and sensors securityTime synchronisationVirtualisationAssuranceRemote and wireless accessIntrusion detection and preventionProtocols configuration hardeningSecure information exchangeBCPs and standardsCore business networkOrganisation dependentCritical national infrastructureOrganisation dependentApplication SecurityApplication lifecycleSecure codingMature SDLCTestingRemediationDevelopers training including 3rd partie ...Application protectionCode signing and obfuscationSecure APIApplication DDoS defencesRuntime self protectionApplication gatewaysCustomer-end and mobile applicationsMalware and anomaly detectionPhishing, Smishing, Vishing protectionRogue elements takedownSecure developmentSecure distributionSecure enrollmentTemper detectionAuthenticationAppstore monitoringCode signing and obfuscationIntelligenceConfiguration management and hygieneDataIntegrity validationControlled distributionRetainmentApplicationsMaintenanceSource code protectionVersion controlCurrencyInfrastructure"Under attack" capacity planning Assets discoveryCurrencyEnd point virtualisation and isolationGeneralHardeningPatchingDecommissionMedia lockdownTracked inventoryCertification and accreditation(Pen) testingAuditResilience (early detection and fast rec ...Security and fraud monitoringSecurity Intelligence Centre DashboardSecurity infrastructure monitoringIoT sensorsHoney potsEvent miningSecurity technologies logsPrivileged credentials and AAA monitorin ...NetflowSmart card usageEvent correlationApplication security eventsData integrity monitoringCCTVData analyticsDB security eventsC&C monitoringDeep packet inspectionVoIP and telephonyBehaviour patternsWeb activity security eventsDNS monitoringDHCP monitoringDarknet monitoringACL monitoringEnd point security eventsE-mail journalingCompliance monitoringExternal feedsVulnerabilities monitoringReporting and communicationExternal services security eventsManaged security servicesThreat modellingKPI/KRILog collection, events optimisation, and ...Cyber incident and crisis managementQuick decision makingReportingBreakglass proceduresInvestigationsCommunicationRecovery protocolsForensic skills and analysisUp to date diagramsResponse scenariosScenarios rehearsalAvailability managementOperational securityCollateral damage controlRetaliation scenariosCritical int and ext escalation points o ...3rd parties engagementStaff empowerment and delegationsRapid and Agile responseFeedback to event readinessKPI/KRIContainment strategy (Kill Chain . Diamo ...Cyber event readinessVirtual Red Team exerciseRed team vs Blue teamIntel driven pen testDeception & Denial planningSocial mediaIndustry contactsTargeted attack simulationPlaybooks and use casesDisruption planningNew technologies and innovationRegular cyber drillsThreat modellingVulnerability managementCapacity planningArchives and backupsAttacks and APTs patterns studyCritical int and ext escalation points o ...Continuity and contingency planningFeedback to incident and crisis manageme ...KPI/KRITraining, awareness, and talent retentio ...Anomaly detectionBusiness intelligenceReputation and Threat analysisBrand monitoringFraud detectionBusiness rules baselineMalwareTransaction monitoringBotnet monitoring and protectionEmail queuingBlack market monitoringSocial media monitoringActionable reportingCCTVIVRTrusted intelligence feedsIoC correlationSmart card usageC&C monitoringRoot Kit detectionData access intelligenceBehaviour monitoringDNS protection and monitoringForensic analysisData SciencePath of least resistanceBack-doorsReal time responseKPI/KRIAnalytics platformActive Cyber DefenseIntelligence, collaboration and informat ...Operational intelligenceTactical intelligenceStrategic intelligenceUnderstanding of the adversaryAnalysisAnalyticsReportingDisseminationPlanning / ActionFeedback loopGeo-political analysisCounter threat managementInformation sharing protocolsExternal partiesDarknet monitoringSocial media monitoringIoC correlationTrusted distribution channelsIntelligence grading scoreTrusted information exchangeCommunity of practiceModeling and simulationKPI/KRIIntelligence sharing platformDeception and denialDiversionResource depletionUncertaintyIntelligenceProactive measuresCounter intelligenceCognitive technologies and artificial in ...Environmental variables risk modellingAnomaly detectionIntelligence supportReal time decision makingInnovationR&DPipeline of new ideasNew combat methodsRapid evaluation , implementation, and i ...Fast responseInternal StakeholdersThe BoardCEO and Senior Leadership TeamCore Business UnitsRiskInternal AuditLegalCommunications and Public RelationsHuman ResourcesProcurement and SourcingITExternal PartiesOrganisation's Value chainCustomersOnlineMobileCall CentreBrick and MortarShareholdersIndividualsCorporate investorsGovernmentPartners To-BeTelecommunicationsMobile carriersISPESPDNS RegistrarsVendorsSecurity vendorsOS vendorsHardware vendorsSoftware vendorsService providersExternal consultanciesThink TanksAcademiaIndustry groupsSecurity forumsNGOInformation exchange boardsStandardisation bodiesMembers of CNIFinanceEnergyDefenceUtilitiesAirspaceGovernmentLegislatorsRegulatorsIntelligenceLaw enforcement(Inter)National CERTsMediaPressTVRadioSocial mediaEmergingCloud providersStandardisation initiativesTrusted distribution and communication c ...Cyber related ecosystem managementTrusted information exchange and communi ...Environmental variables GlobalWorld economic developmentGlobal technological risksSecurity of cyberspacePoliticalGeo-political trendsGlobalNationalRegionalLocalGovernmentsActivistsTerrorismEconomicFinancial industry stabilityInvestmentsGDP trendsConsumer confidenceSocial Availability of skillsEducationCuture changeGender equalityGeneration YEthics and socal trendsTechnicalInternet of ThingsEmerging vendorsBYOD technologiesEmerging technologiesFading and legacy technologiesBig DataOmni presenceOpen APIInnovation trendsCompetitiveAlumnae interactionMarket driversNation States interestsIndustry trendsEco-system awareness and influenceSupply chain cyber readinessTrends analysisSimplificationGovernanceTarget Operating ModelLean processesLink KPI/KRI to business KIComplianceGood vs Best practicePrinciple vs Compliance drivenRisk basedCultureSimplified hierarchyInclusive dialogueData enrichment and EthicsEngagementAuthorityEmpowermentWorkforce centric securityArchitectureNormalisation of artefactsPrinciple basedReuseService orientedDesignIterationStandardisationImplementationAutomationDecommissionOperationsProcesses and proceduresAutomationNoise reductionOptimisationVirtual vulnerability patchingDecommissionStaff empowermentCrisis communicationCoordinationInfrastructureLegacy managementApplicationsOpen standardsStandardisationCode sharingCross-platform developmentServicesAutomationDataElasticFusion
hide
Enterprise Cyber Security Reference Architecture
hide
Operation and support
hide
Cyber strategy
leaf
Business Strategy Alignment - The Board
leaf
Vision, Goals, Objectives
leaf
Current state
leaf
Future business development scenarios
leaf
Governing principles
leaf
Funding model
leaf
Risk tolerance statement
leaf
Roadmap
hide
Governance
leaf
Ownership and accountability
leaf
Collaboration
leaf
Intelligence analysis
leaf
Reconcile conflicting needs
leaf
Certification and accreditation
leaf
Agile cybersecurity investment
leaf
Cyber strategy alignment
hide
Cyber Target Operating Model
leaf
Current and future state
leaf
Transition planning
leaf
Processes definition
leaf
Cyber control framework
leaf
Link KPI/KRI to business KI
leaf
Roles and responsibilities
leaf
BAU owners
leaf
Capability and Maturity models
leaf
Architecture and Governance
hide
Data governance and Information risk management
leaf
Critical information assets - CIA
leaf
Critical business processes - CBP
leaf
Data governance framework
leaf
DLP rules and policies
leaf
Records management
leaf
Ownership & Stewardship
leaf
Privacy impact assessment
leaf
Retention rules and policies
leaf
Intellectual property and Digital rights
leaf
Data quality
leaf
Non-Critical information assets
leaf
Non-Critical business processes
leaf
Risk assessment
leaf
Metadata control and Data segregation
leaf
Labelling and handling
leaf
Knowledge management
leaf
Data devaluation and Secure data disposal
leaf
Data classification
leaf
CIA & CBP Mapping
leaf
Accountability
hide
Audit and compliance
leaf
Policy Standards Lifecycle
leaf
Regulations and Legislations
leaf
Vulnerability management
leaf
Critical data assurance
leaf
Prioritisation
leaf
Audit and compliance monitoring
leaf
Service Compliance
leaf
Action tracking
leaf
Good vs Best practices
leaf
Compliance metrics translation to cyber security and cyber resilience posture
hide
Risk Management
leaf
Cyber risk assessment
leaf
Risk categorisation
leaf
Scenario analysis
leaf
Assurance review and oversight
leaf
Assurance findings
leaf
Audit findings
leaf
Threat and vulnerability
leaf
Action tracking
leaf
Cyber risk metrics (KRI)
leaf
Cyber risk management framework
leaf
Control assessment
leaf
Material breach reporting
leaf
Material event reporting
leaf
sk and regulatory reporting (ext. and int.)
leaf
Cyber resilience vs Benchmarking
leaf
Risk metrics translation to cyber security and cyber resilience posture
hide
Communication and PR
leaf
The Board
leaf
Government
leaf
Colleagues
leaf
Suppliers
leaf
Standardised press releases
leaf
Regulators
leaf
Customers
leaf
Partners
leaf
Business Liaison
leaf
Social Media
leaf
Cyber awareness
hide
Service desk and Call centre
leaf
Colleagues cyber support
leaf
Customers cyber support
leaf
Cyber awareness
hide
Education and Awareness
leaf
Non-Executives
leaf
Executives
leaf
3rd parties cyber readiness
leaf
Physical security
leaf
Stakeholders management
leaf
Role based training
leaf
Colleagues
leaf
Customer-facing staff
leaf
Call centre
leaf
Service desk
leaf
Social engineering
leaf
Certification and Accreditation
leaf
High risk colleagues
leaf
Cyber aware culture
hide
Service delivery
leaf
Service catalog
leaf
Recovery plans
leaf
Policies and standards
leaf
KPI/KRI
leaf
Business focussed SLA
hide
Human Resources
leaf
Background screening
leaf
Retain best skills in-house
leaf
Engagement
leaf
Segregation of duties
leaf
Awareness
leaf
Skills development
leaf
Vetting
leaf
Joiners Movers Leavers - JML
leaf
Code of Conduct
hide
Legal
leaf
Support prosecution of offenders
leaf
Contracts and Exit strategy
leaf
E-Discovery
leaf
Incident response legal preparation
hide
3rd parties Management
leaf
Certification and Accreditation
leaf
Contracts and Exit strategy
leaf
Collaboration
leaf
Contacts and security schedules
leaf
Audit
leaf
Information sharing
leaf
Monitoring
leaf
Testing and readiness
leaf
Centralised repository
hide
Reporting services
leaf
Dashboard
leaf
Business intelligence
leaf
Management intelligence
leaf
Data mining
leaf
Policies
leaf
Finance
leaf
KPI/KRI
leaf
Reporting tools
hide
Regular cyber drills
leaf
Desk Top exercises
leaf
KRI/KPI
hide
Knowledge management
hide
Operating model
leaf
Roles and responsibilities
leaf
Workflow process
hide
Repository
leaf
Cyber intelligence library
leaf
Indicators of compromise
leaf
Threats, vulnerabilities and solutions
leaf
Playbooks
leaf
Cyber incidents historic trends
leaf
Trends analysis
leaf
Guidance and FAQs
leaf
Best practices
leaf
Intelligence analysis reports
leaf
Business impact analysis reports
leaf
Forensics history
leaf
Cyber standards and patterns
hide
Tools and content
leaf
Cyber and Infosec knowledge repository
leaf
Control policy
leaf
Taxonomy asset classification
leaf
Control policy
leaf
Workflow and categorization
leaf
Document management and collaboration platform
hide
Robustness (preventative measures)
hide
Architecture and Design
leaf
Risk based
leaf
Principle driven
leaf
Standardised
leaf
Agile
hide
Information privacy
hide
Data leakage protection
leaf
Client DLP
leaf
Channel DLP
leaf
Data protection labels
leaf
Data sharing labels
leaf
Privacy impact assessments
hide
Anti-malware
leaf
Web scan
leaf
Email scan
leaf
White listing
leaf
Sandboxing
leaf
Signature file reduction
leaf
Advanced malware protection
leaf
Behavioural analytics
leaf
Channel separation
leaf
Isolation and segregation
hide
Data access
leaf
In-transit protection
leaf
At-rest protection
leaf
In-use protection
leaf
Compartmentalisation
leaf
Secure API
leaf
Opportunistic encryption
hide
Crypto services
leaf
PKI
leaf
PGP
leaf
Key management
leaf
Certificates management
hide
Identity and Access Management
hide
Identity lifecycle management
leaf
ID and Entitlement provisioning
leaf
Physical access integration
leaf
Role management
leaf
Segregation of duties
leaf
Access restriction
hide
Access management
leaf
System authentication
leaf
Strong authentication
leaf
Web access management
leaf
Toxic identity combinations
hide
Privileged identity management
leaf
On demand privilege escalation
leaf
Privileged accounts
leaf
Privileged sessions
leaf
Privileged passwords
leaf
Break-glass process
leaf
Monitoring and recertification
hide
Applications and platforms
leaf
Application specific access controls
leaf
Platform specific access controls
leaf
Toxic identity combinations
leaf
Interoperability
hide
Identity services and federation
leaf
Identity federation
leaf
Single sign on
leaf
Vetting
leaf
Identification and verification
leaf
Authentication, authorization, and audit (accounting)
leaf
Identity stores synchronisation services
hide
Infrastructure security
hide
Internal and external network
leaf
Segregation and compartmentalisation
leaf
Reduce statefulness
leaf
DDoS defence
leaf
Access control
leaf
Shared services
leaf
IoT and sensors security
leaf
Time synchronisation
leaf
Virtualisation
leaf
Assurance
leaf
Remote and wireless access
leaf
Intrusion detection and prevention
leaf
Protocols configuration hardening
leaf
Secure information exchange
leaf
BCPs and standards
hide
Core business network
leaf
Organisation dependent
hide
Critical national infrastructure
leaf
Organisation dependent
hide
Application Security
hide
Application lifecycle
leaf
Secure coding
leaf
Mature SDLC
leaf
Testing
leaf
Remediation
leaf
Developers training including 3rd parties
hide
Application protection
leaf
Code signing and obfuscation
leaf
Secure API
leaf
Application DDoS defences
leaf
Runtime self protection
leaf
Application gateways
hide
Customer-end and mobile applications
leaf
Malware and anomaly detection
leaf
Phishing, Smishing, Vishing protection
leaf
Rogue elements takedown
leaf
Secure development
leaf
Secure distribution
leaf
Secure enrollment
leaf
Temper detection
leaf
Authentication
leaf
Appstore monitoring
leaf
Code signing and obfuscation
leaf
Intelligence
hide
Configuration management and hygiene
hide
Data
leaf
Integrity validation
leaf
Controlled distribution
leaf
Retainment
hide
Applications
leaf
Maintenance
leaf
Source code protection
leaf
Version control
leaf
Currency
hide
Infrastructure
leaf
"Under attack" capacity planning
leaf
Assets discovery
leaf
Currency
leaf
End point virtualisation and isolation
hide
General
leaf
Hardening
leaf
Patching
leaf
Decommission
leaf
Media lockdown
leaf
Tracked inventory
leaf
Certification and accreditation
leaf
(Pen) testing
leaf
Audit
hide
Resilience (early detection and fast recovery)
hide
Security and fraud monitoring
leaf
Security Intelligence Centre Dashboard
leaf
Security infrastructure monitoring
leaf
IoT sensors
leaf
Honey pots
leaf
Event mining
leaf
Security technologies logs
leaf
Privileged credentials and AAA monitoring
leaf
Netflow
leaf
Smart card usage
leaf
Event correlation
leaf
Application security events
leaf
Data integrity monitoring
leaf
CCTV
leaf
Data analytics
leaf
DB security events
leaf
C&C monitoring
leaf
Deep packet inspection
leaf
VoIP and telephony
leaf
Behaviour patterns
leaf
Web activity security events
leaf
DNS monitoring
leaf
DHCP monitoring
leaf
Darknet monitoring
leaf
ACL monitoring
leaf
End point security events
leaf
E-mail journaling
leaf
Compliance monitoring
leaf
External feeds
leaf
Vulnerabilities monitoring
leaf
Reporting and communication
leaf
External services security events
leaf
Managed security services
leaf
Threat modelling
leaf
KPI/KRI
leaf
Log collection, events optimisation, and management platform
hide
Cyber incident and crisis management
leaf
Quick decision making
leaf
Reporting
leaf
Breakglass procedures
leaf
Investigations
leaf
Communication
leaf
Recovery protocols
leaf
Forensic skills and analysis
leaf
Up to date diagrams
leaf
Response scenarios
leaf
Scenarios rehearsal
leaf
Availability management
leaf
Operational security
leaf
Collateral damage control
leaf
Retaliation scenarios
leaf
Critical int and ext escalation points of contact
leaf
3rd parties engagement
leaf
Staff empowerment and delegations
leaf
Rapid and Agile response
leaf
Feedback to event readiness
leaf
KPI/KRI
leaf
Containment strategy (Kill Chain . Diamond Model)
hide
Cyber event readiness
leaf
Virtual Red Team exercise
leaf
Red team vs Blue team
leaf
Intel driven pen test
leaf
Deception & Denial planning
leaf
Social media
leaf
Industry contacts
leaf
Targeted attack simulation
leaf
Playbooks and use cases
leaf
Disruption planning
leaf
New technologies and innovation
leaf
Regular cyber drills
leaf
Threat modelling
leaf
Vulnerability management
leaf
Capacity planning
leaf
Archives and backups
leaf
Attacks and APTs patterns study
leaf
Critical int and ext escalation points of contact
leaf
Continuity and contingency planning
leaf
Feedback to incident and crisis management
leaf
KPI/KRI
leaf
Training, awareness, and talent retention
hide
Anomaly detection
leaf
Business intelligence
leaf
Reputation and Threat analysis
leaf
Brand monitoring
leaf
Fraud detection
leaf
Business rules baseline
leaf
Malware
leaf
Transaction monitoring
leaf
Botnet monitoring and protection
leaf
Email queuing
leaf
Black market monitoring
leaf
Social media monitoring
leaf
Actionable reporting
leaf
CCTV
leaf
IVR
leaf
Trusted intelligence feeds
leaf
IoC correlation
leaf
Smart card usage
leaf
C&C monitoring
leaf
Root Kit detection
leaf
Data access intelligence
leaf
Behaviour monitoring
leaf
DNS protection and monitoring
leaf
Forensic analysis
leaf
Data Science
leaf
Path of least resistance
leaf
Back-doors
leaf
Real time response
leaf
KPI/KRI
leaf
Analytics platform
hide
Active Cyber Defense
hide
Intelligence, collaboration and information sharing
leaf
Operational intelligence
leaf
Tactical intelligence
leaf
Strategic intelligence
leaf
Understanding of the adversary
leaf
Analysis
leaf
Analytics
leaf
Reporting
leaf
Dissemination
leaf
Planning / Action
leaf
Feedback loop
leaf
Geo-political analysis
leaf
Counter threat management
leaf
Information sharing protocols
leaf
External parties
leaf
Darknet monitoring
leaf
Social media monitoring
leaf
IoC correlation
leaf
Trusted distribution channels
leaf
Intelligence grading score
leaf
Trusted information exchange
leaf
Community of practice
leaf
Modeling and simulation
leaf
KPI/KRI
leaf
Intelligence sharing platform
hide
Deception and denial
leaf
Diversion
leaf
Resource depletion
leaf
Uncertainty
leaf
Intelligence
leaf
Proactive measures
leaf
Counter intelligence
hide
Cognitive technologies and artificial intelligence
leaf
Environmental variables risk modelling
leaf
Anomaly detection
leaf
Intelligence support
leaf
Real time decision making
hide
Innovation
leaf
R&D
leaf
Pipeline of new ideas
leaf
New combat methods
leaf
Rapid evaluation , implementation, and integration
leaf
Fast response
hide
Internal Stakeholders
leaf
The Board
leaf
CEO and Senior Leadership Team
leaf
Core Business Units
leaf
Risk
leaf
Internal Audit
leaf
Legal
leaf
Communications and Public Relations
leaf
Human Resources
leaf
Procurement and Sourcing
leaf
IT
hide
External Parties
hide
Organisation's Value chain
hide
Customers
leaf
Online
leaf
Mobile
leaf
Call Centre
leaf
Brick and Mortar
hide
Shareholders
leaf
Individuals
leaf
Corporate investors
leaf
Government
hide
Partners To-Be
hide
Telecommunications
leaf
Mobile carriers
leaf
ISP
leaf
ESP
leaf
DNS Registrars
hide
Vendors
leaf
Security vendors
leaf
OS vendors
leaf
Hardware vendors
leaf
Software vendors
leaf
Service providers
leaf
External consultancies
hide
Think Tanks
leaf
Academia
leaf
Industry groups
leaf
Security forums
leaf
NGO
leaf
Information exchange boards
leaf
Standardisation bodies
hide
Members of CNI
leaf
Finance
leaf
Energy
leaf
Defence
leaf
Utilities
leaf
Airspace
hide
Government
leaf
Legislators
leaf
Regulators
leaf
Intelligence
leaf
Law enforcement
leaf
(Inter)National CERTs
hide
Media
leaf
Press
leaf
TV
leaf
Radio
leaf
Social media
hide
Emerging
leaf
Cloud providers
leaf
Standardisation initiatives
leaf
Trusted distribution and communication channels
hide
Cyber related ecosystem management
leaf
Trusted information exchange and communication channels
hide
Environmental variables
hide
Global
leaf
World economic development
leaf
Global technological risks
leaf
Security of cyberspace
hide
Political
hide
Geo-political trends
leaf
Global
leaf
National
leaf
Regional
leaf
Local
leaf
Governments
leaf
Activists
leaf
Terrorism
hide
Economic
leaf
Financial industry stability
leaf
Investments
leaf
GDP trends
leaf
Consumer confidence
hide
Social
leaf
Availability of skills
leaf
Education
leaf
Cuture change
leaf
Gender equality
leaf
Generation Y
leaf
Ethics and socal trends
hide
Technical
leaf
Internet of Things
leaf
Emerging vendors
leaf
BYOD technologies
leaf
Emerging technologies
leaf
Fading and legacy technologies
leaf
Big Data
leaf
Omni presence
leaf
Open API
leaf
Innovation trends
hide
Competitive
leaf
Alumnae interaction
leaf
Market drivers
leaf
Nation States interests
leaf
Industry trends
hide
Eco-system awareness and influence
leaf
Supply chain cyber readiness
leaf
Trends analysis
hide
Simplification
hide
Governance
leaf
Target Operating Model
leaf
Lean processes
leaf
Link KPI/KRI to business KI
hide
Compliance
leaf
Good vs Best practice
leaf
Principle vs Compliance driven
leaf
Risk based
hide
Culture
leaf
Simplified hierarchy
leaf
Inclusive dialogue
leaf
Data enrichment and Ethics
leaf
Engagement
leaf
Authority
leaf
Empowerment
leaf
Workforce centric security
hide
Architecture
leaf
Normalisation of artefacts
leaf
Principle based
leaf
Reuse
leaf
Service oriented
hide
Design
leaf
Iteration
leaf
Standardisation
hide
Implementation
leaf
Automation
leaf
Decommission
hide
Operations
leaf
Processes and procedures
leaf
Automation
leaf
Noise reduction
leaf
Optimisation
leaf
Virtual vulnerability patching
leaf
Decommission
leaf
Staff empowerment
leaf
Crisis communication
leaf
Coordination
hide
Infrastructure
leaf
Legacy management
hide
Applications
leaf
Open standards
leaf
Standardisation
leaf
Code sharing
leaf
Cross-platform development
hide
Services
leaf
Automation
hide
Data
leaf
Elastic
leaf
Fusion