Chief Information Officer (CIO)
Chief Information Security Officer (CISO)
Confidentiality, integrity, or availability (CIA)
Cyberattack
APT
availability
crisis
SeeCyberattack crisis)
confidentiality breaches
integrity breaches
malware waves
Sony Pictures Entertainment
Cyberattack crisis
action review
Calling for help
contingency planning
“falling off the cliff”
IT systems
air-gapped systems
bridge building
cybersecurity
vs
. IT restoration
improvements
interim IT capabilities
maximum allowable risk
operating capabilities
rebuilding and restoring process
recovery efforts
“keep calm and carry on”
communications overload
decision-making, difficulties
OODA loop
operational tempo
operations
playing baseball
staff and contractors
new normal culture
recovery process
caring people
cyber hand-to-hand combat
parallel rebuilding efforts
resource-driven project plan
resources constraints
resources identification
“throwing money at problems”
remediation
resolving
senior enterprise leadership
snowballing incident
CyberIncident Response Team (CIRT)
Cyberintrusion
attack graphs
attack trees
compliance standards
connectivity explosion
cyberattacks/cyberdefence
detective controls
enterprise cybersecurity attack sequence
enterprise IT consolidation
Lockheed Martin Kill chain
mandiant attack life cycle
preventive controls
Cybersecurity
architecture
audit controls
challenges
detective controls
judgment calls
scalability
security control frameworks
security operations
cloud
application security
asset management and supply chain
authentication
characteristics
contracts and agreements
cryptography
data protection
deployment models
DevOps
DevSecOps
endpoint/server/device security
high availability/disaster recovery/physical protection
identity/authentication/access management
incident response
key management
logging/monitoring/investigations
monitoring/vulnerability/patch management
network security
policy/audit/e-discovery/training
reliability and disaster recovery
scale and reliability
scopes and account management
service models
systems administration
compliance requirements
cyberattackers
commodity threats
cyberwar
espionage
hacktivists
organized crime
cyberattacks
APT
availability
confidentiality breaches
integrity breaches
malware waves
Sony Pictures Entertainment
cyberintrusion
SeeCyberintrusion
detective controls
ECSA
SeeEnterprise cybersecurity architecture (ECSA)
enterprise cybersecurity program
SeeEnterprise cybersecurity program management)
enterprise IT
attack graphs
components
emplacing cyberdefenses
forensic controls
frameworks
implementation
capabilities
IT organization
IT system life cycle
SeeIT system life cycle)
security architecture effectiveness
security controls
security scopes
SeeSecurity scopes)
security technology
mapping
assessment audit
audit report mapping
deficiency tracking and management
IT systems and security controls
multiple frameworks
prevention
processes
security capabilities
security scopes
technologies
validation audit reports
mobile and BYOD
always-on and always-connected
application security
asset management and supply chain
characteristics
conceptual architecture
data protection and cryptography
endpoint/server/device security
high availability/disaster recovery/physical protection
identity/authentication/access management
incident response
legal agreements for data protection
MDM
mobile platforms
monitoring/vulnerability/patch management
multi-factor authentication
network security
personal use and personal data
policy/audit/e-discovery/training
sensors and location awareness
systems administration
next-generation cyberdefense axioms
operations
SeeCybersecurity operations)
people/organization/budgets
preventive controls
procedural capabilities
processes/technologies
risk management process
assets
availability
confidentiality
integrity
risk evaluation
risk mitigation
risk treatment
security controls
threats
vulnerabilities
technological capabilities
security control
Cybersecurity effectiveness index (CSEIndex)
Cybersecurity operations
auditing and deficiency tracking process
functional areas
application security
asset management and supply chain
data protection and cryptography
endpoint/server/device security
high availability/disaster recovery/physical protection
identity/authentication/access management
incident response
monitoring/vulnerability/patch management
network security
policy/audit/e-discovery/training
systems administration
incident response process
information systems
IT operational process
operational process
operational responsibilities
business leadership
IT engineering
IT operations
IT strategy/architecture
security
process
account and access periodic re-certification
asset inventory and auditing IT assets
auditing and deficiency tracking
change control
configuration management database re-certification
control management
cyberintrusion response
emergency preparedness
password and key management
patch management and deployment
policies and policy exception management
privileged account activity audit
project and change security reviews
risk management
security monitoring
supplier reviews and risk assessments
vulnerability scanning
risk management process
vulnerability management process
Cybersecurity policy
compliance
guidance, functional area
application security
asset management and supply chain
audit, e-discovery, and training
data protection and cryptography
endpoint, server, and device security
high availability, disaster recovery, and physical protection
identity, authentication, and access management
incident response
monitoring, vulnerability, and patch management
network security
systems administration
purpose of
responsibilities
scope and applicability
security documentation
statement
Cybersecurity sample assessment
capabilities
decision-making
expert judgment
functional area capabilities
Level3_Index
maturity
measurement map
object characteristic measurement
object measurement equation
observed data
OMIndex
OM measurement pane
OM scoring matrix
operational processes
program assessment index
risk mitigations
security operations measurement pane
17 operational processes
single combined measurement
systems administration
113 capabilities
utilization
visualization and analysis
functional areas
assessment consideration
assessment security scope
comprehensiveness
effectiveness
expert judgment value scales
expert measurements
expert value judgments
functional area metrics
Level1_Index
Level2_Index
object characteristic
OM measurement pane
OM scoring matrix
risk mitigations
security operations metric
single combined measurement
value scales
visualization and analysis
risk mitigations
attack sequence step metrics
expert judgment
expert measurements
expert value judgments
Level1_Index
OM measurement pane
OM scoring matrix
risk impact reduction
risk probability reduction
single combined measurement
value scale
single security scope
Endpoint, server, and device security (ESDS)
Electronic Data Systems (EDS)
Enterprise cybersecurity architecture (ECSA)
application security
capabilities
definition
goal and objectives
threat vectors
assessment management and supply chain
capabilities
definition
goal and objectives
threat vectors
availability/disaster recovery/physical protection
capabilities
definition
goal and objectives
threat vectors
cyberattack and defense
automated response
before the internet
biological defense
casual attackers
down market
future evolution
harden host
layered defense and active response
nation-state attackers
professional attackers
protect network
cybersecurity assessments
cybersecurity capabilities
cybersecurity implementation
data protection and cryptography
capabilities
definition
goal and objectives
threat vectors
endpoint/server/device security
capabilities
definition
goal and objectives
threat vectors
framework
functional areas
identity/authentication/access management
capabilities
definition
goal and objectives
threat vectors
incident response
capabilities
definition
goal and objectives
threat vectors
monitoring/vulnerability/patch management
capabilities
definition
goal and objectives
threat vectors
network security
capabilities
containment
definition
goal and objectives
threat vectors
policy/audit/e-discovery/training
capabilities
definition
goal and objectives
threat vectors
systems administration
capabilities
definition
goal and objectives
threat vectors
Enterprise cybersecurity attack sequence
Enterprise cybersecurity program
Enterprise cybersecurity program management
assess assets, threats and risks
assessment phase
assess security status
assess risk mitigations, capabilities, and security operations
identify deficient areas
identify target security levels
prioritize remediation and improvements
collect operational metrics
cybersecurity improvements
assessment scores
business application servers
cybersecurity investments
general business users
HIPAA regulated systems
multiple scopes
PCI regulated systems
red-teaming threat scenarios
risk mitigations
security capabilities
security infrastructure
security operations
SOX regulated systems
elements
identify deficient areas
identify security scopes
identify target security levels
prioritize remediation and improvements
prioritizing improvement
assessment scores
factors
future/prioritizing projects
immediate/executing projects
multiple time periods
next year/resourcing projects
quantitative measurement
this year/preparing projects
resource and execute improvements
External-facing audit report