Digital transformation (DX) is all about how companies invest to transform their business by leveraging new technologies such as cloud, big data and analytics, and mobility. In terms of DX maturity, IDC believes 59% of companies remain at either stage two or three, or what IDC calls a "digital impasse."*
18%
Dx
Digital
Transformation
IDC forecasts DX spending will grow at close to an 18% compound annual growth rate from 2016-2021, hitting $2.1 trillion in 2021.**
* Press Release: IDC Reveals Worldwide Digital Transformation Predictions (11/1/17).
** Press Release: IDC Forecasts Worldwide Spending on Digital Transformation Technologies to Reach $1.3 Trillion in 2018 (12/15/17).
Learn more
Download Now
Capabilities Brief: Governance, Risk and Compliance
68%
68% of companies still say their Board of Directors are not briefed regularly about what their organizations are doing to prevent or mitigate the consequences of a cyberattack.*
* Ponemon Global Cyber Megatrends report (February 2018).
Go
Governance
25%
Learn more
According to a recent survey, only 25% of respondents described their risk management processes as "mature" or "robust." Within this sample, larger organizations, public companies, and financial services companies were at the higher end of the maturity spectrum, but only 40-50% of these groups characterized their risk management process as "mature" or "robust."
* Source: American Institute of Certified Public Accountants (AICPA) "2017 Report on the Current State of Enterprise Risk Oversight" (published March 2017).
Rm
Risk
Management
View Now
Solutions Brochure: Optiv's Third Party Risk Management Solution
Co
CAPABILITIES
BRIEF
Compliance
VIEW
VIEW
VIEW
Clarity brief
Whitepaper
Learn more
Optiv believes the cyber compliance landscape could get more challenging as regulations such as GDPR serve as a precursor to the implementation of more rigorous standards. According to a recent study, 66% of respondents believe the U.S. and other countries will adopt privacy and data security regulations that will resemble GDPR.*
*Ponemon Global Cyber Megatrends report (February 2018).
VIEW
VIEW
Gdp
General Data
Protection Regulation
Learn more
General Data Protection Regulation Readiness Review
GDPR Compliance
The GDPR regulation from the EU is set to take effect May 25, 2018. Fines for offenses are scheduled to be quite punitive reaching as high as 20 million euros or 4% of global turnover, whichever is greater.
At-a-glance
CLARITY PAPER
34%
40%
26%
* Ponemon The Evolving Role of CISOs (August 2017).
Are IT security objectives aligned with business objectives?*
No
Partially Aligned
Fully Aligned
Security is critical to enable digital business success. Digital transformation broadens an organization's attack surface as it pushes IT infrastructure into the cloud, embraces DevOps techniques, and incorporates IoT. Security leaders must become more aware of general business objectives and work to support those objectives. That means articulating to both business leaders and Boards of Directors how their security roadmap aligns to corporate priorities and demonstrating ROI for security investment.
Ba
Business
Alignment
Asset Management is critical to an effective cybersecurity strategy. You cannot properly secure what you do not know exists. In addition, by continuously tracking and optimizing IT asset footprint, other functions such as patch management become far more streamlined.
Am
Asset
Management
The sheer volume and frequency of changes in the technology environment of most organizations creates a tremendous burden for change management practices. To more effectively compete in the digital economy, companies have a desire to introduce more change into IT production environments at a faster pace. Formalized change management programs can slow this process, but must be engrained in the evolving corporate culture. Good processes are built with verification and validation steps to catch exceptions and mistakes, but a pace of overwhelming change still creates the risk for gaps. Optiv can work with your organization to help manage this risk through our Device Management service.
Learn more
View Now
Capabilities Brief:
Device Management
Cm
Change
Management
* Gartner How to Respond to the 2018 Threat Landscape (11/28/17).
According to Gartner, through 2021, 99% of vulnerabilities exploited will continue to be ones known by security and IT professionals for at least one year. Through 2021, the single most impactful enterprise activity to improve security will be patching.*
Effective patch management is a strong defense against malware and other types of threats that target software vulnerabilities. While there are varying valid reasons for why it may not be feasible -- or a high priority -- to implement some patches, it is still hard to accept that many high-impact breaches stem from poor patch hygiene. In addition, many exploited vulnerabilities have already been well characterized.
Pm
Patch
Management
Configuration management proactively and continuously monitors and hardens the security configurations of an organization’s operating systems, applications and network devices. A formalized configuration management program is important to demonstrate compliance with various regulations including PCI DSS and HIPAA.
Cfg
Configuration
Management
VIEW
IAM Primer
Despite increased spending on identity and access management programs, organizations are still being breached at a record level. According to the ITRC, breaches in the US increased 45% in 2017. Furthermore, 81% of successful hacks leveraged either stolen and/or weak passwords according to the Verizon DBIR for 2017.
Organizations have spent money to advance their endpoint, network protection, and encryption solutions. However, their security programs continue to be challenged because IAM basics have not been addressed. Organizations should assume they have been breached, adopt a zero trust model, and secure identities that would allow lateral movement, such as OEM accounts, aged accounts, and privileged accounts. Get back to the basics - make strategic investments in IAM, including access control, user lifecycle and access governance and avoid advanced techniques until the basics are addressed.
Iam
Identity Access
Management
Learn more
Learn more
View Now
Service Guide: Network
Security Solutions
Network security is likely one of the largest line items in the security budget. In the world of digital transformation, the old paradigm of the protected perimeter has become less relevant. Network security concepts are being forced to morph with the advent of virtual/cloud IT environments and distributed IoT devices. In addition, virtual environments create growing demand for advanced micro-segmentation.
Ns
Network
Security
VIEW
SERVICE GUIDE
Due to the growing sophistication of attacks, endpoint security has been forced to evolve beyond signature-based blocking. Next-gen AV incorporates new prevention techniques such as machine learning that do not rely on signatures.
In addition, new tools for endpoint detection and response are also fighting for precious real estate on the endpoint. Ultimately, agent overload on the endpoint is not ideal from a security operations perspective. As the traditional/incumbent AV vendor and next-gen endpoint vendors alike continue to fill out their capabilities including EDR (or combine through M&A), we expect a consolidation in the number of agents installed per endpoint.
Es
Endpoint
Security
Learn more
Vulnerability management should be more than running a vulnerability scanner once per year and remediating the resulting vulnerabilities. An effective vulnerability management program includes more continous scanning, prioritized remediation and tracking, root-cause analysis, and detailed reporting. Optiv has expertise to help you mature your vulnerabilty management program with numerous third-party technologies, or we can offer a program as a managed service.
Learn more
View Now
Whitepaper: Building an Effective Vulnerability Management Program
Vm
Vulnerability
Management
* Gartner Market Guide for Secure Email Gateways (5/3/17).
VIEW
Viewpoint
paper
Email is one of the most commonly used channels for cyber attacks, as well as a significant point of egress for sensitive content. Additionally, organizations are migrating their email infrastructure to the cloud through offerings such as Microsoft Office 365 (O365).
According to Gartner, by 2021, more than 70% of business users will be substantially provisioned with cloud office capabilities. As email moves to the cloud, so is the associated secure email gateway (SEG).
While Microsoft does offer some native security functionality for O365, most users view that capability as somewhat deficient and overlay additional third-party security solutions. Gartner says 35% of client organizations that move to Office 365 are supplementing the offering's natively available email security capabilities with a third-party product.
Em
Email
Management
Learn more
Secure web gateways represent a fairly mature market, but they provide value for advanced URL filtering and advanced threat defense. Secure web gateway technology may increasingly blend with adjacent technologies such as firewalls, DNS resolution services, and CASB.
Ws
Web
Security
Service guide
VIEW
VIEW
VIEW
Infographic
Capabilities brief
* Forrester TechRadar Application Security, 2017.
Exploitation of software vulnerabilities was the #1 method of external intrusion for breaches, yet 44% of security decision makers say AppSec is among the skills most needed in their organizations.* To address this, companies are looking for vendors to help design and implement formal AppSec programs that integrate manual and automated security testing more effectively throughout their development lifecycles”.
As
Application
Security
* Gartner Predicts 2018: Security Solutions (11/15/17).
35%
60%
By 2020, more than 60% of organizations will invest in multiple data security tools, up from approximately 35% today.*
Among the multitude of security assessments Optiv conducts for clients annually, Data Protection stands out as one of the lowest maturity disciplines in most organizations. Penalties for poor data protection practices are set to escalate with the advent of new regulations such as GDPR. Optiv expects continued strong corporate investment in data security infrastructure including DLP, encryption, and data-centric audit and protection (DCAP).
Dp
Data Protection
Learn more
* McAfee Labs Threats Report (December 2016).
According to one survey of companies with 1,000 employees or more, nearly 9 out of 10 organizations already have either an internal or external SOC with most SOCs (60%) run internally.*
VIEW
Program
insight
Forming a Security Operations Center (SOC) is an important step toward advancing the effectiveness of an organization's security operations. The SOC team’s goal is to detect, analyze, and respond to security incidents using a combination of technology solutions and a strong set of processes. The scope of the SOC operation should ultimately evolve toward 24/7 coverage and/or utilize MSSPs to augment coverage.
Soc
Security Operations Center
Learn more
VIEW
INfographic
SIEM is a foundational tool for effective security operations. However, SIEM is expensive to resource and complex to operate. To be most effective, it requires continuous expert interaction to refine rules and correlate output.
As a result of these considerations, Optiv is seeing increased demand for SIEM expertise around management/performance monitoring, tuning, and 24/7 alert monitoring.
Over time, SIEM will likely integrate with SOAR. As evidence of this progression, we have already seen IBM acquire Resilient and Splunk acquire Phantom Security. Let Optiv help you overcome your SIEM challenges and better integrate your SIEM into your security environment to improve cyber resiliency.
SM
Security Info &
Event Mgmt
Learn more
Viewpoint
paper
* Gartner How to Write a Security Incident Response Procedure Document (12/12/17).
** The Forrester Wave: Digital Forensics And Incident Response Service Providers, Q3 2017 (9/28/17).
VIEW
SErvice
brief
For many organizations, a serious security incident is a matter of "when" and not "if." This reality makes developing an effective response plan a critical objective for any CISO to protect their organization. Gartner warned that 75% of CISOs who experience publicly disclosed security breaches and lack documented, tested response plans will be fired.*
In addition, new regulations like GDPR make this issue far more daunting by mandating a breach notification window of only 72 hours. An effective incident response plan includes a pre-existing relationship (and ideally a service retainer) with an expert IR firm. Optiv was ranked as a "Strong Performer" in Forrester's evaluation of Digital Forensics and Incident Response Service Providers.**
Ir
Incident
Response
Learn more
* Gartner Market Guide for Security Threat Intelligence Products and Services (7/20/17).
In an uncertain security environment, cyber threat intelligence is one way to gain a footing and understand the lay of the land. The art behind successful security operations lies not only within people, process and technology, but within the ability to make good, judgement-based decisions.
Intelligence is all about gaining advantage over cyber adversaries and influencing decision making from the Threat Analyst to the Board of Directors.
By 2020, 15% of large enterprises will use commercial threat intelligence (TI) services to inform their security strategies, an increase from today's less than 1%.*
Cti
Cyber Threat
Intelligence
Learn more
Download Now
Solution Primer: Identity Defined Security Primer
Ics
Identity Centric
Security
In recent years, a majority of organizations have made significant investments in cyber security technologies with a single goal in mind – prevent a breach. And yet, most security experts believe that it’s not a matter of if, but when.
Existing standalone cyber security investments are collecting a wealth of information about users, their devices and their activities. Combining this intelligence with traditional identity and access management (IAM) technologies provides a context-based approach to authentication and authorization that reduces risk and improves security. An identity centric approach to enterprise security allows enterprises to optimize their cyber security investment while controlling risk as IT infrastructures converge.
* Gartner 10 Things to Get Right for Successful DevSecOps (10/3/17).
DevSecOps evolves DevOps principles to more directly infuse security across the software development lifecycle. By 2021, DevSecOps practices will be embedded in 80% of rapid development teams, up from 15% in 2017.*
Dso
DevSecOps
SEE 5 STEPS TO MANAGING 3RD PARTY RISK
Optiv's tprm service can help you
Improve your
risk posture
Enhance your
assessment lifecycle
Optimize the use of your skilled resources
Reduce costs
* Ponemon Data Risk in the Third-Party Ecosystem (Sept 2017).
56% of organizations experienced a data breach caused by one of their vendors, an increase of 7 percent over the last year, up from 49% in the prior year.*
Trm
Third Party
Risk Management
*** Gartner Magic Quadrant for Cloud Access Security Brokers (11/30/17).
** Gartner How to Respond to the 2018 Threat Landscape (11/28/17).
* Netskope Cloud Report February 2018.
To protect against this risk and to improve visibility over shadow IT, Gartner expects significant corporate investment in CASB tools is expected. According to Gartner, by 2020, 60% of large enterprises will use a CASB to govern cloud services, up from less than 10% today.***
These unsanctioned apps -- or shadow IT -- can create risk for organizations. According to Gartner, by 2020, one-third of successful attacks experienced by enterprises will be on data located in shadow IT resources, including shadow Internet of Things (IoT). **
According to Netskope, the average company is using nearly 1,200 cloud services and nearly 93% of these are not "enterprise ready."* Many departments within organizations frequently spin up SaaS applications to improve their productivity, but these apps are often not vetted.
Ca
Cloud Access
Security
Broker
VIEW
SErvice
brief
* Ponemon: The 2018 Global Cloud Data Security Study (January 2018)
Utilizing cloud services has become the foundation to empower the agility and innovation of the digital business. Unfortunately, input from the security team is not relied upon as frequently as it should be as companies rush to the cloud.
According to a study by Ponemon examining how often the security team is involved in cloud decisions, 35% of respondents said "rarely," and another 8% said "never."
Cs
Cloud
Security
Learn more
VIEW
SErvice
brief
* Gartner Shift Cybersecurity Investment to Detection and Response (5/3/17).
* Gartner The Fast-Evolving State of Security Analytics, 2016 (8/9/17).
Popular new tools to empower this effort incorporate data capture at the endpoint (Endpoint Detection and Response or EDR) and in the network. This also includes new forms of behavior anomaly detection including UEBA (User and Entity Behavior Analytics). By 2018, prescriptive analytics will be deployed in at least 10% of UEBA products to automate response to incidents, up from zero today.*
Due to a realization that preventative security controls are not foolproof, security budgets are shifting to also emphasize detection and response. By 2020, 60% of enterprise information security budgets will be allocated for rapid detection and response approaches, up from less than 20% in 2015.*
Dr
Detection and
Response
Learn more
* Cisco 2018 Annual Cybersecurity Report.
* Cisco 2018 Annual Cybersecurity Report.
* Cisco 2018 Annual Cybersecurity Report.
* Ponemon Reducing Cybersecurity Costs & Risk through Automation Technologies (November 2017).
Gartner defines SOAR (Security Orchestration, Automation, and Response) as a toolset that collects security threat data and alerts from different sources, where incident analysis and triage can be performed leveraging a combination of human and machine power to help define, prioritize and drive standardized incident response activities according to a standard workflow.
According to Ponemon analysis, cyber automation dramatically reduces the hours spent evaluating intelligence, sifting through false positives, and remediating infected devices. Ponemon calculates the potential labor savings in these areas from cyber automation approaches 80%.
Security organizations are struggling due to a shortage of talent, an abundance of disparate tools to manage, and alert overload. Around 46% of companies now use security technology from 11 or more vendors -- with 21% using 21 or more vendors.*
Sr
Security Orch
and Automation
* The Hunter Strikes Back: The SANS 2017 Threat Hunting Survey (April 2017).
Threat Hunting is a proactive, ongoing effort to identify and eradicate adversaries that have already pierced security controls and are dwelling in an organization's network. Effective threat hunting leverages threat intelligence, telemetry from a host of tools including endpoint and network detection and response, and the ingenuity of the threat analyst. It is an offensive, rather than defensive, endeavor. According to a SANS survey in 2017, 31% of organizations had a threat hunting program with dedicated staff; 16% had a program with shared staff, 13% had an ad-hoc program, and 28% did not yet have a program.*
Learn more
View Now
Services Brief: Threat Hunting and Incident Response
Th
Threat Hunting
Learn more
VIEW
SErvice
brief
1) Orchestration and Automation technologies to free up analyst time so it can be re-allocated to higher value activities such as proactive threat hunting.
2) Extensive data retention (including SIEM-tier, Search-tier using ElasticSearch or similar, and Data Lake-tier using Hadoop).
3) Advanced analytics and detection.
4) KPIs and discreet metrics to measure accountability and efficacy.
For Optiv, the concept of next gen SOC describes a necessary evolution and improvement beyond current gen SOC capabilities which center around device management and monitoring. A select list of next gen SOC components include:
Contact Optiv so that we can help you architect and implement your SOC evolution roadmap. Optiv was recognized as a Vendor To Watch by Gartner in its July 2017 Market Trends: The Security Operations Center Opportunity report.
Ng
Next Generation
SOC
Learn more
* Gartner Top 10 Strategic Technology Trends for 2017: Adaptive Security Architecture (3/21/17).
To improve security defenses against increasingly sophisticated threat actors, Optiv expects that organizations will turn to big data solutions. The proliferation of security tools leads to the generation of an overwhelming amount of both internal and external threat telemetry which must be captured, stored, and normalized for analysis. Big data may provide the most effective solution for this problem, and then be available for mining by increasingly intelligent automated analysis.
Gartner has said that: "By 2020, we believe that 40% of enterprises will have established a "security data warehouse" for the storage of this monitoring data to support retrospective analysis."*
Bd
Big Data
* Gartner: The Fast-Evolving State of Security Analytics, 2016, April 2016, Refreshed August 2017.
Ml
Machine
Learning
Machine learning analyzes and synthesizes an avalanche of information that humans alone could not match. It is the practice of using algorithms to parse data, learn from it, and then make a determination or prediction about something in the world. According to Gartner, by 2018, 25% of security products used for detection will have some form of machine learning built into them.*
* Gartner How to Manage and Defend Your Security Budget (3/5/18).
* Gartner Forecast Analysis: Internet of Things — Endpoints, Worldwide, 2017 Update (12/27/17)
It does not appear that many security organizations are well prepared for this potential explosion in network devices. Through 2020, only 10% of security budgets will adequately address the convergence of IT, operational technology and the Internet of Things, up from less than 1% now.
The use of IoT and OT promise compelling innovation for consumer-based applications and enhanced operational/production efficiency for corporate applications. Gartner believes IoT shipments will reach 7.6 billion units in 2021, pushing the installed base up to 25 billion total units by that time.
IoT
Internet of Things
Through 2022, only 10% of enterprises will achieve any radical transformation with the use of blockchain technologies.
Bc
Blockchain
* Gartner Predicts 2018: Top Predictions in Blockchain Business (11/10/17).
* Ponemon 2016 Cost of Insider Threats (September 2016).
25% of breaches were perpetrated by insiders, and insider related breaches have been growing in prevalence over the past couple years according to statistics from the Verizon DBIR report from 2017. Most insider incidents are likely related to simple negligence rather than malicious intent. The cost to resolve malicious insider activity can be 70% higher per incident compared to simple negligence.
Ni
Negligent
Insiders
51% of breaches were perpetrated by organized criminal groups according to the Verizon DBIR report from 2017.
Oc
Organized
Crime
18% of breaches were perpetrated by state-affiliated actors according to the Verizon DBIR report from 2017.
Nt
Nation
State
A small minority of breachers are related to Hacktivist activity where the motivation is not related to either financial gain or espionage. According to the Verizon DBIR report from 2017, 73% of breaches were financially motivated and 21% were related to espionage. This would leave up to 6% of breaches that are split between Hacktivists, Grudge, or Fun. Verizon refers to Hacktivists as Ideology motivated.
Ha
Hacktivist
The cost to resolve malicious insider activity can be 70% higher per incident compared to simple negligence.*
* Ponemon 2016 Cost of Insider Threats (September 2016)
25% of breaches were perpetrated by insiders, and insider related breaches have been growing in prevalence over the past couple years. This is according to statistics from the Verizon DBIR report from 2017. Most insider incidents are likely related to simple negligence rather than malicious intent. Malicious insider activity is more difficult to uncover and contain.
Mi
Malicious
Insiders
* ISACA’s State of Cyber Security report for 2016 and 2017.
** 2017–2018 NACD Public Company Governance Survey.
** 2017–2018 NACD Public Company Governance Survey.
** 2017–2018 NACD Public Company Governance Survey.
Ra
Role and
Responsibility
Corporate cyber security programs are positioned to break the perception that they are strictly a cost center, and instead gain respect for their ability to safeguard and propel digital business transformation. By demonstrating the ability to reduce the risk of customer churn through practices that both secure confidential information and protect privacy, CISOs should gain increasing support of senior management and visibility with the Board of Directors. Security programs continue to consolidate under the leadership of the CISO. 65% of companies in 2017 had a CISO, up from 50% in 2016.*
That said, CISOs have their work cut out for them. In one survey targeted at Boards of Directors, only 37% of respondents feel “confident” or “very confident” that their company is secured against a cyberattack.**
* Cisco 2018 Annual Cybersecurity Report.
Oz
Optimization
Security organizations are struggling due to a shortage of talent, an abundance of disparate tools to manage, and alert overload. Around 46% of companies now use security technology from 11 or more vendors -- with 21% using 21 or more vendors. As the complexity and tool count within an organization increase, so too does its risk of breach. Of organizations using 1-5 vendors, 28% said they had been breached; that number rose to 85% for organizations using 21-50 vendors.
Optiv has unrivaled expertise in integrating security technology and a breadth of security advisory services. We can help you optimize your security program and technology footprint to drive down costs and improve your security posture.
* Cisco 2018 Annual Cybersecurity Report.
Te
Technology
CISOs are overwhelmed by the marketing messages of thousands of security technology vendors all proclaiming they have the magic bullet to fix their security challenges. Partially due to this impact, Optiv has noticed dramatic tech sprawl within organizations. Around 46% of companies now use security technology from 11 or more vendors - with 21% using 21 or more vendors. This is up from 28% of companies that used 11 or more vendors in the prior year.
* 2017 Global Information Security Workforce Study.
St
Staffing
Lack of skilled personnel is consistently mentioned by organizations as one of the top inhibitors to building effective cyber security programs, and the gap is not expected to improve. A recent study estimated the cybersecurity workforce shortage will hit 1.8m unfilled positions by 2022.*
* Ponemon Global Cyber Megatrends report (February 2018).
Bu
Budget
According to one survey, only 36% of respondents say their senior leadership believes cybersecurity is a strategic priority, which, in turn, affects funding for investment in technologies and personnel.
Lack of budget continues to rank among the top inhibitors to building an effective security program. CISOs are increasingly expected to provide detailed TCO/ROI analysis and demonstrate business alignment to win purchase approval.
44%
* The Federal Cyber AI IQ Test (11/14/17).
* Ponemon Global Cyber Megatrends report (February 2018).
According to one study of the expected impact of AI for Federal cyber defense, respondents said that five years from now they believed that AI could help detect an average of 44% of cyber security breaches or hacking attempts.*
AI involves machines that can perform tasks that are characteristic of human intelligence. Machines can learn like humans without specific programming. AI is still in its infancy but represents an advancement beyond machine learning. Optimism about the potential positive impact of AI is further reinforced by a recent Ponemon study which pegged AI as the one technology that would grow most in importance for cyber defense within the next three years.*
Ai
Artificial
Intelligence
Business Fundamentals
IT Fundamentals
Security Program Fundamentals
Advanced Security Programs
Emerging Technology
Threat Actors
CISO Constraints
Dx
Digital
Transformation
Dx
Digital
Transformation
Go
Governance
Go
Governance
Rm
Risk
Management
Rm
Risk
Management
Co
Compliance
Co
Compliance
Gdp
GDPR
Gdp
GDPR
Ba
Business
Alignment
Ba
Business
Alignment
Am
Asset
Management
Am
Asset
Management
Cm
Change
Management
Cm
Change
Management
Pm
Patch
Management
Pm
Patch
Management
Cfg
Configuration
Management
Cfg
Configuration
Management
Iam
Identity and
Access Mgmt
Iam
Identity and
Access Mgmt
Ns
Network
Security
Ns
Network
Security
Es
Endpoint
Security
Es
Endpoint
Security
Vm
Vulnerability
Management
Vm
Vulnerability
Management
Em
Email
Security
Em
Email
Security
Ws
Web
Security
Ws
Web
Security
As
Application
Security
As
Application
Security
Dp
Data
Protection
Dp
Data
Protection
Soc
Security Operations Ctr.
Soc
Security Operations Ctr.
SM
Security Info
& Event Mgmt
SM
Security Info
& Event Mgmt
Ir
Incident
Response
Ir
Incident
Response
Cti
Cyber Threat
Intelligence
Cti
Cyber Threat
Intelligence
Ics
Identity Centric
Security
Ics
Identity Centric
Security
Dso
DevSecOps
Dso
DevSecOps
Trm
3rd Party
Risk Mgmt
Trm
3rd Party
Risk Mgmt
Ca
Cloud Access
Security Broker
Ca
Cloud Access
Security Broker
Cs
Cloud
Security
Cs
Cloud
Security
Dr
Detection and
Response
Dr
Detection and
Response
Sr
Security Orch and Automation
Sr
Security Orch and Automation
Th
Threat
Hunting
Th
Threat
Hunting
Ng
Next Gen
SOC
Ng
Next Gen
SOC
Bd
Big Data
Bd
Big Data
Ml
Machine
Learning
Ml
Machine
Learning
IoT
Internet of
Things
IoT
Internet of
Things
Bc
Blockchain
Bc
Blockchain
Ai
Artificial
Intelligence
Ai
Artificial
Intelligence
Mi
Malicious
Insiders
Ni
Negligent
Insiders
Ha
Hacktivist
Nt
Nation
State
Oc
Organized
Crime
Ra
Role and
Accountability
Bu
Budget
St
Staffing
Te
Technology
Oz
Optimization
SHARE THIS
Security concerns of the modern day CISO
CISO PERIODIC TABLE