1. People
2. Technology
2.1. System
2.1.1. Firewall
2.1.2. Router
2.1.2.1. Cisco
2.1.2.2. HP
2.1.3. Switch
2.1.3.1. Cisco
2.1.3.1.1. ESW-540-8P-K9
2.1.4. Web (HTTP) Proxy
2.1.5. Reverse Proxies
2.1.6. VPN
2.1.6.1. Cisco
2.1.6.2. Juniper
2.1.6.3. Checkpoint
2.1.6.4. Pfsense
2.1.7. 2/Multi Factor Authentication
2.1.7.1. RSA
2.1.8. eDiscovery
2.1.9. DLP (Data Loss Prevention)
2.1.10. IDS/IPS
2.1.10.1. Network-based
2.1.10.1.1. Cisco
2.1.10.1.2. Snort
2.1.10.1.3. Sourcefire
2.1.10.2. Host-based
2.1.10.2.1. OSSEC
2.1.10.2.2. McAfee
2.1.11. SIEM
2.1.11.1. Security information and event management (SIEM) is a term for software products and services combining security information management (SIM) and security event management (SEM). SIEM technology provides real-time analysis of security alerts generated by network hardware and applications.
2.1.11.2. HP ArcSight
2.1.11.3. McAfee/NitroSecurity
2.1.11.4. IBM Security QRadar SIEM
2.1.11.5. LogRhythm
2.1.11.6. Splunk
2.1.12. Asset Management
2.1.13. Vulnerability Scanner
2.1.13.1. Qualysguard
2.1.13.1.1. Vulnerability Management
2.1.13.1.2. Asset Management
2.1.13.1.3. PCI Compliance
2.1.13.1.4. Web Application Scanner
2.1.13.1.5. Malware Detection Scanner
2.1.13.2. Nessus
2.1.13.3. OpenVAS
2.1.14. Patch Management
2.1.15. Risk Management
2.1.16. Enterprise Device Management
2.1.16.1. Good for Enterprise
2.1.16.2. Airwatch
2.1.17. Log Management
2.1.18. NAC
2.1.18.1. Forescout
2.1.18.2. 802.1x
2.1.18.3. Cisco ISE
2.1.19. AAA
2.1.19.1. Cisco ACS
2.1.19.2. Microsoft NPS
2.1.20. PKI
2.1.20.1. Windows
2.1.20.2. Linux
2.1.21. Incident Response
2.1.21.1. Resilient Systems
2.1.21.1.1. Dynamic Action Plans
2.1.21.1.2. Intelligence Feeds
2.1.21.1.3. Comprehensive Reporting
2.1.21.1.4. Simulations
2.1.21.1.5. Modules
2.2. Tools
2.2.1. Anonymity
2.2.1.1. TAILS
2.2.1.2. TOR
2.2.2. Digital Forensics
2.2.2.1. Malware Analysis
2.2.2.1.1. Static
2.2.3. LANSweeper
2.2.4. IT_Sec_V4.0
2.2.5. Ciscat
2.2.6. Wireshark
2.2.7. VRisk2
3. Architecture
4. Process
4.1. Strategy
4.2. Building ROIs
4.3. Building Trust
4.4. KPIs
4.5. Standards
4.5.1. ISO
4.5.1.1. 27000
4.5.1.2. 27002
4.5.1.3. SO 31000:2009, Risk management – Principles and guidelines
4.5.1.3.1. Establish the context
4.5.1.3.2. Identify risks
4.5.1.3.3. Assess risks
4.5.1.3.4. Select treatments
4.5.1.3.5. Develop overall risk assessment
4.5.2. NIST
4.5.3. SANS Critical Security Controls
4.5.3.1. 1. Inventory of Authorised and Unauthorised Devices
4.5.3.2. 2. Inventory of Authorised and Unauthorised Software
4.5.3.3. 3. Secure configurations for Hardware and Software
4.5.3.4. 4. Continuous Vulnerability Assessment and Remediation
4.5.3.5. 5. Malware Defences
4.5.3.6. 6. Application Software Security
4.5.3.7. 7. Wireless Access Control
4.5.3.8. 8. Data Recovery Capability
4.5.3.9. 9: Security Skills Asessment and Appropriate Training to Fill Gaps
4.5.3.10. 10. Secure Configurations for Network Devices
4.5.3.11. 11. Limitation and Control of Network Ports
4.5.3.12. 12. Controlled Use of Administrative Privileges
4.5.3.13. 13. Boundary Defence
4.5.3.14. 14. Maintenance, Monitoring and Analysis of Audit Logs
4.5.3.15. 15. Controlled Access Based on the Need to Know
4.5.3.16. 16. Account Monitoring and Control
4.5.3.17. 17. Data Protection
4.5.3.18. 18. Incident Response and Management
4.5.3.19. 19. Secure Network Engineering
4.5.3.20. 20. Penetration Tests and Red Team Exercises
4.6. Policies/Governance
4.7. Processes
4.8. Procedures
4.9. Security Awareness
4.10. Gap Analysis
4.11. Building out capabilities
4.12. Asset Management and Inventories
4.13. Audits
4.14. Risk Assessment
4.15. Incident Response
4.16. Breaches/Crises
4.17. Executive Presentations
4.18. Education/Training/Certifications
4.18.1. Cloud Security
4.18.1.1. CSA
4.18.2. ISC2
4.18.2.1. CISSP
4.18.2.1.1. 10 Domains in the CBK
4.18.3. ISACA
4.18.3.1. CISM