SANS Cisco Mind Map

A CISO (Chief Information Security Officer) has a complex role within a company. They have a wide array of tasks to perform, that involves many differing parts, which the average individual is not always aware of.

CISO Mind Map is an overview of responsibilities and ever expanding role of the CISO.  This Security Leadership poster made by SANS shows exactly the matters a CISO needs to mind when creating a world class IT Security team. It also highlights the essential features necessary of a Security Operations Centre (SOC).

To make this chart more practical, I put them into the tables and will update it with some technologies and thoughts applied in my daily work. This update will last a long term. It will be put into navigation bar for easy access.

Security Operations


  • Data Protection
    • IBM Guardium
  • Network Security
    • Network IPS
    • Firewall
      • Cisco
      • CheckPoint
      • Fortigate
      • Juniper
      • Palo Alto
      • etc
  • Application Security
    • OWASP
    • WASC
    • Qualys WAS
    • IBM Appscan
    • HP Fortify
    • VeraCode
  • Endpoint Security
    • Host IPS
    • AntiVirus
    • AntiSpam
    • Endpoint Encryption
  • Secure Configurations
  • Active Defense
  • Patching
    • WSUS
  • Web Filtering
    • Cisco IronPort
  • Email Filtering
    • ProofProint
  • Log Management / SIEM
    • IBM Qradar
    • ArcSight
  • Continuous Monitoring
  • Network Security Monitoring
    • Solarwinds
    • PRTG
    • MRTG
  • NetFlow Analysis
  • Threat Hunting
  • Penetration Testing
    • Kali
  • Red Team
  • Vulnerability Scanning
    • Nessus
    • Qualys
  • Human Sensor
  • Data Loss Prevention (DLP)
    • Symantec DLP
  • Security Operation Center (SOC)
  • Threat Intelligence
    • Symantec ATP
    • FireEye
  • Threat Modeling
    • Microsoft STRIDE Tool
  • Incident Handling Plan
    • Document
  • Breach Preparation
  • Tabletop Exercise
  • Forensic Analysis
    • Paladin
  • Crisis Management
  • Breach Communication

Legal and Regulatory

Compliance Privacy Audit Investigation
  • PCI
  • SOX
  • NISP SP 800-37 and 800-53
  • Public Service of Ontario Act, 2006 (PSOA).
  • Employment Standards Act (Ontario) (ESA)
  • Privacy Shield
  • SSAE 16
  • SOC 2
  • ISO27001
  • FISMA and FedRAMP
  • NIST SP 800-53A
  • COSO
  • eDiscovery
  • Forensics
    • Paladin
Intellectual Property Contract Review Customer Requirments Lawsuit Risk
& Acts
  • Documents
  • Documents
  • Documents

Risk Management
Risk Framework Risk Assessment Methodology Business Impact Analysis
  • FAIR
  • TARA
Risk Assessment Process Risk Analysis and Quantification Security Awareness
  • Training
  • Lunch Learn
  • Communication
Vulnerability Management Vendor Risk Management Physical Security
  • Qualys
  • Badge 
  • Gate / Turnstile
  • Camera
Disaster Recovery (DR) Business Continuity Planning Risk Treatment
  • Mitigation Planning Verification
  • Remediation
  • Cyber Insurance
Policies and Procedures
  • Code of Conduct
    • Accessibility Policy – Providing Services to People with Disabilities
    • Appropriate Use of Information and Computing Resources Policy
    • Financial Policies and Procedures, including Procurement & Contract Management Policy
    • Adjudication Guideline
    • Guidance for Staff on Invitations to Third Party Functions and Other Gifts
    • Guidelines to Personal Trading Rules
    • Information and Records Management Policy
    • Media Relations Policy
    • Political Activity Policy
    • Respectful Workplace Policy
    • Security/Safety and Emergency Procedures
    • Travel, Meal and Hospitality Expenses Policy
    • Your Guide to Working at the Company
  • Policy on Protecting Information When Outside the Office
  • Security Classification Guidance
  • Proper recordkeeping and appropriate records management: relevant principles and best practices
  • Classification Scheme and Retention Schedule – Transitory Records Schedule

Business Enablement
Product Security Cloud Computing Mobile
  • Secure DevOps
  • Secure Development Lifecycle
  • Bug Bounties
  • Web, Mobile, Cloud AppSec
  • Cloud Security Architecture
  • Cloud Guidelines
  • BYOD (Bring Your Own Device)
  • Mobile Policy
Emerging Technologies Mergers and Acquisitions
  • Internet of Things (IoT)
  • Augmented Reality (AR)
  • Virtual Reality (VR)
  • Block Chain
  • Security Due Diligence


Strategy Business Alignment Risk Management
  • Team Charter
  • Roadmap
  • Security Posture
Program Frameworks Control Frameworks Program Structure
  • ISO27000
  • NIST 800-53
  • CIS Controls
Program Management Communications Plan Roles and Responsibilities
Workforce Planning Resource Managemnet Data Classification
  • Documentation
Security Policy Create a Security Culture Security Training
  • Security Handbook
  • Policy
  • Awareness Training
    • Wombat
  • Role-Based Training
Metrics and Reporting IT Portfolio Management Change Management
  • CIBCO Spotfire
  • ITIL
Board Communications
  • Information Security Steering Board

Identify and Access Management

Single Sign On
Federated Single Sing on (FSSO)
Multi-Factor Authentication
Role-Based Access Control (RBAC)
Identity Store (LDAP, ActiveDirectory)

Leadership Skills

Business Strategy Industry Knowledge Business Acumen
Communication Skills Presentation Skills Strategic Planning
Technical Leadership Security Consulting Stakeholder Management
  • ISO Charter
  • Advisory 
  • Group / Team Mail Box 
    • Coloring Categorie
Negotiations Mission and Vision Values and Culture
Roadmap Development Business Case Development Project Management
  • Company / Organization Wide Information Security RoadMap
  • Project Charter
Employee Development Financial Planning Budgeting
Innovation Marketing Leading Change
Customer Relationships Team Building Mentoring
  • ISO Team Dashboard
    • Project Portfolio
    • Operational Activities

Note: ISO = Information Security Office

Another CISO Mind Map example:

Note: The original image concept was created by Rafeeq Rehman and later redesigned by Momentum Partners.

By Jonny

Leave a Reply