< CASP
Analyze industry trends and outline potential impact to the enterprise
Perform on-going research
Best practices
New technologies
New security systems and services
Technology evolution (e.g. RFCs, ISO)
Situational awareness
Latest client-side attacks
Threats
Counter zero day
Emergent issues
Research security implications of new business tools
Social media/networking
Integration within the business (e.g. advising on the placement of company material for the general public)
Global IA industry/community
Conventions
Attackers
Emerging threat sources
Research security requirements for contracts
Request for Proposal (RFP)
Request for Quote (RFQ)
Request for Information (RFI)
Agreements
Carry out relevant analysis for the purpose of securing the enterprise
Benchmark
Prototype and test multiple solutions
Cost benefit analysis (Return on Investment - ROI, Total Cost of Ownership - TCO)
Analyze and interpret trend data to anticipate cyber defense aids
Review effectiveness of existing security
Reverse engineer / deconstruct existing solutions
Analyze security solutions to ensure they meet business needs
Specify the performance
Latency
Scalability
Capability
Usability
Maintainability
Availability (MTTR- Mean Time To Recovery, MTBF- Mean-Time Between Failure)
Conduct a lessons-learned / after-action review
Use judgment to solve difficult problems that do not have a best solution
Conduct network traffic analysis
This article is issued from Wikibooks. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.