Send us fan mail via text by clicking here!

In this episode, Rafeeq and Scott discuss the many considerations involved with building your own Security Operations Center SOC. While in no way a comprehensive analysis, the discussion attempts to make the concepts manageable. If you're a small company growing past a few IT headcount, the topic should help you create a vision for your situation. If you’re a larger company and looking to expand, these pointers may be of help

This conversation focused on budgeting, structure, and decision-making processes, including the choice between building in-house or outsourcing. The discussion covered various aspects of SOC operations, such as staffing requirements, skill development, and the importance of continuous learning in the face of evolving threats. Also emphasized is the need for proper shift management, stress tolerance, and the value of tabletop exercises and purple teaming in assessing SOC effectiveness.

Rafeeq wrote a great book on this topic. Have a look on Amazon here.

Check out the calculator Rafeeq mentions in the podcast here.

https://rafeeqrehman.com/ciso-mindmap/
https://www.linkedin.com/in/scott-a-hawk/
https://www.linkedin.com/in/rafeeq/

Click here to send us your comments!

Welcome to Episode 7 of the CISO MindMap Podcast. This week, Rafeeq and Scott discuss a range of topics related to business acumen. Tucked away in this topic are references to some common themes of this podcast. Themes such as brand-building, business performance, and business alignment are spread throughout the conversation.

This episode breaks down the business acumen topic into five areas:

1. Business Management
2. Accounting & Finance
3. Sales & Marketing
4. Industry Specific Knowledge
5. Legal Terminology and Concepts

https://rafeeqrehman.com/ciso-mindmap/
https://www.linkedin.com/in/scott-a-hawk/
https://www.linkedin.com/in/rafeeq/

Send us fan mail via text by clicking here!

This week, Scott and Rafeeq go wide across the CISO MindMap discussing six key concepts for every Security Operations Center. As the conversation kicks off, Rafreeq takes a few minutes to discuss a recent FBI warning related to texting.

The six elements discussed are People/Staffing, Processes, Technology Stack, Governance, Data Sources, and Threat Intelligence. Check out Rafeeq’s blog for written commentary on these topics.

During the conversation, Scott mentions a security incident from Christmas Eve 2024. He laments not recalling the specifics but as predicted, it is well documented. That incident was a hack of a Chrome extension.

Breach Stats: Scott mentioned that certain statistics are widely available to search engines. Here are the results from a ChatGPT request from February 2025.

1. Time to Detect and Contain a Breach:

• Average Detection Time: In 2024, the global average time to identify and contain a data breach was 258 days, marking a seven-year low.
  fieldeffect.com
• Industry Variations: Detection and containment times can vary by industry. For instance, the energy sector is among the fastest, yet still takes over 30 days on average to identify a breach.
  varonis.com

2. Attacker Dwell Time:

• Definition: Dwell time refers to the duration an attacker remains undetected within a system.
• Current Trends: In 2023, the global median dwell time was reported as 10 days, a decrease from 16 days in 2022.
  reddit.com

3. Average Cost of a Data Breach:

• Global Average: The average cost of a data breach globally reached an all-time high of $4.88 million in 2024, a 10% increase from the previous year.
  ibm.com
• Cost by Company Size:
  • Small Businesses (fewer than 500 employees): Average cost of $2.98 million.
  • Medium Businesses (500-1,000 employees): Slightly lower at $2.63 million.
  • Larger Businesses (1,001-5,000 employees): Higher average cost of $4.09 million.
    prowritersins.com
• Cost by Industry: Breaches involving customer personal data are particularly expensive, costing $173 per record on average in 2024, up from $156 in 2023.
  bakerdonelson.com

4. Impact of Detection Time on Breach Cost:

• Correlation: The longer a breach remains undetected, the higher the financial impact. Companies that contained a breach in less than 30 days saved more than $1 million compared to those that took longer.
  

https://rafeeqrehman.com/ciso-mindmap/
https://www.linkedin.com/in/scott-a-hawk/
https://www.linkedin.com/in/rafeeq/

Send us fan mail via text by clicking here!

It’s January 2025 and this podcast is the first of the year. Our first topic is Artificial Intelligence (AI). Or said more specifically, Generative AI. GenAI represents a potential for massive change in modern society. Although various forms of AI have been working their way into security tools and workflows for years, Generative AI has burst on the scene and leveraging it should be a top priority of security professionals.

In this episode, your hosts are covering content from both Rafeeq’s CISO MindMap and Cybersecurity Learning Saturday. The first topic is GenAI risk, assigned to 3 buckets.

1. Traditional Tech Risks
2. GenAI Amplified Risks
3. Newly Introduced Risks

The second topic is a review of emerging GenAI use cases in security. Rafeeq documents at least 6 but there will be many more.

Resources mentioned in this episode:

• See the slides and learn more about Cybersecurity Learning Saturday.
• Rafeeq’s blog on LLMs on the Mac is here.
• Rafeeq mentions Codeshare (not a sponsor), visit them here:
• Primer on AI coding tools at github
• Github Copilot

https://rafeeqrehman.com/ciso-mindmap/
https://www.linkedin.com/in/scott-a-hawk/
https://www.linkedin.com/in/rafeeq/

Send us fan mail via text by clicking here!

Numerous factors determine how long a CISO remains in their position and some can be controlled by the individual. In this episode of the CISO MindMap Podcast, Rafeeq and Scott discuss both the pitfalls and success criteria pertinent to the CISO role. From budgets to culture, they tackle some of the key elements driving the success or failure of the cybersecurity organization.

https://rafeeqrehman.com/ciso-mindmap/
https://www.linkedin.com/in/scott-a-hawk/
https://www.linkedin.com/in/rafeeq/

Send us fan mail via text by clicking here!

As 2024 draws to a close, Rafeeq and Scott discuss the most recent set of recommendations from the 2024 CISO MindMap. As has been the case, the recommendations cover a wide range of disciplines and are designed to help CISOs build the effectiveness of their teams and organizations.

During the discussion on AI, Rafeeq mentions the OWASP resource for Large Language Models. You can find that here.

https://rafeeqrehman.com/ciso-mindmap/
https://www.linkedin.com/in/scott-a-hawk/
https://www.linkedin.com/in/rafeeq/

Send us fan mail via text by clicking here!

On the second episode of the CISO Mind Map Podcast, we chat about the role of CISO and key characteristics of the role across small and large companies. Topics range from the scope of the position to the specific reporting structures. If you are a CISO, you will probably see yourself in this podcast. If you are an aspiring CISOs, we hope this podcast provides some background for your career planning.

We also provide a high level of view of the structure of the CISO Mind Map and its key differentiators from frameworks such as the NIST CSF. If you’re listening while seated, be sure to download the CISO Mind Map from the link below and follow along beginning about midway through this week’s episode.

https://rafeeqrehman.com/ciso-mindmap/
https://www.linkedin.com/in/scott-a-hawk/
https://www.linkedin.com/in/rafeeq/

Send us fan mail via text by clicking here!

Welcome to the first episode of the CISO MindMap Podcast. We hope to bring to life Rafeeq Rehman's famous CISO MindMap. With thousands of followers and readers, each year Rafeeq updates the CISO MindMap to help the community understand the scope and responsibilities of modern information security professionals.

In this episode, meet your hosts Scott Hawk and Rafeeq Rehman where they discuss the origins of the CISO MindMap and the plans for future versions of this podcast.

https://rafeeqrehman.com/ciso-mindmap/
https://www.linkedin.com/in/scott-a-hawk/
https://www.linkedin.com/in/rafeeq/