We are in the process of building a secure network reference architecture for member firms as guidance. Are there any good examples I can use?

IT Strategy & Roadmap Security Frameworks (NIST, CIS, CSF)

1.6k views2 Comments

Sort by:

Head of PMOa year ago

There's some material on this on NCSC's website. One page of which is: Architecture and configuration - NCSC.GOV.UK and there is more if you search the site. I've seen various examples at the different public authorities where I've worked over the years but they are rarely distributed widely.

VP of IT in Retaila year ago

I would focus on NIST and ISO/IEC 27001.

The NIST Framework - The National Institute of Standards and Technology (NIST) provides a framework for improving critical infrastructure cybersecurity. The NIST framework is notable for its focus on risk management and its adaptability, allowing it to be applied in a variety of contexts.

ISO/IEC 27001 - ISO/IEC 27001 is an international standard for information security. It provides a set of standardized requirements for an Information Security Management System (ISMS). The standard adopts a process-based approach for establishing, implementing, operating, monitoring, maintaining, and improving your ISMS.

Content you might like

Are CISA's current recommendations for preventing Maui ransomware attacks sufficient?

Yes, if followed correctly.39%

Unsure38%

No, there is still a significant risk.19%

Other (please tell us in the comments)3%

View Results

What is the most important factor for a successful CRM implementation?

Out-of-the-box integrations to other tools (e.g. Slack, Trello, Docusign)17%

In-depth knowledge library/training resources30%

Low-code/no-code integrations19%

Access to an implementation manager13%

Templated CRM configurations6%

Employee willingness to use11%

Executive willingness to use

Other (specify in comments)

View Results

We implemented Oracle HCM recently including Redwood. Defining the long term plan for support, we face challenges with our Oracle Security knowledge depth specifically (defining and maintaining roles/ SOD/ SOX etc). Is there anyone who has experience in setting this up after a successful Oracle HCM plus Redwood implementation and would like to share best practices with me?

I'm looking for an open-source IGA solution, has anyone had any experience they can share?

What are your thoughts around Sophos' acquisition of Secureworks? Do you think the collective Sophos would be good to combine endpoint management with incident response retainer?

We are in the process of building a secure network reference architecture for member firms as guidance. Are there any good examples I can use?

Sort by:

Content you might like

Are CISA's current recommendations for preventing Maui ransomware attacks sufficient?

What is the most important factor for a successful CRM implementation?

I'm looking for an open-source IGA solution, has anyone had any experience they can share?

What are your thoughts around Sophos' acquisition of Secureworks? Do you think the collective Sophos would be good to combine endpoint management with incident response retainer?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

How are U.S. CISOs Addressing Liability Risk?

CrowdStrike Outage: Impact And Recovery

2024 Cloud Spending: IT Balances Costs with GenAI Innovations

Are U.S. Organizations Insuring Against CISO Liability Risk?

Building an Effective Executive Succession Plan

Take Your Insights On-the-Go