• Physical and virtual network and security devices

• Application and protocol-aware technologies

• Advanced network design (wired/wireless)

• Trusted OS (e.g., how and when to use it)

• Enterprise mobility management

• Security implications /privacy concerns

• Wearable technology

• Application security design considerations

• Specific application issues

[Enterprise Security Operations]
 

• Methods

• Types

• Network tool types

• Host tool types

• Physical security tools

• E - discovery

• Data breach

• Facilitate incident detection and response

• Adapt data flow security to meet changing business needs

• Standards

• Interoperability issues

• Resilience issues

• Technical deployment models (outsourcing/managed services/partnership)

• Cloud augmented security services

• Security advantages and disadvantages of virtualization

• Vulnerabilities associated with comingling of hosts with different security requirements

• Data security considerations

• Resources provisioning and deprovisioning

[Research, Development and Collaboration]
 

• Perform ongoing research

• Threat intelligence

• Global IA industry/community

• Systems development life cycle

• Software development life cycle

• Interpreting security requirements and goals to communicate with stakeholders from other disciplines

• Provide objective guidance and impartial recommendations to staff and senior management on security processes and controls