1. SABSA as a Problem Solving Framework
- Evolution of Operational Architectures and Strategies
- Change: Legacy & Future-Proof
- A Structured Thought Process for Dealing with Any Problem
2. Stakeholder Value Propositions
- Real-world Buy-in & Support
- Cultural Shift
- Customising Value Propositions
- SABSA Institute and Certification Roadmap
3. Thinking about Security Operation Centres
- Understanding Cyber Threats
- Incident Management and Monitoring in the SOC Services Catalogue
- SOC Facilities
- Obstacles to Efficient Security Operations
- SOC Roadmap
4. Framework Alignment
- Lifecycle and Scope Issues
- Greenfields Site or Alignment & Integration of Existing Investments
5. Strategy & Planning for Incident Management
- The Incident-Managed Attribute
- Conceptual Analysis
6. Incident Management Design
- Analysing Events
- Findings, Issues and Incidents
- Design Phase Architecture
7. Incident Management Maturity
- Maturity Modelling
- SABSA Maturity Profile and CREST-IR
- Maturity Assessment Process
- Cyber Kill Chain and Advanced Threats
- Advanced SOC Design
8. Industrial Control Systems
- Requirements Analysis
- Key Business Drivers
- Zoning and Cross Domain Interactions
9. Security Investigations
- Investigating Issues
- Attributes of Forensic Investigations
10. Full Requirements-to-Solution Traceability
- Detailed Application of the Traceability Layer Map
- Fit-for-Purpose Design
- SOC Service Providers