(Cyber) Security Governance
Security strategy, budgeting, alignment with business & business goals, roles & responsibilities, hiring and team strategy

Data Governance
Data ownership, data rules, data usage approvals, separation of production and non-production, data masking, Personally Identifiable Information (Pll)

Asset Management
Asset inventory, (automated) asset discovery, CMDB (configuration management database), asset types (systems, network, applications, mobile, IoT.)

Risk Assessments, Threat Modeling & Security by Design, Pentesting & Red Teaming
Performing (periodic) risk assessments, pentesting or ethical hacking, red teaming, security compliance testing, application & business threat modeling, security by design

Security and Privacy Standards
Alignment with security standards, NIST (CSF), ISO 27001, SOC 2 type 1 & 2, PCI DSS, SOX, HIPAA, GDPR, TITEPA, CCPA, and other state's regulations. 

Cyber Security Threat Intelligence
Monitoring of intelligence sources, threats from attackers, dark web monitoring, CSIRT

Third Party Risk Management (TPRM)
TPRM governance, TPRM assessments for due diligence, periodic monitoring, profiling and risk tiering, secure onboarding, offboarding

Endpoint Protection & Mobile Device Management
Endpoint protection on laptops/desktops/servers, BYOD/CYOD, Mobile Device Management (MDM), secure internet access (via proxy/firewall)

Network Security
Network and Web Application Firewalls, firewall rule reviews, Virtual Private Networks (VPN), (micro) segmentation, (virtual) LANs, software defined networking, segmented management access, jump servers, zero-trust networking, DMZs (network) IDS/IPS, Proxy filtering, DDoS protection, Network Access Control (NAC), CASB Gateway, TLS/SSL offloading

Vulnerability Management
Vulnerability scanning, vulnerability remediation, credentialed & non-credentialed scanning, managing and accepting vulnerabilities

Hardening & Secure Configuration
Hardening baselines, hardening procedures, hardening scanning, deviations and deviation management

Encryption and Cryptography
Encryption of data at rest & in transit, (virtual disk encryption, database encryption, SSL/TLS, Key Management System, Public Key Infrastructure

Physical Security
Access badges, physical locks, anti-tailgating or piggybacking. turnstiles, security guards, Data Center physical security

Identity & Access Management (IAM)
HR onboarding and offboarding, HR integration, joiner + mover + leaver process, minimum password requirements, Single Sign On (SSO), Multi-Factor Authentication (MFA), Role Based Access Control (RBAC), Active Directory, Privileged Access Management, OAuth, smart cards, password managers, (key) vaults, federations, trusts

Data Loss Protection
Data classification (i.e., public, internal, confidential, etc.), classifying (office) documents, limiting external storage access, limiting online sharing, Email scanning Security Awareness & Training Compliance training, phishing training, training of special groups (ie., privileged users, senior leadership, etc.), monitoring of compliance

Brand and Domain Protection
Social media monitoring, domain monitoring, takedown requests

Secure Development & Deployment
Secure Software Development Life Cycle (SSDLC), CI/CD pipelines, CI/CD security triggers, security requirements, OWASP top 10
.

Security Logging & Monitoring
Endpoints + clients + servers + network components + applications with security logging enabled, centralized & untampered collection of logs, use case development, use of SIEM, monitoring events and follow-up

Secure Operations Center
Event monitoring, SOC investigation and response procedures, analysis of SIEM alerts, Indicators of Compromise, triage, threat intelligence, containment, recovery, isolation

Incident Management
Incident Management plans and procedures, Incident Management taskforce, classification, incident response, forensics, data breach, incident playbooks

Business Continuity Management (BCM) and Disaster Recovery (DR)
Business Continuity Plan, Disaster Recovery plans and procedures, Disaster Recovery testing, recovery sites, hot + warm + cold sites

Ransomware Preparedness and Response
Ransomware response playbook, (system) isolation, containment, eradication, Indicators of Compromise (IOC), ransomware infection artifacts, ransomware triage, command & control, decryptors, malware, ransomware payment