Objectives are aligned to BRSE functions, which are:
Cybersecurity Management
Cyber Defense/Breach Response (a bit broader term: Security Operations)
Reconnaissance/Analysis/Planning
Cyber Protection/Security Engineering
Cybersecurity objective : breach disruption
Cybersecurity Management function is responsible for establishing and operating cybersecurity function, which includes: Approach, Terms, Formalizations, Procedures, Team| Roles, Cooperation within cybersecurity team
Cyber Defense/Breach Response function is responsible for establishing, operating a function for preparing for, and execution of manual breach response.
Reconnaissance/Analysis/Planning (RAP) function is responsible for establishing and operating a function of finding relevant breach types and TTPs, IT Discovery, modeling, threat management, vulnerability management, including Detection Engineering and Threat Hunting.
Cyber Protection/Security Engineering function is responsible for establishing and operating a function of establishing and executing automatic breach response through disruption and denial options against relevant TTPs with aim to cover up to 80%. It includes: cooperation with IT: patching, hardening. Design, deployment, run & maintain of security solutions and tools. IT Approach and architecture: Blue/Green, Data/Code split, IaC
We enumerated fifty most obvious challenges in cybersecurity and apparently they can be grouped in these four domains.
As a reminder, BRSE follows the concept of laser-focused cybersecurity, meaning that it exclusively focus on breach response, which means excluding:
CIA Triad
Resilience, Continuity, Disaster Recovery and Backups
Privacy, Encryption
Identity and Network Management.
If there is a need to tap into those areas, BRSE-style cybersecurity function will cooperate with the owners of those domains to achieve its objectives.