Objectives

Objectives are aligned to BRSE functions, which are:

1. Cybersecurity Management

2. Cyber Defense/Breach Response (a bit broader term: Security Operations)

3. Reconnaissance/Analysis/Planning

4. Cyber Protection/Security Engineering

1. Cybersecurity objective : breach disruption

   1. Cybersecurity Management function is responsible for establishing and operating cybersecurity function, which includes: Approach, Terms, Formalizations, Procedures, Team| Roles, Cooperation within cybersecurity team

   2. Cyber Defense/Breach Response function is responsible for establishing, operating a function for preparing for, and execution of manual breach response.

   3. Reconnaissance/Analysis/Planning (RAP) function is responsible for establishing and operating  a function of finding relevant breach types and TTPs, IT Discovery, modeling, threat management, vulnerability management, including Detection Engineering and Threat Hunting.

   4. Cyber Protection/Security Engineering function is responsible for establishing and operating  a function of establishing and executing automatic breach response through disruption and denial options against relevant TTPs with aim to cover up to 80%. It includes: cooperation with IT: patching, hardening. Design, deployment, run & maintain of security solutions and tools. IT Approach and architecture: Blue/Green, Data/Code split, IaC

How did we get this list?

We enumerated fifty most obvious challenges in cybersecurity and apparently they can be grouped in these four domains.

Exclusions 

As a reminder, BRSE follows the concept of laser-focused cybersecurity, meaning that it exclusively focus on breach response, which means excluding:

CIA Triad

Resilience, Continuity, Disaster Recovery and Backups

Privacy, Encryption

Identity and Network Management.

If there is a need to tap into those areas, BRSE-style cybersecurity function will cooperate with the owners of those domains to achieve its objectives.