cybersecurity-domains-extended.json

{
    "Cybersecurity Domains": {
        "Security Architecture": {
            "Network Design": ["DDoS Prevention", "Segmentation", "ZTNA Architecture"],
            "Security Engineering": ["Secure Systems Integration", "Infrastructure Hardening"],
            "Data Protection": ["Data Loss Prevention", "Data Masking", "Backup and Recovery"],
            "Access Control": {
                "Identity Management": [
                    "Privileged Access Management",
                    "Identity and Access Management",
                    "Biometric Authentication"
                ],
                "Federated Identity": ["OAuth", "OpenID Connect", "SAML"],
                "MFA and SSO": ["Adaptive Authentication"]
            },
            "Cloud Security": [
                "Cloud Workload Protection",
                "CASB",
                "Cloud IAM",
                "Cloud Compliance"
            ],
            "Secure System Build": [
                "Baseline Configuration",
                "Patch Management",
                "Configuration Drift Detection"
            ],
            "Cryptography": {
                "Key and Secret Management": ["Vaulting", "HSM", "Cloud KMS"],
                "Encryption Standards": ["AES", "RSA", "Post-Quantum Cryptography"],
                "Certificate Management": ["PKI", "Certificate Automation"]
            },
            "Endpoint Hygiene": [
                "Antivirus/EDR",
                "Device Control",
                "BYOD Security"
            ],
            "Container Security": ["Kubernetes Security", "Image Scanning", "Runtime Protection"]
        },
        "Security Operations": {
            "Security Operations Centers (SOC)": ["SOC 1, 2, 3", "24/7 Monitoring"],
            "Incident Response": {
                "Breach Notification": ["Legal Obligations", "Stakeholder Communication"],
                "Containment": ["Network Isolation", "Incident Playbooks"],
                "Eradication": ["Malware Removal", "Remediation"],
                "Investigation": ["Forensics", "Root Cause Analysis"]
            },
            "Blue Team": ["Defensive Testing", "Log Analysis"],
            "Red Team": ["Adversary Simulation", "Penetration Testing"],
            "Detection": ["Behavioral Analysis", "Anomaly Detection"],
            "SIEM": ["SOAR", "Log Management"],
            "Vulnerability Management": ["Patch Management", "Remediation Prioritization"],
            "Active Defense": ["Deception Technology", "Honeypots"],
            "Threat Hunting": ["Proactive Threat Identification", "Hypothesis-Based Detection"]
        },
        "Governance": {
            "Laws and Regulations": {
                "Regional": ["CCPA", "NYS-DFS 23 NYCRR 500"],
                "Central Government": ["GDPR", "GLBA", "CLOUD Act"],
                "Industry Specific": ["PCI", "HIPAA", "FISMA"]
            },
            "Corporate Written Policies": [
                "Policy",
                "Procedure",
                "Standard",
                "Guideline",
                "Compliance and Enforcement"
            ],
            "Management Involvement": {
                "Reporting and Dashboards": ["KPIs/KRIs", "Compliance Metrics"],
                "Risk-Based": ["Board-Level Briefings"]
            }
        },
        "Risk Assessment": {
            "Third-Party Risk": ["Fourth-Party Risk", "Supply Chain Risk"],
            "Penetration Testing": [
                "Infrastructure (Network and Systems)",
                "Application Testing",
                "Social Engineering",
                "DAST",
                "Red Team"
            ],
            "Vulnerability Analysis": ["Dynamic Analysis", "External/Internal"],
            "Asset Inventory": ["Critical Asset Mapping"],
            "Risk Monitoring Services": ["Risk Score", "Threat Feeds"]
        },
        "User Education": [
            "Training (new skills)",
            "Awareness (reinforcement)",
            "Cybersecurity Tabletop Exercises",
            "Phishing Simulations",
            "Gamified Training"
        ],
        "Threat Intelligence": {
            "Internal": ["Insider Threat Detection"],
            "IOC": ["TTPs", "Indicators of Attack"],
            "Information Sharing": {
                "External": ["ISACs", "Information Sharing Agreements"],
                "Contextual": ["Enhanced Intelligence"]
            }
        },
        "Career Development": [
            "Training",
            "Certifications",
            "Conferences",
            "Peer Groups",
            "Self-Learning",
            "Coaching and Mentorship"
        ],
        "Frameworks and Standards": [
            "NIST Cybersecurity Framework",
            "ISO 27001 27017 27018",
            "OWASP Top 10 (WebApp & API)",
            "CIS Top 20 Controls",
            "CIS Benchmarks",
            "MITRE ATT&CK Framework",
            "MITRE D3FEND",
            "NIST 800 Series"
        ],
        "Physical Security": [
            "IoT Security",
            "Access Control Systems",
            "Video Surveillance",
            "Environmental Controls"
        ],
        "Enterprise Risk Management": {
            "Lines of Defense": ["Process Owners", "Risk Management Group", "Audit"],
            "Risk Treatment Actions": ["Mitigation", "Transfer", "Avoidance"],
            "Risk Appetite": ["Risk Thresholds"],
            "Cyber Insurance": ["Claims Management"],
            "BCP/DR": ["Disaster Recovery Testing", "Crisis Simulations"],
            "Crisis Management": ["Emergency Response Plans"],
            "Risk Acceptance Declaration": ["Management Approvals"],
            "Risk Register": ["Ongoing Risk Reviews"]
        },
        "Application Security": {
            "S-SDLC": {
                "\"Shift Left\"": ["CI/CD Integration", "Static Analysis in the Pipeline"]
            },
            "Source Code Analysis": ["Open Source Analysis", "SAST", "Dependency Analysis"],
            "Data Flow Diagramming": ["Threat Modeling"],
            "API Security": ["OAuth Security", "API Gateway Configurations"],
            "Security UX": ["Secure Design Principles"],
            "Security QA": ["Automated Security Testing"]
        },
        "Emerging Techs": {
            "AI Security": ["AI Threat Detection", "Adversarial AI"],
            "Quantum Computing Risks": ["Post-Quantum Cryptography"],
            "Blockchain Security": ["Smart Contract Audits", "Consensus Algorithm Attacks"],
            "5G Security": ["Network Slice Security", "IoT Integration"]
        }
    }
}