CASP/R A

Analyze industry trends and outline potential impact to the enterpriseEdit

Perform on-going researchEdit

Best practicesEdit

New technologiesEdit

New security systems and servicesEdit

Technology evolution (e.g. RFCs, ISO)Edit

Situational awarenessEdit

Latest client-side attacksEdit

ThreatsEdit

Counter zero dayEdit

Emergent issuesEdit

Research security implications of new business toolsEdit

Social media/networkingEdit

Integration within the business (e.g. advising on the placement of company material for the general public)Edit

Global IA industry/communityEdit

ConventionsEdit

AttackersEdit

Emerging threat sourcesEdit

Research security requirements for contractsEdit

Request for Proposal (RFP)Edit

Request for Quote (RFQ)Edit

Request for Information (RFI)Edit

AgreementsEdit

Carry out relevant analysis for the purpose of securing the enterpriseEdit

BenchmarkEdit

Prototype and test multiple solutionsEdit

Cost benefit analysis (Return on Investment - ROI, Total Cost of Ownership - TCO)Edit

Analyze and interpret trend data to anticipate cyber defense aidsEdit

Review effectiveness of existing securityEdit

Reverse engineer / deconstruct existing solutionsEdit

Analyze security solutions to ensure they meet business needsEdit

Specify the performanceEdit

LatencyEdit

ScalabilityEdit

CapabilityEdit

UsabilityEdit

MaintainabilityEdit

Availability (MTTR- Mean Time To Recovery, MTBF- Mean-Time Between Failure)Edit

Conduct a lessons-learned / after-action reviewEdit

Use judgment to solve difficult problems that do not have a best solutionEdit

Conduct network traffic analysisEdit