The Chief Executive Officer (CEO) instructed the new Chief Information Security Officer (CISO) to provide a

list of enhancement to the company-s cybersecurity operation. As a result, the CISO has identified the need to align security operations with industry best practices. Which of the following industry references is appropriate to accomplish this?

A. OSSIM

B

. NIST

C. PCI

D. OWASP

Reference