The Chief Executive Officer (CEO) instructed the new Chief Information Security Officer (CISO) to provide a
list of enhancement to the company-s cybersecurity operation. As a result, the CISO has identified the need to align security operations with industry best practices. Which of the following industry references is appropriate to accomplish this?
A. OSSIM
B
. NIST
C. PCI
D. OWASP
Reference