
This diagram summarizes what I’ve learned these years in the Cybersecurity arena. I hope it helps in practice and the journey of CISSP. It defines assets from the perspective of information systems (the peacock), aligns with the ISC2 control types mentioned in OSG, and incorporates GRC, business mindset, and cultural awareness.