The power of Data is undeniable. And unharnessed - it’s nothing but chaos. Making data your ally. Using it to lead with confidence and clarity. Host Jess Carter is solving problems in real-time to reveal what’s possible. Helping communities and people thrive. This is Data Driven Leadership, a show brought to you by Resultant.
…
continue reading
Player FM - Internet Radio Done Right
Checked 7d ago
Added three years ago
Content provided by David Bisson and Center for Internet Security. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by David Bisson and Center for Internet Security or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
Similar to Cybersecurity Where You Are (video)
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
The American healthcare system is one of the most innovative in the world. But it’s also riddled with complex challenges, such as access to affordable medications, inefficiency and administrative burdens, and communication barriers between providers. There’s clearly a better way—and at Surescripts, we have a unique sightline into what that may be. In this series, host Melanie Marcus, Chief Marketing Officer of Surescripts, sits down with today’s most inspiring and innovative leaders in healt ...
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
Big tech is transforming every aspect of our world. But how, and at what cost? This season of Land of the Giants – The Disney Dilemma – focuses on Disney’s ability to weather the ups and downs of the business cycle and changing tastes and explores what has kept it successful for over 100 years. The entertainment giant has leveraged nostalgia and its intellectual property to build a beloved brand, but after an acquisition spree that included Marvel, Lucasfilm, and 20th Century Fox, can it sus ...
…
continue reading
A weekly talk show taking a pragmatic look at the art and business of Software Development and the world of technology.
…
continue reading
Flash Forward is a show about possible (and not so possible) future scenarios. What would the warranty on a sex robot look like? How would diplomacy work if we couldn’t lie? Could there ever be a fecal transplant black market? (Complicated, it wouldn’t, and yes, respectively, in case you’re curious.) Hosted and produced by award winning science journalist Rose Eveleth, each episode combines audio drama and journalism to go deep on potential tomorrows, and uncovers what those futures might re ...
…
continue reading
WSJ’s Bold Names brings you conversations with the leaders of the bold-named companies featured in the pages of The Wall Street Journal. Hosts Tim Higgins and Christopher Mims speak to CEOs and business leaders in interviews that challenge conventional wisdom and take you inside the decisions being made in the C-suite and beyond.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
))
Daily Deals
Podcasts Worth a Listen
SPONSORED
N
Netflix Sports Club Podcast
1 America’s Sweethearts: Dallas Cowboys Cheerleaders Season 2 - Tryouts, Tears, & Texas 32:48
32:48 
Play Later 
Play Later 
Lists 
Like 
Liked32:48
Play Later
Play Later
Lists
Like
LikedAmerica’s Sweethearts: Dallas Cowboys Cheerleaders is back for its second season! Kay Adams welcomes the women who assemble the squad, Kelli Finglass and Judy Trammell, to the Netflix Sports Club Podcast. They discuss the emotional rollercoaster of putting together the Dallas Cowboys Cheerleaders. Judy and Kelli open up about what it means to embrace flaws in the pursuit of perfection, how they identify that winning combo of stamina and wow factor, and what it’s like to see Thunderstruck go viral. Plus, the duo shares their hopes for the future of DCC beyond the field. Netflix Sports Club Podcast Correspondent Dani Klupenger also stops by to discuss the NBA Finals, basketball’s biggest moments with Michael Jordan and LeBron, and Kevin Durant’s international dominance. Dani and Kay detail the rise of Coco Gauff’s greatness and the most exciting storylines heading into Wimbledon. We want to hear from you! Leave us a voice message at www.speakpipe.com/NetflixSportsClub Find more from the Netflix Sports Club Podcast @NetflixSports on YouTube, TikTok, Instagram, Facebook, and X. You can catch Kay Adams @heykayadams and Dani Klupenger @daniklup on IG and X. Be sure to follow Kelli Finglass and Judy Trammel @kellifinglass and @dcc_judy on IG. Hosted by Kay Adams, the Netflix Sports Club Podcast is an all-access deep dive into the Netflix Sports universe! Each episode, Adams will speak with athletes, coaches, and a rotating cycle of familiar sports correspondents to talk about a recently released Netflix Sports series. The podcast will feature hot takes, deep analysis, games, and intimate conversations. Be sure to watch, listen, and subscribe to the Netflix Sports Club Podcast on YouTube, Spotify, Tudum, or wherever you get your podcasts. New episodes on Fridays every other week.…
Episode 129: Embedding Cybersecurity in Project Management
Manage episode 474758960 series 3382533
Content provided by David Bisson and Center for Internet Security. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by David Bisson and Center for Internet Security or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
In episode 129 of Cybersecurity Where You Are, Sean Atkinson discusses best practices for embedding cybersecurity in project management. Here are some highlights from our episode:
- 01:34. Elements for connecting the dots between cybersecurity risk assessment and project risk assessment
- 03:06. How our conceptualization of a project changes under a zero trust implementation
- 04:02. What security may look like in a Waterfall vs. Agile approach to project management
- 06:26. The importance of resources and stakeholders in managing any project
- 08:34. Scope creep and other challenges of embedding cybersecurity in project management
- 15:45. How continuous monitoring and other best practices can help us to overcome these hurdles
- 25:30. How cybersecurity can inform projects involving generative artificial intelligence
Resources
- Episode 105: Context in Cyber Risk Quantification
- Quantitative Risk Analysis: Its Importance and Implications
- How Risk Quantification Tests Your Reasonable Cyber Defense
- Episode 44: A Zero Trust Framework Knows No End
- How to Construct a Sustainable GRC Program in 8 Steps
- Episode 33: The Shift-Left of IoT Security to Vendors
- Episode 120: How Contextual Awareness Drives AI Governance
If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.
143 episodes
ShareManage episode 474758960 series 3382533
Content provided by David Bisson and Center for Internet Security. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by David Bisson and Center for Internet Security or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
In episode 129 of Cybersecurity Where You Are, Sean Atkinson discusses best practices for embedding cybersecurity in project management. Here are some highlights from our episode:
- 01:34. Elements for connecting the dots between cybersecurity risk assessment and project risk assessment
- 03:06. How our conceptualization of a project changes under a zero trust implementation
- 04:02. What security may look like in a Waterfall vs. Agile approach to project management
- 06:26. The importance of resources and stakeholders in managing any project
- 08:34. Scope creep and other challenges of embedding cybersecurity in project management
- 15:45. How continuous monitoring and other best practices can help us to overcome these hurdles
- 25:30. How cybersecurity can inform projects involving generative artificial intelligence
Resources
- Episode 105: Context in Cyber Risk Quantification
- Quantitative Risk Analysis: Its Importance and Implications
- How Risk Quantification Tests Your Reasonable Cyber Defense
- Episode 44: A Zero Trust Framework Knows No End
- How to Construct a Sustainable GRC Program in 8 Steps
- Episode 33: The Shift-Left of IoT Security to Vendors
- Episode 120: How Contextual Awareness Drives AI Governance
If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.
143 episodes
All episodes
×
C
Cybersecurity Where You Are (video)
1 Episode 143: Iran's Growing Multidimensional Threat Activity 31:57
31:57 Play Later Play Later Lists Like Liked31:57
Play Later Play Later Lists Like LikedIn episode 143 of Cybersecurity Where You Are, Sean Atkinson is joined by John Cohen , Executive Director of the Program for Countering Hybrid Threats at the Center for Internet Security®(CIS®). Together, they discuss Iran's evolving multidimensional threat activity following U.S. airstrikes on Iranian nuclear facilities in June 2025. Here are some highlights from our episode: 00:49 . Lessons from the past on how Iran might respond to the U.S. airstrikes in June 2025 04:56 . The use of informed practice and continuous awareness to better prepare defenders 06:41 . Recap of Iranian multidimensional threat activity observed between 2024 and 2025 11:53 . The impact of contextual intelligence and education in driving threat awareness 19:17 . Why understanding of impact is critical to addressing a business risk 23:09 . Three things you need to do to be an effective threat briefer 25:07 . The use of tabletop exercises (TTXs) to promote incident response 26:56 . The 2024 General Election as a case study of what threat preparedness can do Resources ThreatWA™ US hits 3 Iranian nuclear sites, Trump says, plunging America into conflict Are national security threats a concern after U.S. military strike on Iranian nuclear sites? New report: Hacker for El Chapo helped boss hunt and kill FBI informants MS-ISAC Guide to DDoS Attacks With July 4 just days away, US law enforcement on high alert for Iran retaliation Iran-linked hackers threaten to release Trump aides' emails Iranian-aligned hackers claim responsibility for Truth Social cyberattack Iranian-Aligned Hackers Claim Responsibility for Attack on Trump’s Truth Social Platform States and Congress wrestle with cybersecurity after Iran attacks small town water utilities NYPD deploying additional resources across city following US strikes on Iran CIS Critical Security Controls v8.1 Industrial Control Systems (ICS) Guide Enhancing Safety in the Connected World — A National Framework for Action Episode 138: The Use of GenAI to Refine Your TTX Development Countering Multidimensional Threats: Lessons Learned from the 2024 Election If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 142: SLTTs and Their Nuanced Cybersecurity Needs 34:10
34:10 Play Later Play Later Lists Like Liked34:10
Play Later Play Later Lists Like LikedIn episode 142 of Cybersecurity Where You Are, Sean Atkinson is joined by Anthony Essmaker , former Product Marketing Manager at the Center for Internet Security®(CIS®); and Randy Rose, VP of Security Operations & Intelligence at CIS. Together, they discuss the nuanced, empathetic approach that's required to help U.S. State, Local, Tribal, and Territorial (SLTT) government organizations to address their cybersecurity needs. Here are some highlights from our episode: 01.10 . What the acronym "SLTT" means to CIS's operational mission 05:39 . Using a flexible approach to support the different cybersecurity needs of the 50 states 09:43 . How different resources and experiences contextualize "best practices" at the local level 11:49 . Trivia question: Which two U.S. states don't have counties? 13:20. The complexity of cybersecurity challenges and resources for U.S. tribal entities 20:11 . A 20-year history of working with U.S. SLTTs to meet them where they are 21:30 . Relationships as the bedrock for a community model of SLTT cyber defense 26:29 . Geographical isolation and other factors affecting U.S. territories' cybersecurity needs 32:42 . A closing fun fact about the first U.S. fire district Resources Episode 123: An Operational Playbook for Security Impact The CIS Security Operations Center (SOC): The Key to Growing Your SLTT's Cyber Maturity 2024 MS-ISAC Tribal Sector Cybersecurity Report Multi-State Information Sharing and Analysis Center® Nationwide Cybersecurity Review (NCSR) If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 141: A Human-Centered Take on Password Policies 43:18
43:18 Play Later Play Later Lists Like Liked43:18
Play Later Play Later Lists Like LikedIn episode 141 of Cybersecurity Where You Are, Tony Sager is joined by Phyllis Lee , VP of SBP Content Development at the Center for Internet Security®(CIS®); and Julie Haney , Computer Scientist & Human-Centered Cybersecurity Researcher at the National Institute of Standards and Technology (NIST). Together, they use a human-centered understanding of security to discuss password policies, including their benefits, drawbacks, and efficacy. Here are some highlights from our episode: 01:03 . Introductions to Phyllis and Julie 03:34 . How "human-centered cybersecurity" goes beyond just usability 05:35 . The use of NIST and other authoritative sources to dispel confusion in cybersecurity 09:09 . How password policies positively and negatively impact human behavior 15:06 . Three anecdotes that showcase the importance of context when enacting security policy 21:49 . The process of using NIST SP 800-63 to recommend password security best practices 27:11 . Our changing understanding of "the human element" 29:23 . The need to do cybersecurity awareness training "right" and measure its effectiveness 31:30 . Recognition of the absence of natural systems thinking in cybersecurity 33:14 . Psychological safety, feedback, and trust as foundations of security culture 39:03 . Human touchpoints as a starting point to help usability and security work together Resources CIS Password Policy Guide NIST SP 800-63 Digital Identity Guidelines Episode 98: Transparency as a Tool to Combat Insider Threats Episode 110: How Security Culture and Corporate Culture Mesh Why Employee Cybersecurity Awareness Training Is Important If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 140: Threat-Informed Travel Safety Tips 34:28
34:28 Play Later Play Later Lists Like Liked34:28
Play Later Play Later Lists Like LikedIn episode 140 of Cybersecurity Where You Are, Sean Atkinson is joined by John Cohen , Executive Director of the Program for Countering Hybrid Threats at the Center for Internet Security®(CIS®). Together, they discuss travel safety tips informed by today's evolving multidimensional threat environment. Here are some highlights from our episode: 01:30 . The most overlooked security risks we need to take seriously whenever we travel 03:42 . How threat actors can exploit our tendency to overshare online 07:25 . Top security practices you can use to safely plan your next trip 12:28 . The value of playing out your travels' worst-case scenario before you leave 16:02 . The benefits and drawbacks of using electronic navigations systems while traveling 18:00 . Videos as a means of attuning to the "flow" of a different place and/or culture 24:10 . Which types of people make attractive targets for foreign intelligence services 25:05 . Honeypot operations in the physical and digital worlds 27:24 . Opportunities to protect the technology on which we rely Resources ThreatWA™ Travel.State.Gov A Short Guide for Spotting Phishing Attempts 8 Security Essentials for Managing Your Online Presence Election Security Spotlight – Social Engineering If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 139: Community Building for the Cyber-Underserved 34:03
34:03 Play Later Play Later Lists Like Liked34:03
Play Later Play Later Lists Like LikedIn episode 139 of Cybersecurity Where You Are, Tony Sager is joined by Amelia Gifford , Sr. Manager, Administration, at the Center for Internet Security®(CIS®); and George Bailey , Director of Purdue cyberTAP . Together, they discuss how the 2025 grant from the Alan Paller Laureate Program will support Purdue cyberTAP's mission of community building for the cyber-underserved. Here are some highlights from our episode: 01:02 . Honoring a legacy of making cybersecurity practical and accessible 03:34 . The business of giving products away to benefit the cybersecurity community 05:00 . The use of the CIS Critical Security Controls (CIS Controls) to help rural electricity cooperatives in Indiana 11:00 . Methodology, tooling, and repeatability as part of a lifecycle of realizing a good idea 11:56 . Cross-Mapping as a means to help people live with so many security frameworks 12:59 . Accountability and re-assessment as methods for measuring program success 14:59 . The power of community in prioritizing the CIS Controls 16:38 . Community building as a way to navigate the cybersecurity business together 17:42 . A controlled Controls experiment to generate data, learn lessons, and create feedback 19:03 . Progress reporting as a way to foster connections 24:39 . Feedback on the Alan Paller Laureate Program application process 26:30 . Focus on cybersecurity community impact as a consideration for future applicants 30:31 . Parting thoughts about the grant program and an invitation to reach out to George Resources Center for Internet Security Awards Nearly $250,000 to Purdue University’s Technical Assistance Program Episode 114: 3 Board Chairs Reflect on 25 Years of Community Episode 97: How Far We've Come preceding CIS's 25th Birthday CIS Critical Security Controls v8.1 Industrial Control Systems (ICS) Guide SEC366: CIS Implementation Group 1™ How to Plan a Cybersecurity Roadmap in 4 Steps CIS SecureSuite® Membership Mapping and Compliance with the CIS Controls Reasonable Cybersecurity Guide If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 138: The Use of GenAI to Refine Your TTX Development 33:54
33:54 Play Later Play Later Lists Like Liked33:54
Play Later Play Later Lists Like LikedIn episode 138 of Cybersecurity Where You Are, Sean Atkinson is joined by Timothy Davis, Lead Cyber Threat Intelligence (CTI) Analyst at the Center for Internet Security®(CIS®). Together, they discuss how organizations can use Generative Artificial Intelligence (GenAI) to refine how they develop Tabletop Exercises (TTXs). Here are some highlights from our episode: 01:49 . Why TTXs function as a "blue sky" opportunity for crisis management and preparedness 04:33 . A quick recap of how GenAI stands apart from traditional AI 06:19 . The direct relationship between input and output when measuring GenAI content quality 07:36 . TTXs as a use case for GenAI to help the "cyber-underserved" 10:14 . How GenAI can quickly customize TTXs for different organizations and threat models 13:56 . The use of GenAI to improve TTX facilitation, regularity, and cost 17:22 . GenAI as an inspiration to act on the findings of a simulation 18:26 . Risks and ethical concerns to keep in mind for GenAI-enhanced TTX development 24:46 . Where humans can still play a part in augmented exercises 30:08 . Closing thoughts about the future of GenAI Resources Leveraging Generative Artificial Intelligence for Tabletop Exercise Development Episode 134: How GenAI Lowers Bar for Cyber Threat Actors Episode 89: How Threat Actors Are Using GenAI as an Enabler DeepSeek: A New Player in the Global AI Race Multi-State Information Sharing and Analysis Center® If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 137: National Cybersecurity Through SLTT Resilience 42:00
42:00 Play Later Play Later Lists Like Liked42:00
Play Later Play Later Lists Like LikedIn episode 137 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Terry Loftus , Assistant Superintendent (Chief Information Officer) of Integrated Technology Services at the San Diego County Office of Education (SDCOE); and Netta Squires , President of Government Affairs, Cybersecurity, & Resilience at Open District Solutions (ODS). Together, they discuss how the Multi-State Information Sharing and Analysis Center® (MS-ISAC®) functions as a space for U.S. State, Local, Tribal, and Territorial (SLTT) entities to collectively strengthen their cyber resilience in support of U.S. national cybersecurity. Here are some highlights from our episode: 01:15 . A study to understand the cybersecurity perspectives of the MS-ISAC community 03:24 . The need for sustained cyber defense accelerators to drive U.S. SLTT resilience 07:31 . How surveys and focus groups uncovered U.S. SLTT cybersecurity funding, staffing, and governance challenges 13:06 . The superpower of cyber threat intelligence driven, tailored, and provided via community 17:41 . Trust as a foundation for building relationships among MS-ISAC members and partners 21:26 . How the MS-ISAC moved community cyber defense from conversational to operational 22:22 . The role of trust in making membership affordable and solutions at scale possible 25:00 . Opportunities for relationship building, training, and access to services in the MS-ISAC 30:00 . Examples of MS-ISAC success stories and the need to share them 33:40 . The MS-ISAC as a space to craft a strategic path for national cybersecurity 36:29 . Closing thoughts on how members value and can get involved in the MS-ISAC Resources Strengthening Critical Infrastructure: SLTT Progress & Priorities Malicious Domain Blocking and Reporting (MDBR) Episode 126: A Day in the Life of a CTI Analyst Why Whole-of-State Cybersecurity Is the Way Forward MS-ISAC: Defending America’s Critical Infrastructure If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 136: How WiCyS Advances Women in Cybersecurity 38:35
38:35 Play Later Play Later Lists Like Liked38:35
Play Later Play Later Lists Like LikedIn episode 136 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined live by Lynn Dohm , Executive Director of Women in CyberSecurity (WiCyS). Together, they discuss how WiCyS works to advance women in cybersecurity. Here are some highlights from our episode: 01:03 . A mission of recruiting, retaining, and advancing women in cybersecurity 05:38 . How community-focused conferences and scholarships promote community growth 06:25 . The need to celebrate the work of and encourage support among cyber defenders 08:52 . Four strategic pillars as a foundation for navigating COVID, societal change, and more 13:50 . The importance of laying out cybersecurity career paths outside of individual companies 15:15 . How a foundation of inclusion enables diversity to expand 19:45 . The use of strategic partners to anticipate changing cybersecurity and hiring needs 22:38 . Inside the successes of the mentorships and other WiCyS programs 28:22 . The impact of Alan Paller on opening doors for WiCyS 32:35 . How volunteerism supports retention in cybersecurity through inclusion and satisfaction Resources Episode 77: Data's Value to Decision-Making in Cybersecurity Episode 120: How Contextual Awareness Drives AI Governance Alan Paller Laureate Program Episode 30: Solving Cybersecurity at Scale with Nonprofits If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 135: Five Lightning Chats at RSAC Conference 2025 23:30
23:30 Play Later Play Later Lists Like Liked23:30
Play Later Play Later Lists Like LikedIn episode 135 of Cybersecurity Where You Are, Sean Atkinson is joined live at RSAC Conference 2025 by five attendees, including two Center for Internet Security® (CIS®) employees. He conducts a lightning chat with each attendee to get their thoughts about the conference, how it reflects the changing cybersecurity industry, and the role CIS plays in this ongoing evolution. Here are some highlights from our episode: 00:40 . Stephanie Gass , Sr. Director of Information Security at CIS How to start creating a policy and make it effective through implementation processes A transition to an approach integrating mappings for CIS security best practices The use of GenAI and security champions to make this transition 04:08 . Brad Bock , Director of Product Management at Chainguard Building and compiling security from the ground up in open-source container images Trusting pre-packaged software in an increasingly complex world Support of customer compliance with attestation, SBOMs, and vulnerability remediation 07:43 . Stephane Auger , Vice President Technologies and CISO at Équipe Microfix Customer awareness and other top challenges for MSPs and MSSPs The use of case studies and referrals to communicate the importance of cybersecurity A growing emphasis on cyber risk insurance as media attention around breaches grows 11:36 . Brent Holt , Director of Cybersecurity Technology at Edge Solutions LLC How the CIS Critical Security Controls facilitates a consultative approach to customers The importance of knowing where each company is in their use of GenAI Mapping elements of a portfolio to CIS security best practices 17:23 . Mishal Makshood , Sr. Cloud Security Account Executive at CIS The use of learning and research to investigate GenAI's utility for CIS An aspiration to scale efficiency and drive improvements with GenAI training A reminder to augment human thought, not replace it, with GenAI Resources Episode 63: Building Capability and Integration with SBOMs Mapping and Compliance Cybersecurity for MSPs, MSSPs, & Consultants Episode 130: The Story and Future of CIS Thought Leadership If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 134: How GenAI Lowers Bar for Cyber Threat Actors 39:48
39:48 Play Later Play Later Lists Like Liked39:48
Play Later Play Later Lists Like LikedIn episode 134 of Cybersecurity Where You Are, Sean Atkinson is joined by Randy Rose, VP of Security Operations & Intelligence at the Center for Internet Security® (CIS®); and Timothy Davis, Lead Cyber Threat Intelligence (CTI) Analyst at CIS. Together, they discuss how generative artificial intelligence (GenAI) lowers the barrier of entry for cyber threat actors (CTAs). Here are some highlights from our episode: 01:37 . CTAs' use of GenAI to improve their existing campaigns 03:38 . The need for CTI teams to look beyond language in analyzing GenAI-enabled threats 07:22 . The evolving impact of GenAI on phishing campaigns, malware development, deepfakes, and malicious Artificial Intelligence as a Service (AIaaS) offerings 12:28 . How GenAI increases the the speed at which CTAs can scale their efforts 17:29 . Technical barriers and other limitations that shape CTAs' use of GenAI 22:46 . A historical perspective of AI-enabled cybersecurity and how GenAI can support cybersecurity awareness training 26:50 . The cybersecurity benefits of AI and machine learning (ML) capabilities for clustering data 29:05 . What the future might hold for GenAI from an offensive and defensive perspective Resources The Evolving Role of Generative Artificial Intelligence in the Cyber Threat Landscape Episode 89: How Threat Actors Are Using GenAI as an Enabler Episode 95: AI Augmentation and Its Impact on Cyber Defense 12 CIS Experts' Cybersecurity Predictions for 2025 CIS Critical Security Controls® Multi-State Information Sharing and Analysis Center® If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 133: DieNet's DDoS Hacktivism and Evolving TTPs 32:33
32:33 Play Later Play Later Lists Like Liked32:33
Play Later Play Later Lists Like LikedIn episode 133 of Cybersecurity Where You Are, Sean Atkinson is joined by Lauren McFayden, Threat Intelligence Analyst at the Center for Internet Security® (CIS®). Together, they discuss the Distributed Denial of Service (DDoS) hacktivism of DieNet and how the group continues to evolve its Tactics, Techniques, and Procedures (TTPs). Here are some highlights from our episode: 01:22 . An overview of DieNet and its emergence on Telegram 01:55 . DDoS attacks and the potential for service disruptions 02:55 . DieNet's pro-Palestinian ideology and opposition to the 47th U.S. Presidential Administration 05:00 . U.S. and foreign targets claimed by the group 06:30 . DieNet's history of claiming attacks against U.S. critical national infrastructure (CNI) 10:33 . Two pieces of evidence used to partially assess the credibility of a claimed attack 15:16 . How DieNet v2 suggests an escalation of attack strategies 20:43 . How the DDoS hacktivist group may continue to evolve its TTPs in subsequent versions 23:48 . The use of the CIS Critical Security Controls (CIS Controls) to reduce an attack surface 25:56 . How ThreatWA stands out in keeping you informed about emerging threats Resources Hacktivist Group DieNet Claims DDoS Attacks against U.S. CNI MS-ISAC Guide to DDoS Attacks ThreatWA CIS Critical Security Control 1: Inventory and Control of Enterprise Assets CIS Critical Security Control 2: Inventory and Control of Software Assets CIS Critical Security Control 3: Data Protection Episode 44: A Zero Trust Framework Knows No End If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 132: Day One, Step One, Dollar One for Cybersecurity 34:35
34:35 Play Later Play Later Lists Like Liked34:35
Play Later Play Later Lists Like LikedIn episode 132 of Cybersecurity Where You Are, Sean Atkinson is joined by Valecia Stocchetti, Sr. Cybersecurity Engineer of the CIS Critical Security Controls (CIS Controls) at the Center for Internet Security® (CIS®). Together, they discuss what the first day, step, and dollar of implementing a controls framework look like for organizations stepping into their cybersecurity journey. Here are some highlights from our episode: 01:54 . Building and improving a cybersecurity program through the power of consensus 04:55 . The use of an assessment to determine where you are and where you're going 09:15 . How cross-mapping to multiple frameworks simplifies regulatory compliance efforts 12:00 . The use of governance to secure leadership buy-in for your cybersecurity program 13:33 . Continuous auditing and monitoring as tools for adapting to change 15:10 . How Controls prioritization flows through the Implementation Groups (IGs) 19:39 . Leadership as the backbone for getting any business program off the ground 22:59 . Calculating the cost of cyber defense as a preventative action 24:55 . Tradeoffs with security tools to keep in mind so that you can budget efficiently 30:00 . Qualifications when using security offerings of MSPs and CSPs Resources CIS Community Defense Model 2.0 How Risk Quantification Tests Your Reasonable Cyber Defense CIS Controls Self Assessment Tool (CIS CSAT) Guide to Implementation Groups (IG): CIS Critical Security Controls v8.1 How to Plan a Cybersecurity Roadmap in 4 Steps The Cost of Cyber Defense: CIS Controls IG1 If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 131: It Takes a Village to 'Reasonably' Secure SoCal 32:52
32:52 Play Later Play Later Lists Like Liked32:52
Play Later Play Later Lists Like LikedIn episode 131 of Cybersecurity Where You Are, Tony Sager is joined by Stan Stahl, PhD , Founder and President of SecureTheVillage . Together, they discuss how SecureTheVillage, a nonprofit and inaugural Alan Paller Laureate Program awardee , is using a collaboration-driven approach to enhance reasonable cybersecurity awareness and practices within Southern California (SoCal). Here are some highlights from our episode: 01:07 . An introduction to Stan and how he came to champion small business cybersecurity 04:28 . How SecureTheVillage emerged to support small businesses' cybersecurity needs using the power of community 07:15 . The need for nonprofits to play a strong role in addressing cybersecurity challenges 12:01 . How Stan drew inspiration from Alan Paller and support from the Alan Paller Laureate Program to advance SecureTheVillage's work 17:57 . Reasonable cybersecurity as part of SecureTheVillage's foundation story 22.13 . Aligning cybersecurity needs to the goals of public policy 25:33 . What's next for SecureTheVillage 29:52 . Closing thoughts on why a "village" model for cybersecurity is so important Resources Alan Paller Laureate Program Implementation Guide for Small- and Medium-Sized Enterprises CIS Controls IG1 Episode 30: Solving Cybersecurity at Scale with Nonprofits Reasonable Cybersecurity Guide If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 130: The Story and Future of CIS Thought Leadership 32:38
32:38 Play Later Play Later Lists Like Liked32:38
Play Later Play Later Lists Like LikedIn episode 130 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by John Gilligan , President and Chief Executive Officer (CEO) of the Center for Internet Security® (CIS®). Set against the backdrop of the 2025 CIS Annual Full Staff Meeting, they celebrate 25 years of CIS, including the "serendipity" by which the company became a global cybersecurity thought leader. They also discuss how this thought leadership may evolve over the next 25 years. Here are some highlights from our episode: 01:30 . How CIS started along with how John and Tony initially got involved 07:12 . How CIS thought leadership changed with the absorption of the "SANS Top 20," the precursor of the CIS Critical Security Controls 11:04 . The "serendipity" through which CIS grew and formalized its sales, funding, support, and other operations in the 2010s 15:18 . How mission and culture advanced CIS to its 25th anniversary in 2025 22:52 . What the future might hold for "CIS 2.0" Resources 25 Years of Creating Confidence in the Connected World Episode 97: How Far We've Come preceding CIS's 25th Birthday Episode 114: 3 Board Chairs Reflect on 25 Years of Community Episode 76: The Role of Thought Leadership in Cybersecurity Episode 125: How Leadership Principles Influence CIS Culture Episode 120: How Contextual Awareness Drives AI Governance Episode 119: Multidimensional Threat Defense at Large Events If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 129: Embedding Cybersecurity in Project Management 32:18
32:18 Play Later Play Later Lists Like Liked32:18
Play Later Play Later Lists Like LikedIn episode 129 of Cybersecurity Where You Are, Sean Atkinson discusses best practices for embedding cybersecurity in project management. Here are some highlights from our episode: 01:34 . Elements for connecting the dots between cybersecurity risk assessment and project risk assessment 03:06 . How our conceptualization of a project changes under a zero trust implementation 04:02 . What security may look like in a Waterfall vs. Agile approach to project management 06:26 . The importance of resources and stakeholders in managing any project 08:34 . Scope creep and other challenges of embedding cybersecurity in project management 15:45 . How continuous monitoring and other best practices can help us to overcome these hurdles 25:30 . How cybersecurity can inform projects involving generative artificial intelligence Resources Episode 105: Context in Cyber Risk Quantification Quantitative Risk Analysis: Its Importance and Implications How Risk Quantification Tests Your Reasonable Cyber Defense Episode 44: A Zero Trust Framework Knows No End How to Construct a Sustainable GRC Program in 8 Steps Episode 33: The Shift-Left of IoT Security to Vendors Episode 120: How Contextual Awareness Drives AI Governance If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 128: How Cryptocurrency Is Used for Financial Fraud 35:17
35:17 Play Later Play Later Lists Like Liked35:17
Play Later Play Later Lists Like LikedIn episode 128 of Cybersecurity Where You Are, Sean Atkinson is joined by Joshua Palsgraf , Senior Cyber Threat Intelligence (CTI) Analyst at the Center for Internet Security® (CIS®). Together, they examine how cyber threat actors use cryptocurrency for financial fraud and how professionals like Joshua track this illicit activity. Here are some highlights from our episode: 01:35 . What a data-driven approach to CTI looks like 02:47 . What makes cryptocurrency useful in the digital economy, including for financial fraud 06:50 . How cryptocurrency-related financial crime compares to traditional forms of fraud 13:20 . Examples of cryptocurrency theft and its use in facilitating ransomware attacks 27:24 . Tooling and forensic methods that are being used to track crypto fraud/scams 31:40 . The need to build awareness around financial crime in the digital economy Resources Episode 77: Data's Value to Decision-Making in Cybersecurity 2023 Cryptocurrency Fraud Report Released 2025 Crypto Crime Trends: Illicit Volumes Portend Record Year as On-Chain Crime Becomes Increasingly Diverse and Professionalized Suspected Lazarus subgroup behind DMM crypto heist Episode 126: A Day in the Life of a CTI Analyst Combatting Ransomware Episode 124: The Many Layers of a Malware Takedown Operation If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 127: Visible Ops as a Cybersecurity Foundation 37:45
37:45 Play Later Play Later Lists Like Liked37:45
Play Later Play Later Lists Like LikedIn episode 127 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Scott Alldridge , President and CEO of IP Services and the IT Process Institute. Together, they use Scott's book, " Visible Ops Cybersecurity: Enhancing Your Cybersecurity Posture with Practical Guidance ," to discuss how visible IT operations (Visible Ops) provide a foundation for cybersecurity. Here are some highlights from our episode: 01:31 . How Visible Ops reflect an appreciation for the original config change release processes 10:19 . The limitations of treating security as a silo and "new toys" as security cure-alls 15:23 . How to embrace a dynamic view of visibility and configuration management 24:50 . The importance of leadership buy-in when shifting left to a security-first mindset 27:10 . What an effective change configuration management system looks like and how it changes people's view of IT 30:20 . Parting thoughts and where to find more of Scott's work Resources IT Process Institute What is ITIL? Your guide to the IT Infrastructure Library CIS Critical Security Controls (CIS Controls) Resources An Examination of How Cyber Threat Actors Can Leverage Generative AI Platforms Episode 44: A Zero Trust Framework Knows No End Why Employee Cybersecurity Awareness Training Is Important If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 126: A Day in the Life of a CTI Analyst 36:28
36:28 Play Later Play Later Lists Like Liked36:28
Play Later Play Later Lists Like LikedIn episode 126 of Cybersecurity Where You Are, Sean Atkinson is joined by Casey Cannon, Lead Cyber Threat Intelligence (CTI) Analyst at the Center for Internet Security® (CIS®). Together, they review what a regular day looks like for a CTI analyst. Here are some highlights from our episode: 01:46 . How a service-oriented mindset factors into a CTI career 03:55 . What task prioritization looks like at the beginning of a CTI analyst's day 06:50 . How bedrock CTI principles and threat actor matrices help to counter information overload and filter out noise 10:45 . The value of an "eclectic" set of intelligence sources 25:50 . How the CIS CTI team works with the 24x7x365 CIS Security Operations Center (SOC), the Cyber Incident Response Team (CIRT), and others 31:27 . Advice for getting into CTI as a career path Resources Episode 124: The Many Layers of a Malware Takedown Operation Episode 62: Inside the 'Spidey Sense' of a Pentester Combatting Ransomware The CIS Security Operations Center (SOC): The Key to Growing Your SLTT's Cyber Maturity If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 125: How Leadership Principles Influence CIS Culture 33:02
33:02 Play Later Play Later Lists Like Liked33:02
Play Later Play Later Lists Like LikedIn episode 125 of Cybersecurity Where You Are, Sean Atkinson is joined by Waldo Perez , Human Resources Support Specialist at the Center for Internet Security® (CIS®); and Penny Davis , Sr. Manager of Leadership Development at CIS. Together, they use the CIS Leadership Principles and other examples from CIS to understand how leadership influences and nurtures the organization's workplace culture. Here are some highlights from our episode: 02:00 . The human aspect in defining workplace culture 03:55 . How leadership principles directly shape company culture 05:40 . Key indicators of a strong company culture and one that can improve 16:31 . Examples where company culture has made an impact on a CIS employee's experience 21:59 . The importance of feedback in supporting positive cultural change 25:41 . How leadership training programs help employees to grow Resources CIS Culture Episode 115: Continuous Feedback as CIS Employee Culture The Envelope, Please! The CIS 2024 President’s Award Goes to… Center for Internet Security Named Among 2024 Top Workplaces If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 124: The Many Layers of a Malware Takedown Operation 32:43
32:43 Play Later Play Later Lists Like Liked32:43
Play Later Play Later Lists Like LikedIn episode 124 of Cybersecurity Where You Are, Sean Atkinson is joined by Timothy Davis, Lead Cyber Threat Intelligence (CTI) Analyst at the Center for Internet Security® (CIS®). Together, they explore the many layers of a malware takedown operation. Here are some highlights from our episode: 01:58 . A high-level overview of what a malware takedown might involve 04:11 . Some of the key players who help to disrupt known malware infrastructure 07:35 . Which operational functionalities make malware infrastructure and tactics difficult to dismantle 10:56 . Jurisdictional and legal challenges of a takedown operation 14:53 . What goes into identifying malware networks and infected end-user devices 20:47 . The technical strategies used for disrupting malware 24:13 . How cyber threat actors respond differently to a takedown effort Resources Phobos Ransomware Affiliates Arrested in Coordinated International Disruption Qakbot Malware Disrupted in International Cyber Takedown Episode 89: How Threat Actors Are Using GenAI as an Enabler Renew Your Ransomware Defense with CISA's Updated Guidance If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 123: An Operational Playbook for Security Impact 43:59
43:59 Play Later Play Later Lists Like Liked43:59
Play Later Play Later Lists Like LikedIn episode 123 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Gina Chapman , Chief Operating Officer (COO) at the Center for Internet Security® (CIS®). Together, they use examples from CIS to identify elements of an operational playbook for making an impact in the cybersecurity industry. Here are some highlights from our episode: 01:21 . Business development and organizational change over the course of 12 years at CIS 13:49 . Change management and communication as means for preserving company culture 23:08 . The importance of context in developing an operational playbook for a business 32:49 . The use of operational understanding to create effective cybersecurity business models Resources Gina Chapman CIS Culture CIS Leadership Principles Episode 82: How CIS Leadership Values Team Building Events Cybersecurity at Scale: Piercing the Fog of More Combatting Ransomware Episode 68: Designing Cyber Defense as a Partnership Effort If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 122: DeepSeek AI Security and Utility Considerations 37:12
37:12 Play Later Play Later Lists Like Liked37:12
Play Later Play Later Lists Like LikedIn episode 122 of Cybersecurity Where You Are, Sean Atkinson is joined by Rian Davis , Associate Hybrid Threat Intelligence Analyst at the Center for Internet Security® (CIS®); and Timothy Davis, Lead Cyber Threat Intelligence (CTI) Analyst at CIS. Together, they discuss security and utility considerations surrounding the DeepSeek AI model. Here are some highlights from our episode: 01:31 . What enterprises and individuals can do before they start deploying foreign-developed, open-source large language models (LLMs) 08:48 . How DeepSeek fits into evolving adversarial tactics and techniques involving AI 25:15 . The impact on threat assessments and where we see controls built around AI 31:45 . Parting thoughts on approaching newer technologies like DeepSeek Resources DeepSeek hit by cyberattack as users flock to Chinese AI startup A 9th telecoms firm has been hit by a massive Chinese espionage campaign, the White House says TikTok: Influence Ops, Data Practices Threaten U.S. Security Wiz Research Uncovers Exposed DeepSeek Database Leaking Sensitive Information, Including Chat History Episode 89: How Threat Actors Are Using GenAI as an Enabler ODNI Releases 2024 Annual Threat Assessment of the U.S. Intelligence Community The Strava Heat Map and the End of Secrets Man who exploded Cybertruck in Las Vegas used ChatGPT in planning, police say Episode 120: How Contextual Awareness Drives AI Governance If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 121: The Economics of Cybersecurity Decision-Making 40:50
40:50 Play Later Play Later Lists Like Liked40:50
Play Later Play Later Lists Like LikedIn episode 121 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Tyler Moore, Ph.D. , Chair of Cyber Studies at the University of Tulsa. Together, they discuss the role of economics in cyber risk quantification and cybersecurity decision-making. Here are some highlights from our episode: 01:55 . How incentives, market failures, and other economic principles intersect with cybersecurity 08:39 . A model of translating shared information as a way to capture complexity in cybersecurity decision-making 13:20 . Pressing issues when making decisions about cybersecurity 18:08 . How to have enough confidence and a cyber risk quantification model that's useful 23:45 . How rigorous recommendations can help to match modeling and techniques like minimization 29:23 . The role of the Board in making cybersecurity decisions and how to speak its language 34:57 . Parting thoughts about risk quantification in cybersecurity Resources Episode 105: Context in Cyber Risk Quantification 2024 DBIR Findings & How the CIS Critical Security Controls Can Help to Mitigate Risk to Your Organization CIS Community Defense Model 2.0 FAIR: A Framework for Revolutionizing Your Risk Analysis Society of Information Risk Analysts If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 120: How Contextual Awareness Drives AI Governance 32:22
32:22 Play Later Play Later Lists Like Liked32:22
Play Later Play Later Lists Like LikedIn episode 120 of Cybersecurity Where You Are, Sean Atkinson explores how contextual awareness of generative artificial intelligence (GenAI) deployment in the business creates a foundation for AI governance strategy. Here are some highlights from our episode: 01:58 . Why specificity is important when we use the term "AI" in the governance space 04:10 . Two AI distributions and how contextual function varies between them 13:52 . The importance of engagement and asking the right questions 18:28 . The role of lifecycle approaches and risk tolerance in understanding AI integration 23:45 . Navigating two common questions that arise when governing AI Resources Episode 116: AI-Enhanced Ransomware and Defending Against It EU AI Act: first regulation on artificial intelligence AI Risk Management Framework IAPP AI Governance Center How to Construct a Sustainable GRC Program in 8 Steps If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 119: Multidimensional Threat Defense at Large Events 35:04
35:04 Play Later Play Later Lists Like Liked35:04
Play Later Play Later Lists Like LikedIn episode 119 of Cybersecurity Where You Are, Sean Atkinson is joined by John Cohen , Executive Director of Countering Hybrid Threats at the Center for Internet Security® (CIS®). Together, they discuss the importance and provide examples of multidimensional threat defense as a means of securing large events. Here are some highlights from our episode: 01:42 . An overview of the multidimensional threat landscape from 2024 going into 2025 07:00 . The shift to multidimensional threat analysis in crisis management 10:52 . The importance of a sustainable, actionable approach to addressing today's threats 16:10 . How CIS is working to help organizations build safety against multidimensional threats, including at large events Resources 2024 Election Threat Landscape Election Security Spotlight — Prep for Election Disruptions Episode 93: Building Public Resilience in a Connected World ThreatWA™ Countering Multidimensional Threats: Lessons Learned from the 2024 Election If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 118: Preparing for Post-Quantum Cryptography 36:46
36:46 Play Later Play Later Lists Like Liked36:46
Play Later Play Later Lists Like LikedIn episode 118 of Cybersecurity Where You Are, Sean Atkinson is joined by Andy Smith , Security Architect for BP and Instructor at the SANS Institute. Together, they review the state of post-quantum cryptography as well as share recommendations for how organizations and individuals can prepare to move into the post-quantum era. Here are some highlights from our episode: 02:55 . What post-quantum cryptography is and why we need to pay attention 04:11 . The impact of a cryptographically relevant quantum computer on symmetric vs. asymmetric cryptography 08:58 . How media attention contributes to preparedness from an infrastructure perspective 14:30 . The importance of a cryptography bill of materials (CBOM) 21:58 . How organizations can prepare against quantum-enabled cyber attacks 29:05 . How individuals need to understand quantum infrastructure in order to protect it 32:24 . Optimism for the future of post-quantum cryptography Resources Episode 48: 3 Trends to Watch in the Cybersecurity Industry Post Quantum Cryptography by Attack Detect Defend (rot169) NIST Releases First 3 Finalized Post-Quantum Encryption Standards Episode 75: How GenAI Continues to Reshape Cybersecurity Internet of Things: Embedded Security Guidance If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 117: 2025 Cybersecurity Predictions from CIS Experts 33:43
33:43 Play Later Play Later Lists Like Liked33:43
Play Later Play Later Lists Like LikedIn episode 117 of Cybersecurity Where You Are, Sean Atkinson reflects on the 2025 cybersecurity predictions of 12 experts at the Center for Internet Security® (CIS®), as shared on the CIS website . Here are some highlights from our episode: 01:40 . Artificial intelligence (AI) as a means for crafting higher quality phishing emails 04:24 . Zero trust with identity as a catalyst in 2025 07:55 . A governance focus for K-12 school districts 12:37 . Secure by design as part of the DNA of IT departments 14:22 . The need for continuous patching with Internet of Things (IoT) devices 15:27 . Training and adherence to basic cybersecurity practices as ongoing emphases 17:15 . Consolidation from an operations perspective 20:40 . The integration of AI into business operations 24:07 . The socio-political impacts of emerging technologies on multidimensional threats 26:46 . Growing attention on cloud security and data location 29:13 . Cybercriminal markets and Phishing as a Service models 32:16 . The benefit of AI to organizations Resources Episode 75: How GenAI Continues to Reshape Cybersecurity An Examination of How Cyber Threat Actors Can Leverage Generative AI Platforms How to Deter Multidimensional Threats in the Connected World Episode 116: AI-Enhanced Ransomware and Defending Against It Episode 44: A Zero Trust Framework Knows No End Episode 107: Continuous Improvement via Secure by Design Episode 76: The Role of Thought Leadership in Cybersecurity Episode 63: Building Capability and Integration with SBOMs Episode 95: AI Augmentation and Its Impact on Cyber Defense Why Employee Cybersecurity Awareness Training Is Important Episode 110: How Security Culture and Corporate Culture Mesh Episode 99: How Cyber-Informed Engineering Builds Resilience Episode 87: Marking 11 Years as a Verizon DBIR Contributor If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 116: AI-Enhanced Ransomware and Defending Against It 33:38
33:38 Play Later Play Later Lists Like Liked33:38
Play Later Play Later Lists Like LikedIn episode 116 of Cybersecurity Where You Are, Sean Atkinson discusses the threat of AI-enhanced ransomware along with the use of generative artificial intelligence (GenAI) to defend against it. Here are some highlights from our episode: 02:10 . How AI in the cybersecurity space has advanced over the past few years 05:12 . Why cybercriminals are incorporating artificial intelligence into their attacks 19:24 . The application of AI in various stages of a ransomware attack 26:10 . How AI can inform different aspects of a ransomware defense strategy Resources Episode 89: How Threat Actors Are Using GenAI as an Enabler Episode 95: AI Augmentation and Its Impact on Cyber Defense Episode 44: A Zero Trust Framework Knows No End The State of Ransomware 2024 Ransomware: The Data Exfiltration and Double Extortion Trends Episode 113: Cyber Risk Prioritization as Ransomware Defense Security Chaos Engineering: Sustaining Resilience in Software and Systems If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 115: Continuous Feedback as CIS Employee Culture 32:03
32:03 Play Later Play Later Lists Like Liked32:03
Play Later Play Later Lists Like LikedIn episode 115 of Cybersecurity Where You Are, Sean Atkinson is joined by Carolyn Comer , Chief Human Resources Officer at the Center for Internet Security® (CIS®); Heidi Gonzalez , Sr. Employee Experience Specialist at CIS; and Jennifer Myers, Sr. Director of Learning and Development at CIS. With an in-person holiday open house and office party as their backdrop, they celebrate the continuous feedback that sustains and grows the employee culture at CIS. Here are some highlights from our episode: 02:35 . How the holiday open house and office party celebrate CIS employee culture 04:11 . How the workforce culture at CIS has changed over time 07:57 . What types of employee feedback CIS obtains after in-person events 09:33 . How in-person interactions guide a continuous learning program for CIS employees 10:55 . How events such as the holiday open house and office party continue to evolve 16:48 . Why CIS has been so successful in helping employees to navigate remote work 20:04 . The impact of an engaged Board of Directors on workplace culture 21:40 . Celebrations and upcoming plans for culture and learning at CIS Resources Episode 83: Why Meeting in Person Matters to CIS Employees Episode 58: Inside CIS's Award-Winning Workplace Culture Center for Internet Security Named Among 2024 Best Companies to Work for in New York Center for Internet Security Named Among 2024 Top Workplaces IDEA Alliance CIS Cares Episode 114: 3 Board Chairs Reflect on 25 Years of Community If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 114: 3 Board Chairs Reflect on 25 Years of Community 48:53
48:53 Play Later Play Later Lists Like Liked48:53
Play Later Play Later Lists Like LikedIn episode 114 of Cybersecurity Where You Are, Tony Sager is joined by three past and current Board Chairs of the Center for Internet Security® (CIS®): Frank Reeder , CIS Director Emeritus and Founding Chair as well as Director of the National Cybersecurity Scholarship Foundation; John Gilligan , President and Chief Executive Officer of CIS; and Bobbie Stempfley , CIS Board Chair and Business Security Officer of the Infrastructure Solutions Group at Dell Technologies. Together, they reflect on 25 years of CIS building community in the cybersecurity space. Here are some highlights from our episode: 07:04 . Perception of the problem that led to the idea of CIS 10:18 . The value of building community outside of government 17:31 . A sustainable and powerful business model for CIS 21:28 . John's priorities during his transition from Board Chair to CEO 34:38 . What CIS will focus on next 39:00 . Parting thoughts for the future Resources Episode 35: Remembering the Late Alan Paller Episode 97: How Far We've Come preceding CIS's 25th Birthday Episode 79: Advancing Common Good in Cybersecurity – Part 1 Episode 76: The Role of Thought Leadership in Cybersecurity Episode 58: Inside CIS's Award-Winning Workplace Culture If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 113: Cyber Risk Prioritization as Ransomware Defense 41:17
41:17 Play Later Play Later Lists Like Liked41:17
Play Later Play Later Lists Like LikedIn episode 113 of Cybersecurity Where You Are, Tony Sager is joined by Phyllis Lee , VP of SBP Content Development at the Center for Internet Security® (CIS®); Adam Bobrow , Co-Founder and President of Veribo Analytics; and Sridevi Joshi , Co-Founder and CEO of Veribo Analytics. Together, they discuss how the Business Impact Analysis tool created by CIS and Veribo Analytics empowers individuals and organizations to use cyber risk prioritization as a basis for their ransomware defense strategy. Here are some highlights from our episode: 04:35 . Background on the impetus for the tool's development 07:57 . How our understanding of cybersecurity risk differs from other areas of risk 12:21 . Insight into Sridevi's learning process about cyber risk prioritization as a technologist 18:23 . How the development process of the Business Impact Analysis tool got underway 21:05 . What went into the process of translating the goal into tooling 31:34 . Reflections on the tool's reception and what's next Resources CIS Critical Security Controls Implementation Groups CIS Community Defense Model 2.0 CIS Controls Self Assessment Tool (CIS CSAT) SEC Adopts Rules on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies 4.3 Establish a Bureau of Cyber Statistics FAIR: A Framework for Revolutionizing Your Risk Analysis Reasonable Cybersecurity How to Measure Anything in Cybersecurity Episode 107: Continuous Improvement via Secure by Design Episode 105: Context in Cyber Risk Quantification If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 112: How SANS Fosters Action on Cybersecurity Trends 46:56
46:56 Play Later Play Later Lists Like Liked46:56
Play Later Play Later Lists Like LikedIn episode 112 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Rob T. Lee , Chief of Research and Head of Faculty at SANS Institute. Together, they discuss how SANS Institute applies an operational or "do" model of leadership to gather expertise, build shared purpose, and foster action on evolving cybersecurity trends. Here are some highlights from our episode: 05:47 . How Rob ended up teaching at SANS Institute 08:49 . Rob's first experience meeting and working with the late Alan Paller 12:07 . How Rob's responsibility at SANS Institute has expanded 20:02 . Key cybersecurity trends on Rob's agenda as Chief of Research 23:52 . The need to refine our understanding of AI based on its different applications 36:28 . Guidance for the 47th U.S. Presidential Administration Resources Episode 35: Remembering the Late Alan Paller The Cyber Security Hall of Fame Announces 2024 Honorees Episode 76: The Role of Thought Leadership in Cybersecurity Episode 75: How GenAI Continues to Reshape Cybersecurity CrowdStrike Falcon Outage Exploited for Social Engineering Why Whole-of-State Cybersecurity Is the Way Forward From Both Sides: A Parental Guide to Protecting Your Child's Online Activity If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 111: Distilling a First Principle of Cybersecurity 47:04
47:04 Play Later Play Later Lists Like Liked47:04
Play Later Play Later Lists Like LikedIn episode 111 of Cybersecurity Where You Are, Tony Sager is joined by Rick Howard, N2K Chief Security Officer and the Chief Analyst and Senior Fellow at The Cyberwire. Together, they discuss a first principle of cybersecurity proposed by Rick in his book, Cybersecurity First Principles: A Reboot of Strategy and Tactics . Here are some highlights from our episode: 04:30 . What drove the need to formulate a foundational cybersecurity assumption 07:44 . How other "first" principles of cybersecurity have failed 14:13 . The three elements of Rick's first principle of cybersecurity 25:55 . How to derive action and improvements from Rick's first principle 40:34 . Tips on getting started with a risk forecasting strategy Resources Episode 105: Context in Cyber Risk Quantification FAIR: A Framework for Revolutionizing Your Risk Analysis Election Security Spotlight – CIA Triad Episode 44: A Zero Trust Framework Knows No End Executive Order on Improving the Nation’s Cybersecurity Cybersecurity Canon Superforecasting: The Art and Science of Prediction How to Measure Anything in Cybersecurity Risk If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 110: How Security Culture and Corporate Culture Mesh 41:38
41:38 Play Later Play Later Lists Like Liked41:38
Play Later Play Later Lists Like LikedIn episode 110 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Lee Noriega , Executive Director of the Cybersecurity Services Organization and Acting General Manager of Sales and Business Services at the Center for Internet Security® (CIS®); and Jerry Gitchel , founder of Leverage Unlimited and listener to Cybersecurity Where You Are. Together, they examine a question sent in by Jerry: if a corporate culture is lacking, can a security culture exist? Here are some highlights from our episode: 01:33 . What security culture is and how it differs from corporate culture 05:30 . What elements factor into a strategy to drive corporate culture 09:30 . The importance of a feedback loop for culture 15:43 . How to cultivate "institutional ownership" in an organization's workforce 19:03 . What goes into fostering security consciousness in support of security champions 25:14 . The challenges of engaging corporate culture to think about security culture 29:13 . Examples and takeaways for listeners Resources Why Employee Cybersecurity Awareness Training Is Important Episode 107: Continuous Improvement via Secure by Design Seth Godin | Why People Like Us Do This The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
In episode 109 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Randy Rose, VP of Security Operations & Intelligence at the Center for Internet Security® (CIS®); and Theodore "TJ" Sayers, Director of Intelligence & Incident Response at CIS. Together, they examine the scariest malware of 2024 and share some recommendations for how organizations can keep up with the changing cyber threat landscape. Here are some highlights from our episode: 01:32 . What makes certain malware strains "scarier" than others 05:37 . What trends shaped the cyber threat landscape in 2024 14:25 . The most terrifying cyber threat actor sphere in 2024 19:41 . How malware tactics and techniques from 2024 will continue to evolve 25:04 . How individuals and organizations can proactively defend themselves 29:52 . National strategies that are shaping malware defense and incident response Resources Top 10 Malware Q3 2024 Election Security Spotlight – What Is Misinformation? Salt Typhoon Hacks of Telecommunications Companies and Federal Response Implications Episode 107: Continuous Improvement via Secure by Design If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 108: Gaming and Competition in Cybersecurity 40:48
40:48 Play Later Play Later Lists Like Liked40:48
Play Later Play Later Lists Like LikedIn episode 108 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Ed Skoudis , CEO of Counter Hack Challenges and President of SANS Technology Institute. Together, they discuss the evolution of gaming and competition in cybersecurity and how these activities help to make the industry stronger. Here are some highlights from our episode: 02:04 . What goes into creating a game environment that attracts all kinds of skill levels 04:43 . A multi-disciplinary approach to creating a game environment 16:14 . How gaming and competition help to spot people with talent and potential 23:32 . The challenges of keeping pace with new technology 32:03 . The biggest challenges of putting a game environment together 36:47 . How to keep track of characters, situations, and story elements of a game Resources SANS Cyber Ranges SANS Holiday Hack Challenge Episode 59: Probing the Modern Role of the Pentest Episode 95: AI Augmentation and Its Impact on Cyber Defense LockBit 3.0 RaaS Gang Incorporates BlackMatter Capabilities If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 107: Continuous Improvement via Secure by Design 37:36
37:36 Play Later Play Later Lists Like Liked37:36
Play Later Play Later Lists Like LikedIn episode 107 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Steve Lipner , Executive Director of SAFECode. Together, they discuss how software development organizations can use principles of "secure by design" to get on a track of continuous improvement. Here are some highlights from our episode: 01:38 . Steve's background and thoughts on the emergence of secure by design 14:04 . Three guiding principles of secure software development 16:13 . The impact of security awareness from a developer's perspective 22:22 . How threat modeling helps to address security as a system problem 25:37 . The effect of modern software development methodologies like Agile and DevSecOps 30:29 . What CISA's activity around secure by design means for the industry Resources SAFECode Secure Software Development Framework (SSDF) Embedded IoT Security: Helping Vendors in the Design Process Episode 95: AI Augmentation and Its Impact on Cyber Defense If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 106: How to Avoid Falling for a Donation Scam 32:05
32:05 Play Later Play Later Lists Like Liked32:05
Play Later Play Later Lists Like LikedIn episode 106 of Cybersecurity Where You Are, Sean Atkinson is joined by Chris Smith , Social Media Specialist at the Center for Internet Security® (CIS®). Together, they use a donation scam about a natural disaster to advise how you can stay safe against this type of cyber threat. Here are some highlights from our episode: 00:49 . Why it's important to talk about donation scams and why they're so prevalent 05:13 . Recounting a real-world example of a donation scam 10:43 . Common tactics leveraged by online scammers 13:27 . Guidance for defending against a donation scam 16:48 . The rise of checks and balances to defend against crowdfunding scams 20:59 . How research can help you to verify before you donate 29:11 . What to do if you have fallen for a scam Resources Episode 27: Cyber Scams October: Cybersecurity Awareness Month If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 105: Context in Cyber Risk Quantification 33:19
33:19 Play Later Play Later Lists Like Liked33:19
Play Later Play Later Lists Like LikedIn episode 105 of Cybersecurity Where You Are, Sean Atkinson discusses the importance of context in maturing how you use cyber risk quantification to build cases for risk treatment strategies. Here are some highlights from our episode: 01:56 . The inspiration for an episode on cyber risk quantification 02:38 . How to situate risk quantification in your business processes 08:56 . Traps to avoid when quantifying cyber risks 12:12 . How the quantification process relates to controls implementation 16:50 . Why the right people and data can help you build something sustainable 23:19 . Three lenses for examining cyber risk 26:50 . Different means for communicating risk to stakeholders Resources Quantitative Risk Analysis: Its Importance and Implications FAIR: A Framework for Revolutionizing Your Risk Analysis CIS Critical Security Controls® CIS Risk Assessment Method 6 Truths of Cyber Risk Quantification Society of Information Risk Analysts If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 104: Inside the First Year of a Cybersecurity Career 32:56
32:56 Play Later Play Later Lists Like Liked32:56
Play Later Play Later Lists Like LikedIn episode 104 of Cybersecurity Where You Are, Sean Atkinson is joined by Kennidi Ortega, Information Security Analyst at the Center for Internet Security® (CIS®). Together, they explore the experience of a first-year analyst and how they might make the most of getting started in a cybersecurity career. Here are some highlights from our episode: 01:07 . How Kennidi got started in cybersecurity and what led her to the field 03:44 . What the beginning of Sean's cybersecurity career looked like 04:23 . The biggest challenges a first-year analyst may face 07:56 . Helpful resources for getting started in the cybersecurity industry 11:58 . Which technical skills Kennidi sharpened the quickest in her role 16:05 . The most important business skills for planning a future in cybersecurity 20:13 . How an agile mindset in cybersecurity supports career growth 23:00 . Recommendations on career mapping for first-year analysts 28:13 . The value of mentorships in cybersecurity Resources Episode 103: Education vs. Experience in Cybersecurity Episode 54: How to Get Started in Cybersecurity Episode 15: Cybersecurity Success Takes Soft Skills Episode 45: The Importance of Mentorship TryHackMe SANS Cyber Security Summits PancakesCon Trace Labs Backdoors & Breaches Raices Cyber CyberWarrior Cyber.org Women in CyberSecurity If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 103: Education vs. Experience in Cybersecurity 31:16
31:16 Play Later Play Later Lists Like Liked31:16
Play Later Play Later Lists Like LikedIn episode 103 of Cybersecurity Where You Are, Sean Atkinson examines education and experience as pathways for new professionals to enter the cybersecurity industry. Here are some highlights from our episode: 01:42 . What's motivating Sean to talk about this topic 03:32 . The value of cybersecurity degrees 05:17 . The pros and cons of degree programs in cybersecurity 07:47 . How a cybersecurity certification compares to a degree 10:57 . Considerations for pursuing a certification in cybersecurity 14:00 . Using certifications to learn new technology paradigms 16:54 . Why a breadth of practical experience is important 22:49 . Pathways for gaining experience in cybersecurity Resources Episode 75: How GenAI Continues to Reshape Cybersecurity Episode 59: Probing the Modern Role of the Pentest Outliers: The Story of Success Hack The Box TryHackMe David Bombal IppSec PortSwigger John Hammond If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 102: The Sporty Rigor of CIS Controls Accreditation 36:34
36:34 Play Later Play Later Lists Like Liked36:34
Play Later Play Later Lists Like LikedIn episode 102 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by the following guests: Charity Otwell , Director of the CIS Critical Security Controls® (CIS Controls®) at the Center for Internet Security® (CIS®) Lawrence Cruciana , President of Corporate Information Technologies (CorpInfoTech) Together, they discuss the "sporty" rigor underlying the process and value of achieving CIS Controls Accreditation. Here are some highlights from our episode: 01:36 . What is meant by CIS Controls Accreditation, as certified by CREST 03:32 . What motivated CorpInfoTech to pursue accreditation 07:47 . The importance of CIS Controls Accreditation to the cybersecurity ecosystem 20:07 . The business value of accreditation for recipients Resources CIS Controls Accreditation CorpInfoTech Receives First CIS Controls Accreditation CorpInfoTech Top Hurdles for MSSPs and One Shining Solution CIS Community Defense Model 2.0 Episode 44: A Zero Trust Framework Knows No End If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 101: Visualizing Attack Paths in Active Directory 34:14
34:14 Play Later Play Later Lists Like Liked34:14
Play Later Play Later Lists Like LikedIn episode 101 of Cybersecurity Where You Are, Sean Atkinson is joined by Justin Kohler , Vice President of Products at SpecterOps, and Jonathan Parfait , Technical Account Manager at SpecterOps. Together, they discuss how the visualization of attack paths in Active Directory helps organizations to better contextualize risks to their enterprise security. Here are some highlights from our episode: 01:54 . What Bloodhound is and how it assists organizations in assessing risks in their Active Directory environments 05:08 . Why have organizations look at their Active Directory environments 11:15 . Common vulnerabilities and misconfigurations identified by Bloodhound 21:21 . How organizations can best use Bloodhound as part of their cyber defensive strategy 29:18 . How Bloodhound is adapting to keep up with evolving Active Directory environments Resources Bloodhound Community Edition Episode 62: Inside the 'Spidey Sense' of a Pentester What You Need to Know About Hybrid Cloud Environments Vulnerability Management Policy Template for CIS Control 7 CIS Benchmarks List If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 100: Celebrating 100 Episodes and Looking Ahead 41:59
41:59 Play Later Play Later Lists Like Liked41:59
Play Later Play Later Lists Like LikedIn episode 100 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by David Bisson, Sr. Content Marketing Strategist at the Center for Internet Security® (CIS®). Together, they celebrate the first 100 episodes of Cybersecurity Where You Are and discuss where the podcast might go in the future. Here are some highlights from our episode: 01:14 . How the podcast's approach and content have changed since the first episode 04:19 . What surprised the team about the "machinery" of putting on a cybersecurity podcast 07:53 . A look back at some of our favorite guests and types of podcast episodes 27:20 . How the podcast can continue to support the cybersecurity industry going forward Resources Episode 1: Welcome to the Basics Episode 7: CIS Controls v8…It’s Not About the List Episode 9: Mitigating Risk: Information Security Governance Episode 24: How Do I Start a Career in Cybersecurity? Episode 59: Probing the Modern Role of the Pentest Episode 96: Making Continuous Compliance Actionable for SMBs Episode 97: How Far We've Come preceding CIS's 25th Birthday If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)
1 Episode 99: How Cyber-Informed Engineering Builds Resilience 34:23
34:23 Play Later Play Later Lists Like Liked34:23
Play Later Play Later Lists Like LikedIn episode 99 of Cybersecurity Where You Are, Sean Atkinson is joined by Marcus Sachs, SVP and Chief Engineer at the Center for Internet Security® (CIS®). Together, they discuss how cyber-informed engineering builds resilience to the potential failure of a digital system into new and existing engineering products. Here are some highlights from our episode: 03:51 . What cyber-informed engineering is and how this paradigm has emerged 11:39 . What CIS is doing to emphasize cyber-informed engineering among U.S. State, Local, Tribal, and Territorial (SLTT) government organizations 16:25 . Why resilience requires everyone to be "cyber-informed" 20:50 . The need for boards of directors and C-Suite leaders to understand cybersecurity risk 25:30 . What preparations help to lay the foundation for cyber-informed engineering Resources Cyber-Informed Engineering National Cyber-Informed Engineering Strategy Cyber-Informed Engineering Implementation Guide Episode 75: How GenAI Continues to Reshape Cybersecurity Smart Cities Need Smarter Security If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.
Daily Deals
Similar to Cybersecurity Where You Are (video)
The power of Data is undeniable. And unharnessed - it’s nothing but chaos. Making data your ally. Using it to lead with confidence and clarity. Host Jess Carter is solving problems in real-time to reveal what’s possible. Helping communities and people thrive. This is Data Driven Leadership, a show brought to you by Resultant.
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
The American healthcare system is one of the most innovative in the world. But it’s also riddled with complex challenges, such as access to affordable medications, inefficiency and administrative burdens, and communication barriers between providers. There’s clearly a better way—and at Surescripts, we have a unique sightline into what that may be. In this series, host Melanie Marcus, Chief Marketing Officer of Surescripts, sits down with today’s most inspiring and innovative leaders in healt ...
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
Big tech is transforming every aspect of our world. But how, and at what cost? This season of Land of the Giants – The Disney Dilemma – focuses on Disney’s ability to weather the ups and downs of the business cycle and changing tastes and explores what has kept it successful for over 100 years. The entertainment giant has leveraged nostalgia and its intellectual property to build a beloved brand, but after an acquisition spree that included Marvel, Lucasfilm, and 20th Century Fox, can it sus ...
…
continue reading
A weekly talk show taking a pragmatic look at the art and business of Software Development and the world of technology.
…
continue reading
Flash Forward is a show about possible (and not so possible) future scenarios. What would the warranty on a sex robot look like? How would diplomacy work if we couldn’t lie? Could there ever be a fecal transplant black market? (Complicated, it wouldn’t, and yes, respectively, in case you’re curious.) Hosted and produced by award winning science journalist Rose Eveleth, each episode combines audio drama and journalism to go deep on potential tomorrows, and uncovers what those futures might re ...
…
continue reading
WSJ’s Bold Names brings you conversations with the leaders of the bold-named companies featured in the pages of The Wall Street Journal. Hosts Tim Higgins and Christopher Mims speak to CEOs and business leaders in interviews that challenge conventional wisdom and take you inside the decisions being made in the C-suite and beyond.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
