Player FM - Internet Radio Done Right
Checked 1d ago
تمت الإضافة منذ قبل three أعوام
المحتوى المقدم من David Bisson and Center for Internet Security. يتم تحميل جميع محتويات البودكاست بما في ذلك الحلقات والرسومات وأوصاف البودكاست وتقديمها مباشرة بواسطة David Bisson and Center for Internet Security أو شريك منصة البودكاست الخاص بهم. إذا كنت تعتقد أن شخصًا ما يستخدم عملك المحمي بحقوق الطبع والنشر دون إذنك، فيمكنك اتباع العملية الموضحة هنا https://ar.player.fm/legal.
Player FM - تطبيق بودكاست
انتقل إلى وضع عدم الاتصال باستخدام تطبيق Player FM !
انتقل إلى وضع عدم الاتصال باستخدام تطبيق Player FM !
Cybersecurity Where You Are (video)
وسم كل الحلقات كغير/(كـ)مشغلة
Manage series 3382533
المحتوى المقدم من David Bisson and Center for Internet Security. يتم تحميل جميع محتويات البودكاست بما في ذلك الحلقات والرسومات وأوصاف البودكاست وتقديمها مباشرة بواسطة David Bisson and Center for Internet Security أو شريك منصة البودكاست الخاص بهم. إذا كنت تعتقد أن شخصًا ما يستخدم عملك المحمي بحقوق الطبع والنشر دون إذنك، فيمكنك اتباع العملية الموضحة هنا https://ar.player.fm/legal.
Welcome to video version of “Cybersecurity Where You Are,” the podcast of the Center for Internet Security® (CIS®). Cybersecurity affects us all — whether we’re online at home, managing a company, supporting clients, or running a state or local government. Join us on Wednesdays as Sean Atkinson, CISO at CIS, and Tony Sager, SVP & Chief Evangelist at CIS, discuss trends and threats, explore security best practices, and interview experts in the industry. Together, we’ll clarify these issues, creating confidence in the connected world. Subscribe to the audio version of our podcast here: https://fast.wistia.net/embed/channel/wbyhaw35xf?wchannelid=wbyhaw35xf.
…
continue reading
144 حلقات
وسم كل الحلقات كغير/(كـ)مشغلة
Manage series 3382533
المحتوى المقدم من David Bisson and Center for Internet Security. يتم تحميل جميع محتويات البودكاست بما في ذلك الحلقات والرسومات وأوصاف البودكاست وتقديمها مباشرة بواسطة David Bisson and Center for Internet Security أو شريك منصة البودكاست الخاص بهم. إذا كنت تعتقد أن شخصًا ما يستخدم عملك المحمي بحقوق الطبع والنشر دون إذنك، فيمكنك اتباع العملية الموضحة هنا https://ar.player.fm/legal.
Welcome to video version of “Cybersecurity Where You Are,” the podcast of the Center for Internet Security® (CIS®). Cybersecurity affects us all — whether we’re online at home, managing a company, supporting clients, or running a state or local government. Join us on Wednesdays as Sean Atkinson, CISO at CIS, and Tony Sager, SVP & Chief Evangelist at CIS, discuss trends and threats, explore security best practices, and interview experts in the industry. Together, we’ll clarify these issues, creating confidence in the connected world. Subscribe to the audio version of our podcast here: https://fast.wistia.net/embed/channel/wbyhaw35xf?wchannelid=wbyhaw35xf.
…
continue reading
144 حلقات
كل الحلقات
×C
Cybersecurity Where You Are (video)

1 Episode 144: Carrying on the MS-ISAC's Character and Culture 33:04
33:04
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب33:04
In episode 144 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Carlos Kizzee , Senior Vice President of Multi-State Information Sharing and Analysis Center® (MS-ISAC®) at the Center for Internet Security®(CIS®). Together, they discuss how the MS-ISAC's new funding model helps to carry on the character and culture of this collaborative cyber defense community. Here are some highlights from our episode: 01:11 . The unique mission, history, and value of building community at the MS-ISAC 05:36 . A new fee-based model to preserve services and support amid federal funding changes 07:08 . Service continuity as a commitment to U.S. State, Local, Tribal, and Territorial entities 09:45 . Initial feedback and considerations heard at the 2025 ISAC Annual Meeting 11:40 . The new membership funding model and how it preserves SLTT collaboration 15:25 . A cost-effective approach to securing the "cyber-underserved" 19:31 . The range of U.S. SLTT government organizations who can enroll as members now 21:59 . The illusion of "free" in helping U.S. SLTTs to strengthen their cyber defenses 22:55 . Why U.S. SLTTs need to enroll in paid MS-ISAC membership before October 1, 2025 28:03 . Scale as the key to making MS-ISAC activities as cost-effective as possible 30:05 . The essential need for U.S. SLTT government organizations to invest in the MS-ISAC Resources Multi-State Information Sharing and Analysis Center® Episode 142: SLTTs and Their Nuanced Cybersecurity Needs Episode 137: National Cybersecurity Through SLTT Resilience ISAC Annual Meeting MS-ISAC Membership Resources Become an MS-ISAC Member Episode 30: Solving Cybersecurity at Scale with Nonprofits If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)

1 Episode 143: Iran's Growing Multidimensional Threat Activity 31:57
31:57
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب31:57
In episode 143 of Cybersecurity Where You Are, Sean Atkinson is joined by John Cohen , Executive Director of the Program for Countering Hybrid Threats at the Center for Internet Security®(CIS®). Together, they discuss Iran's evolving multidimensional threat activity following U.S. airstrikes on Iranian nuclear facilities in June 2025. Here are some highlights from our episode: 00:49 . Lessons from the past on how Iran might respond to the U.S. airstrikes in June 2025 04:56 . The use of informed practice and continuous awareness to better prepare defenders 06:41 . Recap of Iranian multidimensional threat activity observed between 2024 and 2025 11:53 . The impact of contextual intelligence and education in driving threat awareness 19:17 . Why understanding of impact is critical to addressing a business risk 23:09 . Three things you need to do to be an effective threat briefer 25:07 . The use of tabletop exercises (TTXs) to promote incident response 26:56 . The 2024 General Election as a case study of what threat preparedness can do Resources ThreatWA™ US hits 3 Iranian nuclear sites, Trump says, plunging America into conflict Are national security threats a concern after U.S. military strike on Iranian nuclear sites? New report: Hacker for El Chapo helped boss hunt and kill FBI informants MS-ISAC Guide to DDoS Attacks With July 4 just days away, US law enforcement on high alert for Iran retaliation Iran-linked hackers threaten to release Trump aides' emails Iranian-aligned hackers claim responsibility for Truth Social cyberattack Iranian-Aligned Hackers Claim Responsibility for Attack on Trump’s Truth Social Platform States and Congress wrestle with cybersecurity after Iran attacks small town water utilities NYPD deploying additional resources across city following US strikes on Iran CIS Critical Security Controls v8.1 Industrial Control Systems (ICS) Guide Enhancing Safety in the Connected World — A National Framework for Action Episode 138: The Use of GenAI to Refine Your TTX Development Countering Multidimensional Threats: Lessons Learned from the 2024 Election If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)

1 Episode 142: SLTTs and Their Nuanced Cybersecurity Needs 34:10
34:10
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب34:10
In episode 142 of Cybersecurity Where You Are, Sean Atkinson is joined by Anthony Essmaker , former Product Marketing Manager at the Center for Internet Security®(CIS®); and Randy Rose, VP of Security Operations & Intelligence at CIS. Together, they discuss the nuanced, empathetic approach that's required to help U.S. State, Local, Tribal, and Territorial (SLTT) government organizations to address their cybersecurity needs. Here are some highlights from our episode: 01.10 . What the acronym "SLTT" means to CIS's operational mission 05:39 . Using a flexible approach to support the different cybersecurity needs of the 50 states 09:43 . How different resources and experiences contextualize "best practices" at the local level 11:49 . Trivia question: Which two U.S. states don't have counties? 13:20. The complexity of cybersecurity challenges and resources for U.S. tribal entities 20:11 . A 20-year history of working with U.S. SLTTs to meet them where they are 21:30 . Relationships as the bedrock for a community model of SLTT cyber defense 26:29 . Geographical isolation and other factors affecting U.S. territories' cybersecurity needs 32:42 . A closing fun fact about the first U.S. fire district Resources Episode 123: An Operational Playbook for Security Impact The CIS Security Operations Center (SOC): The Key to Growing Your SLTT's Cyber Maturity 2024 MS-ISAC Tribal Sector Cybersecurity Report Multi-State Information Sharing and Analysis Center® Nationwide Cybersecurity Review (NCSR) If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)

1 Episode 141: A Human-Centered Take on Password Policies 43:18
43:18
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب43:18
In episode 141 of Cybersecurity Where You Are, Tony Sager is joined by Phyllis Lee , VP of SBP Content Development at the Center for Internet Security®(CIS®); and Julie Haney , Computer Scientist & Human-Centered Cybersecurity Researcher at the National Institute of Standards and Technology (NIST). Together, they use a human-centered understanding of security to discuss password policies, including their benefits, drawbacks, and efficacy. Here are some highlights from our episode: 01:03 . Introductions to Phyllis and Julie 03:34 . How "human-centered cybersecurity" goes beyond just usability 05:35 . The use of NIST and other authoritative sources to dispel confusion in cybersecurity 09:09 . How password policies positively and negatively impact human behavior 15:06 . Three anecdotes that showcase the importance of context when enacting security policy 21:49 . The process of using NIST SP 800-63 to recommend password security best practices 27:11 . Our changing understanding of "the human element" 29:23 . The need to do cybersecurity awareness training "right" and measure its effectiveness 31:30 . Recognition of the absence of natural systems thinking in cybersecurity 33:14 . Psychological safety, feedback, and trust as foundations of security culture 39:03 . Human touchpoints as a starting point to help usability and security work together Resources CIS Password Policy Guide NIST SP 800-63 Digital Identity Guidelines Episode 98: Transparency as a Tool to Combat Insider Threats Episode 110: How Security Culture and Corporate Culture Mesh Why Employee Cybersecurity Awareness Training Is Important If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)

1 Episode 140: Threat-Informed Travel Safety Tips 34:28
34:28
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب34:28
In episode 140 of Cybersecurity Where You Are, Sean Atkinson is joined by John Cohen , Executive Director of the Program for Countering Hybrid Threats at the Center for Internet Security®(CIS®). Together, they discuss travel safety tips informed by today's evolving multidimensional threat environment. Here are some highlights from our episode: 01:30 . The most overlooked security risks we need to take seriously whenever we travel 03:42 . How threat actors can exploit our tendency to overshare online 07:25 . Top security practices you can use to safely plan your next trip 12:28 . The value of playing out your travels' worst-case scenario before you leave 16:02 . The benefits and drawbacks of using electronic navigations systems while traveling 18:00 . Videos as a means of attuning to the "flow" of a different place and/or culture 24:10 . Which types of people make attractive targets for foreign intelligence services 25:05 . Honeypot operations in the physical and digital worlds 27:24 . Opportunities to protect the technology on which we rely Resources ThreatWA™ Travel.State.Gov A Short Guide for Spotting Phishing Attempts 8 Security Essentials for Managing Your Online Presence Election Security Spotlight – Social Engineering If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)

1 Episode 139: Community Building for the Cyber-Underserved 34:03
34:03
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب34:03
In episode 139 of Cybersecurity Where You Are, Tony Sager is joined by Amelia Gifford , Sr. Manager, Administration, at the Center for Internet Security®(CIS®); and George Bailey , Director of Purdue cyberTAP . Together, they discuss how the 2025 grant from the Alan Paller Laureate Program will support Purdue cyberTAP's mission of community building for the cyber-underserved. Here are some highlights from our episode: 01:02 . Honoring a legacy of making cybersecurity practical and accessible 03:34 . The business of giving products away to benefit the cybersecurity community 05:00 . The use of the CIS Critical Security Controls (CIS Controls) to help rural electricity cooperatives in Indiana 11:00 . Methodology, tooling, and repeatability as part of a lifecycle of realizing a good idea 11:56 . Cross-Mapping as a means to help people live with so many security frameworks 12:59 . Accountability and re-assessment as methods for measuring program success 14:59 . The power of community in prioritizing the CIS Controls 16:38 . Community building as a way to navigate the cybersecurity business together 17:42 . A controlled Controls experiment to generate data, learn lessons, and create feedback 19:03 . Progress reporting as a way to foster connections 24:39 . Feedback on the Alan Paller Laureate Program application process 26:30 . Focus on cybersecurity community impact as a consideration for future applicants 30:31 . Parting thoughts about the grant program and an invitation to reach out to George Resources Center for Internet Security Awards Nearly $250,000 to Purdue University’s Technical Assistance Program Episode 114: 3 Board Chairs Reflect on 25 Years of Community Episode 97: How Far We've Come preceding CIS's 25th Birthday CIS Critical Security Controls v8.1 Industrial Control Systems (ICS) Guide SEC366: CIS Implementation Group 1™ How to Plan a Cybersecurity Roadmap in 4 Steps CIS SecureSuite® Membership Mapping and Compliance with the CIS Controls Reasonable Cybersecurity Guide If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)

1 Episode 138: The Use of GenAI to Refine Your TTX Development 33:54
33:54
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب33:54
In episode 138 of Cybersecurity Where You Are, Sean Atkinson is joined by Timothy Davis, Lead Cyber Threat Intelligence (CTI) Analyst at the Center for Internet Security®(CIS®). Together, they discuss how organizations can use Generative Artificial Intelligence (GenAI) to refine how they develop Tabletop Exercises (TTXs). Here are some highlights from our episode: 01:49 . Why TTXs function as a "blue sky" opportunity for crisis management and preparedness 04:33 . A quick recap of how GenAI stands apart from traditional AI 06:19 . The direct relationship between input and output when measuring GenAI content quality 07:36 . TTXs as a use case for GenAI to help the "cyber-underserved" 10:14 . How GenAI can quickly customize TTXs for different organizations and threat models 13:56 . The use of GenAI to improve TTX facilitation, regularity, and cost 17:22 . GenAI as an inspiration to act on the findings of a simulation 18:26 . Risks and ethical concerns to keep in mind for GenAI-enhanced TTX development 24:46 . Where humans can still play a part in augmented exercises 30:08 . Closing thoughts about the future of GenAI Resources Leveraging Generative Artificial Intelligence for Tabletop Exercise Development Episode 134: How GenAI Lowers Bar for Cyber Threat Actors Episode 89: How Threat Actors Are Using GenAI as an Enabler DeepSeek: A New Player in the Global AI Race Multi-State Information Sharing and Analysis Center® If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)

1 Episode 137: National Cybersecurity Through SLTT Resilience 42:00
42:00
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب42:00
In episode 137 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Terry Loftus , Assistant Superintendent (Chief Information Officer) of Integrated Technology Services at the San Diego County Office of Education (SDCOE); and Netta Squires , President of Government Affairs, Cybersecurity, & Resilience at Open District Solutions (ODS). Together, they discuss how the Multi-State Information Sharing and Analysis Center® (MS-ISAC®) functions as a space for U.S. State, Local, Tribal, and Territorial (SLTT) entities to collectively strengthen their cyber resilience in support of U.S. national cybersecurity. Here are some highlights from our episode: 01:15 . A study to understand the cybersecurity perspectives of the MS-ISAC community 03:24 . The need for sustained cyber defense accelerators to drive U.S. SLTT resilience 07:31 . How surveys and focus groups uncovered U.S. SLTT cybersecurity funding, staffing, and governance challenges 13:06 . The superpower of cyber threat intelligence driven, tailored, and provided via community 17:41 . Trust as a foundation for building relationships among MS-ISAC members and partners 21:26 . How the MS-ISAC moved community cyber defense from conversational to operational 22:22 . The role of trust in making membership affordable and solutions at scale possible 25:00 . Opportunities for relationship building, training, and access to services in the MS-ISAC 30:00 . Examples of MS-ISAC success stories and the need to share them 33:40 . The MS-ISAC as a space to craft a strategic path for national cybersecurity 36:29 . Closing thoughts on how members value and can get involved in the MS-ISAC Resources Strengthening Critical Infrastructure: SLTT Progress & Priorities Malicious Domain Blocking and Reporting (MDBR) Episode 126: A Day in the Life of a CTI Analyst Why Whole-of-State Cybersecurity Is the Way Forward MS-ISAC: Defending America’s Critical Infrastructure If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)

1 Episode 136: How WiCyS Advances Women in Cybersecurity 38:35
38:35
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب38:35
In episode 136 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined live by Lynn Dohm , Executive Director of Women in CyberSecurity (WiCyS). Together, they discuss how WiCyS works to advance women in cybersecurity. Here are some highlights from our episode: 01:03 . A mission of recruiting, retaining, and advancing women in cybersecurity 05:38 . How community-focused conferences and scholarships promote community growth 06:25 . The need to celebrate the work of and encourage support among cyber defenders 08:52 . Four strategic pillars as a foundation for navigating COVID, societal change, and more 13:50 . The importance of laying out cybersecurity career paths outside of individual companies 15:15 . How a foundation of inclusion enables diversity to expand 19:45 . The use of strategic partners to anticipate changing cybersecurity and hiring needs 22:38 . Inside the successes of the mentorships and other WiCyS programs 28:22 . The impact of Alan Paller on opening doors for WiCyS 32:35 . How volunteerism supports retention in cybersecurity through inclusion and satisfaction Resources Episode 77: Data's Value to Decision-Making in Cybersecurity Episode 120: How Contextual Awareness Drives AI Governance Alan Paller Laureate Program Episode 30: Solving Cybersecurity at Scale with Nonprofits If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)

1 Episode 135: Five Lightning Chats at RSAC Conference 2025 23:30
23:30
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب23:30
In episode 135 of Cybersecurity Where You Are, Sean Atkinson is joined live at RSAC Conference 2025 by five attendees, including two Center for Internet Security® (CIS®) employees. He conducts a lightning chat with each attendee to get their thoughts about the conference, how it reflects the changing cybersecurity industry, and the role CIS plays in this ongoing evolution. Here are some highlights from our episode: 00:40 . Stephanie Gass , Sr. Director of Information Security at CIS How to start creating a policy and make it effective through implementation processes A transition to an approach integrating mappings for CIS security best practices The use of GenAI and security champions to make this transition 04:08 . Brad Bock , Director of Product Management at Chainguard Building and compiling security from the ground up in open-source container images Trusting pre-packaged software in an increasingly complex world Support of customer compliance with attestation, SBOMs, and vulnerability remediation 07:43 . Stephane Auger , Vice President Technologies and CISO at Équipe Microfix Customer awareness and other top challenges for MSPs and MSSPs The use of case studies and referrals to communicate the importance of cybersecurity A growing emphasis on cyber risk insurance as media attention around breaches grows 11:36 . Brent Holt , Director of Cybersecurity Technology at Edge Solutions LLC How the CIS Critical Security Controls facilitates a consultative approach to customers The importance of knowing where each company is in their use of GenAI Mapping elements of a portfolio to CIS security best practices 17:23 . Mishal Makshood , Sr. Cloud Security Account Executive at CIS The use of learning and research to investigate GenAI's utility for CIS An aspiration to scale efficiency and drive improvements with GenAI training A reminder to augment human thought, not replace it, with GenAI Resources Episode 63: Building Capability and Integration with SBOMs Mapping and Compliance Cybersecurity for MSPs, MSSPs, & Consultants Episode 130: The Story and Future of CIS Thought Leadership If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)

1 Episode 134: How GenAI Lowers Bar for Cyber Threat Actors 39:48
39:48
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب39:48
In episode 134 of Cybersecurity Where You Are, Sean Atkinson is joined by Randy Rose, VP of Security Operations & Intelligence at the Center for Internet Security® (CIS®); and Timothy Davis, Lead Cyber Threat Intelligence (CTI) Analyst at CIS. Together, they discuss how generative artificial intelligence (GenAI) lowers the barrier of entry for cyber threat actors (CTAs). Here are some highlights from our episode: 01:37 . CTAs' use of GenAI to improve their existing campaigns 03:38 . The need for CTI teams to look beyond language in analyzing GenAI-enabled threats 07:22 . The evolving impact of GenAI on phishing campaigns, malware development, deepfakes, and malicious Artificial Intelligence as a Service (AIaaS) offerings 12:28 . How GenAI increases the the speed at which CTAs can scale their efforts 17:29 . Technical barriers and other limitations that shape CTAs' use of GenAI 22:46 . A historical perspective of AI-enabled cybersecurity and how GenAI can support cybersecurity awareness training 26:50 . The cybersecurity benefits of AI and machine learning (ML) capabilities for clustering data 29:05 . What the future might hold for GenAI from an offensive and defensive perspective Resources The Evolving Role of Generative Artificial Intelligence in the Cyber Threat Landscape Episode 89: How Threat Actors Are Using GenAI as an Enabler Episode 95: AI Augmentation and Its Impact on Cyber Defense 12 CIS Experts' Cybersecurity Predictions for 2025 CIS Critical Security Controls® Multi-State Information Sharing and Analysis Center® If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)

1 Episode 133: DieNet's DDoS Hacktivism and Evolving TTPs 32:33
32:33
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب32:33
In episode 133 of Cybersecurity Where You Are, Sean Atkinson is joined by Lauren McFayden, Threat Intelligence Analyst at the Center for Internet Security® (CIS®). Together, they discuss the Distributed Denial of Service (DDoS) hacktivism of DieNet and how the group continues to evolve its Tactics, Techniques, and Procedures (TTPs). Here are some highlights from our episode: 01:22 . An overview of DieNet and its emergence on Telegram 01:55 . DDoS attacks and the potential for service disruptions 02:55 . DieNet's pro-Palestinian ideology and opposition to the 47th U.S. Presidential Administration 05:00 . U.S. and foreign targets claimed by the group 06:30 . DieNet's history of claiming attacks against U.S. critical national infrastructure (CNI) 10:33 . Two pieces of evidence used to partially assess the credibility of a claimed attack 15:16 . How DieNet v2 suggests an escalation of attack strategies 20:43 . How the DDoS hacktivist group may continue to evolve its TTPs in subsequent versions 23:48 . The use of the CIS Critical Security Controls (CIS Controls) to reduce an attack surface 25:56 . How ThreatWA stands out in keeping you informed about emerging threats Resources Hacktivist Group DieNet Claims DDoS Attacks against U.S. CNI MS-ISAC Guide to DDoS Attacks ThreatWA CIS Critical Security Control 1: Inventory and Control of Enterprise Assets CIS Critical Security Control 2: Inventory and Control of Software Assets CIS Critical Security Control 3: Data Protection Episode 44: A Zero Trust Framework Knows No End If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)

1 Episode 132: Day One, Step One, Dollar One for Cybersecurity 34:35
34:35
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب34:35
In episode 132 of Cybersecurity Where You Are, Sean Atkinson is joined by Valecia Stocchetti, Sr. Cybersecurity Engineer of the CIS Critical Security Controls (CIS Controls) at the Center for Internet Security® (CIS®). Together, they discuss what the first day, step, and dollar of implementing a controls framework look like for organizations stepping into their cybersecurity journey. Here are some highlights from our episode: 01:54 . Building and improving a cybersecurity program through the power of consensus 04:55 . The use of an assessment to determine where you are and where you're going 09:15 . How cross-mapping to multiple frameworks simplifies regulatory compliance efforts 12:00 . The use of governance to secure leadership buy-in for your cybersecurity program 13:33 . Continuous auditing and monitoring as tools for adapting to change 15:10 . How Controls prioritization flows through the Implementation Groups (IGs) 19:39 . Leadership as the backbone for getting any business program off the ground 22:59 . Calculating the cost of cyber defense as a preventative action 24:55 . Tradeoffs with security tools to keep in mind so that you can budget efficiently 30:00 . Qualifications when using security offerings of MSPs and CSPs Resources CIS Community Defense Model 2.0 How Risk Quantification Tests Your Reasonable Cyber Defense CIS Controls Self Assessment Tool (CIS CSAT) Guide to Implementation Groups (IG): CIS Critical Security Controls v8.1 How to Plan a Cybersecurity Roadmap in 4 Steps The Cost of Cyber Defense: CIS Controls IG1 If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)

1 Episode 131: It Takes a Village to 'Reasonably' Secure SoCal 32:52
32:52
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب32:52
In episode 131 of Cybersecurity Where You Are, Tony Sager is joined by Stan Stahl, PhD , Founder and President of SecureTheVillage . Together, they discuss how SecureTheVillage, a nonprofit and inaugural Alan Paller Laureate Program awardee , is using a collaboration-driven approach to enhance reasonable cybersecurity awareness and practices within Southern California (SoCal). Here are some highlights from our episode: 01:07 . An introduction to Stan and how he came to champion small business cybersecurity 04:28 . How SecureTheVillage emerged to support small businesses' cybersecurity needs using the power of community 07:15 . The need for nonprofits to play a strong role in addressing cybersecurity challenges 12:01 . How Stan drew inspiration from Alan Paller and support from the Alan Paller Laureate Program to advance SecureTheVillage's work 17:57 . Reasonable cybersecurity as part of SecureTheVillage's foundation story 22.13 . Aligning cybersecurity needs to the goals of public policy 25:33 . What's next for SecureTheVillage 29:52 . Closing thoughts on why a "village" model for cybersecurity is so important Resources Alan Paller Laureate Program Implementation Guide for Small- and Medium-Sized Enterprises CIS Controls IG1 Episode 30: Solving Cybersecurity at Scale with Nonprofits Reasonable Cybersecurity Guide If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
C
Cybersecurity Where You Are (video)

1 Episode 130: The Story and Future of CIS Thought Leadership 32:38
32:38
التشغيل لاحقا
التشغيل لاحقا
قوائم
إعجاب
احب32:38
In episode 130 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by John Gilligan , President and Chief Executive Officer (CEO) of the Center for Internet Security® (CIS®). Set against the backdrop of the 2025 CIS Annual Full Staff Meeting, they celebrate 25 years of CIS, including the "serendipity" by which the company became a global cybersecurity thought leader. They also discuss how this thought leadership may evolve over the next 25 years. Here are some highlights from our episode: 01:30 . How CIS started along with how John and Tony initially got involved 07:12 . How CIS thought leadership changed with the absorption of the "SANS Top 20," the precursor of the CIS Critical Security Controls 11:04 . The "serendipity" through which CIS grew and formalized its sales, funding, support, and other operations in the 2010s 15:18 . How mission and culture advanced CIS to its 25th anniversary in 2025 22:52 . What the future might hold for "CIS 2.0" Resources 25 Years of Creating Confidence in the Connected World Episode 97: How Far We've Come preceding CIS's 25th Birthday Episode 114: 3 Board Chairs Reflect on 25 Years of Community Episode 76: The Role of Thought Leadership in Cybersecurity Episode 125: How Leadership Principles Influence CIS Culture Episode 120: How Contextual Awareness Drives AI Governance Episode 119: Multidimensional Threat Defense at Large Events If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org .…
مرحبًا بك في مشغل أف ام!
يقوم برنامج مشغل أف أم بمسح الويب للحصول على بودكاست عالية الجودة لتستمتع بها الآن. إنه أفضل تطبيق بودكاست ويعمل على أجهزة اندرويد والأيفون والويب. قم بالتسجيل لمزامنة الاشتراكات عبر الأجهزة.