Send us a text How would a massive data breach at a major corporation like Boeing affect the global cybersecurity landscape? Join us on this episode of the CISSP Cyber Training Podcast, where we dissect this alarming 50GB ransomware attack and its profound implications on the industry. Additionally, we unpack the serious data compromise in Maine due to the MoveIt file transfer tool hack, which impacted 1.3 million people, and explore Google's bold move to delete old, inactive account data t...
Aug 15, 2024•24 min•Season 2Ep. 167
Send us a text Ever wondered why your SOC team spends so much time on routine tasks rather than addressing critical threats? Discover the 80-20 rule in security operations and see how automating 80% of routine tasks can free up your team to focus on the complex incidents that truly matter. In our latest episode, host Sean Gerber shares his firsthand experiences leading a SOC and provides actionable insights on how to balance automation and customization for an efficient and responsive security o...
Aug 12, 2024•43 min•Season 2Ep. 166
Send us a text Ever wondered how CPUs juggle multiple tasks seamlessly? On this week's CISSP Cyber Training Podcast, we decode the art of CPU processes and multi-threaded environments. I'm Sean Gerber, and together, we'll navigate the maze of system architectures, from the running state of a CPU process to the marvels of symmetric multiprocessing. Dive in as we unravel the complexities of computing, making even the most intricate concepts accessible and engaging. Whether you'...
Aug 08, 2024•12 min
Send us a text Ever wondered how mastering process states and system architecture can be as straightforward as organizing your child's toy box? Join me, Sean Gerber, on the CISSP Cyber Training Podcast as we unpack the complexities of these crucial concepts to help you ace the CISSP exam. Drawing from my personal journey and the hurdles I faced, I'll share practical tips and relatable analogies that make even the most daunting topics accessible. We start by breaking down the initiation...
Aug 05, 2024•39 min
Send us a text Are you ready to ace your CISSP exam and propel your cybersecurity career to new heights? This episode of the CISSP Cyber Training Podcast promises to equip you with critical insights on data roles and regulations. From demystifying the responsibilities of data processors under GDPR to unpacking the PCI DSS framework essential for the financial sector, we leave no stone unturned. We'll also clarify the distinctions between asset owners and data owners, and explain who holds a...
Aug 01, 2024•17 min
Send us a text Unlock the secrets to mastering Domain 2 of the CISSP exam and navigate the paradox of the booming yet financially strained cybersecurity field. Despite the staggering 4 million global job openings, recent budget cuts and layoffs are reshaping the landscape. Learn how economic challenges are clashing with the rising demand for cybersecurity skills, the increasing pressures of governmental regulations, especially in AI security, and combatting the burgeoning threat of insider attac...
Jul 29, 2024•35 min
Send us a text Ever wondered what the GDPR and the Economic Espionage Act of 1996 have in common? On this episode of CISSP Cyber Training Podcast, I break down the complexities of essential cybersecurity legislation, both in the U.S. and Europe. We'll uncover what you need to know about the Identity Theft and Assumption Deterrence Act, the Wiretap Act, and the UK Computer Misuse Act. Additionally, we'll discuss the intricacies of civil law, HIPAA, and the critical role of administrativ...
Jul 25, 2024•14 min
Send us a text How does understanding the legal landscape in cybersecurity elevate your professional game? Join us on this episode of the CISSP Cyber Training Podcast as we unpack the complexities of civil, criminal, administrative, and contractual law. Learn how each legal category influences risk assessments, organizational policies, and legal prosecutions. We'll guide you through the nuances of civil law's role in resolving non-criminal disputes, the severe implications of criminal ...
Jul 21, 2024•37 min
Send us a text Ready to fortify your software development practices against security risks? Join us as we unearth critical strategies for mitigating vulnerabilities in your code. From the seamless integration of Static Application Security Testing (SAST) into your CI/CD pipelines to refactoring code to eliminate buffer overflow issues, this episode is packed with essential insights. Discover the must-have security controls for cloud-based SaaS platforms, such as robust access controls and code o...
Jul 18, 2024•19 min•Season 2Ep. 159
Send us a text Ever wondered how a data breach could impact cloud security, or what measures you need to take to secure sensitive information? Join us in this episode of the CISSP Cyber Training Podcast as we break down the recent AT&T data breach and its implications on cloud environments like AWS and Snowflake. Discover how attackers gained access to critical phone records and network topology, and why staying up-to-date with cloud security is more critical than ever. We also cover the int...
Jul 15, 2024•31 min•Season 2Ep. 158
Send us a text Can AI revolutionize your cybersecurity career? Join me, Sean Gerber, on today's thrilling episode of the CISSP Cyber Training Podcast as we uncover the transformative impact of artificial intelligence on cybersecurity jobs, based on a revealing article by Joe McKendrick from ZDNet. With 88% of cybersecurity professionals predicting AI will change their roles and 82% believing it will enhance efficiency, it's clear that adaptation is key. We'll also discuss the alar...
Jul 11, 2024•22 min•Season 2Ep. 157
Send us a text Is a four-year college degree necessary to break into the world of cybersecurity? Discover why practical experience and industry certifications might just be your golden ticket to a thriving career in IT. In this episode of the CISSP Cyber Training Podcast, host Sean Gerber unpacks Domain 7.3 of the CISSP exam, emphasizing the significant shift in the job market. With over 7,500 new IT roles added in June alone, Sean discusses how transitioning from general IT to specialized cyber...
Jul 08, 2024•35 min
Send us a text Ever wondered how to secure your SaaS environment while mastering essential security testing techniques? Join me, Sean Gerber, on the CISSP Cyber Training Podcast as we navigate the complexities of cybersecurity, starting off with some personal July 4th reflections and an insightful Forbes article on the pressing threats and strategies in the SaaS landscape. With a staggering 96.7% of organizations relying on SaaS applications, the stakes have never been higher. You'll learn ...
Jul 04, 2024•24 min•Season 2Ep. 155
Send us a text Ever wondered how to fortify your organization against cyber threats? Join Sean Gerber as we uncover the essentials of Domain 6.3 of the CISSP exam, from security assessments to account management and backup verification. Learn about tools like Nessus and Qualys and the role of ethical hacking in identifying vulnerabilities. Discover the critical differences between authenticated and unauthenticated scanning, and how red teams elevate your security measures to the next level. What...
Jul 01, 2024•36 min•Season 2Ep. 154
Send us a text Could a seemingly minor breach at a smaller bank signal bigger vulnerabilities in our financial system? On this episode of the CISSP Cyber Training Podcast, we deliver eye-opening insights on a recent cybersecurity incident involving the notorious ransomware group LockBit. While the U.S. Federal Reserve remained untouched, Evolve Bank and Trust became their latest target. We'll break down what happened, why it matters, and what it means for the cybersecurity landscape. But th...
Jun 27, 2024•22 min•Season 2Ep. 153
Send us a text Want to ensure your organization's sensitive data remains secure in today's mobile-centric world? Tune in to our latest CISSP Cyber Training Podcast episode, where we unravel the complexities of federated identities and robust credential management. Learn from the high-profile data breach involving Change Healthcare and discover how multi-factor authentication could have prevented such a disaster. We promise you'll gain essential insights into how federated identiti...
Jun 24, 2024•33 min•Season 2Ep. 152
Send us a text Ready to conquer the CISSP exam? This episode promises to arm you with crucial insights into the OSI model and its real-world applications. We kick things off by unraveling the intricacies of VPN tunnels and the pivotal role the data link layer plays in encapsulating data packets for secure internet travel. Next, you'll grasp how a significant Border Gateway Protocol (BGP) security breach zeroes in on the network layer. We then dissect the limitations of firewalls at the tran...
Jun 20, 2024•23 min•Season 1Ep. 151
Send us a text Are multi-layer protocols the key to safeguarding our digital world amidst the rising tide of cyberattacks? Join me, Sean Gerber, as I unravel the complexities of these protocols and their vital role in cybersecurity, drawing from the CISSP ISC² domains 4.1.4 and 4.1.5. By sharing my firsthand experiences and highlighting the alarming $22 million ransomware payout by Change Healthcare, I underscore the urgent need for redundancy in critical systems, especially within vulnerable se...
Jun 17, 2024•30 min
Send us a text Ready to conquer the CISSP exam? Unlock the secrets of threat modeling with our latest episode! Join me, Sean Gerber, as we break down the STRIDE methodology—Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege. Learn how to decode these critical security concepts and master the art of eliminating wrong answers in multiple-choice questions. This episode is your ticket to not only understanding but excelling in one of the most vita...
Jun 13, 2024•12 min•Season 2Ep. 149
Send us a text What if you could transform your cybersecurity skills and become an expert in threat modeling? Join me, Sean Gerber, on the CISSP Cyber Training Podcast as I guide you through the critical elements of threat modeling, a key topic for any cybersecurity professional gearing up for the CISSP exam. We'll discuss why grasping the nuances of threats is essential to safeguarding your organization's data and systems. From system and threat identification to vulnerability assessm...
Jun 10, 2024•43 min•Season 2Ep. 148
Send us a text What if your organization's data could be breached through an exposed API in your modem? Join me, Sean Gerber, in this week's CISSP Cyber Training Podcast as we unravel the hidden dangers of API connections and dive into the latest security flaws found in Cox modems. We'll also kick off our thrilling CISSP Question Thursday, tackling complex queries from domains 3.1.2 and 3.1.3. Plus, discover why AES-256 stands as the gold standard for cloud data encryption and how...
Jun 06, 2024•17 min•Season 2Ep. 147
Send us a text Curious about how to implement robust cybersecurity measures and avoid costly breaches? In our latest episode of the CISSP Cyber Training Podcast, we unravel the intricacies of defense in depth and secure defaults as outlined in domains 3.1.2 and 3.1.3 of the CISSP exam. Starting with a weather update from Kansas, we shift gears to dissect a critical incident at UnitedHealthcare, revealing the repercussions of appointing a CISO lacking specific security expertise. We emphasize the...
Jun 03, 2024•36 min
Send us a text Ever wondered how to navigate the complexities of data classification within your organization? Get ready to sharpen your cybersecurity skills and elevate your knowledge as we dissect CISSP Question Thursday, focusing on domain 2.1.1. This week, we also bring you an intriguing piece of news about ARPA-H, a groundbreaking new agency inspired by DARPA but aimed at revolutionizing healthcare through cutting-edge technology. With a starting fund of $50 million, ARPA-H is set to tackle...
May 30, 2024•26 min
Send us a text As we honor the memory of those who have served and sacrificed, we also acknowledge the ever-present battlefield of cybersecurity. Today, we dissect the essentials of data classification, an integral aspect of Domain 2 in the CISSP exam, while paying tribute to Memorial Day. Join me, Sean Gerber, for a candid conversation where we unwrap the layers of Microsoft Copilot's recall feature and its privacy concerns, and we address how these advanced AI technologies intersect with ...
May 27, 2024•39 min•Season 2Ep. 144
Send us a text Unlock the doors to a fortified cybersecurity career with me, Sean Gerber, as we navigate the complex landscape of CISSP concepts tailored for those aspiring to conquer the CISSP exam. We're not just scratching the surface; we're burrowing into the depths of what it takes to understand and tackle real-world security challenges. From the perils of unprotected customer data on cloud servers to the intricacies of managing employees who sidestep DRM for convenience, this pod...
May 23, 2024•22 min
Send us a text Dive deep into the legal intricacies of cybersecurity with me, Sean Gerber, as I guide you through the maze of laws and scams impacting our digital world. Prepare to arm yourself with knowledge that stretches far beyond the CISSP exam, as we tackle the multi-million-dollar repercussions of cybercrimes and the collaborative global efforts to combat them. This episode lays down the framework of civil, criminal, administrative, and contractual law, providing a comprehensive understan...
May 20, 2024•40 min
Send us a text Fend off cyber extortionists with cutting-edge insights from our latest cyber training podcast, where Sean Gerber and I dissect the sophisticated methods to recover data from ransomware's icy grip. Inspired by a Sophos News article, we navigate through six data retrieval strategies that could save your business in a pinch, emphasizing that while there's no magic bullet, prioritizing certain file types could make all the difference in your recovery efforts. And because we...
May 16, 2024•23 min•Season 2Ep. 141
Send us a text Unlock the mysteries of cybersecurity and business continuity with me, Sean Gerber, as we navigate the treacherous waters of cyber threats, including the dark reality of ransomware's impact on our critical infrastructure. Tune in for an intricate look at the geopolitical cyber chessboard, where nations could be gearing up for digital warfare. We'll assess the fine line between cyber vandalism and an act of war, and explore how to arm yourself with knowledge and strategie...
May 13, 2024•37 min•Season 2Ep. 140
Send us a text Cybersecurity isn't just about the tech; it's about making tough calls under pressure, and this episode is your field guide to navigating those high-stakes scenarios. I'm Sean Gerber, and today we dissect not only the ins and outs of crucial security measures like multi-factor authentication—underscored by the UnitedHealthcare ransomware fiasco—but also the contentious debate surrounding ransom payments during cyber-attacks. Get ready to gain managerial insight that...
May 09, 2024•26 min
Send us a text Embark on a transformative journey into the world of cybersecurity with me, Sean Gerber, as your guide. Discover how to fortify your career foundations and traverse the evolving landscape of digital protection. Our latest episode delves into the crucial timelines for mastering cybersecurity, with a special look at Dragos' role in safeguarding operational technology—think electricity and water, the lifeblood of our community. Navigating the educational routes towards a cyberse...
May 06, 2024•39 min•Season 2Ep. 138
