Send us a text What if quantum computing could unravel today's most secure encryption methods? Discover the potential future of cryptography on the CISSP Cyber Training Podcast, as we explore the profound impact of advanced quantum capabilities on public key systems like RSA and elliptic curve algorithms. This episode breaks down the "harvest now, decrypt later" strategy, revealing how adversaries might exploit encrypted data in the future. Cybersecurity professionals will gain es...
Nov 28, 2024•20 min•Season 2Ep. 197
Send us a text Unlock the secrets of robust cybersecurity defenses as we navigate through the intricate landscape of the CISSP exam content, zeroing in on vulnerability mitigation within security architectures. Explore an eye-opening case study of the Russian GRU's audacious use of Wi-Fi networks for credential stuffing attacks, revealing the critical need for multi-factor authentication. As we dissect the complexities of these cyber-attacks, the episode promises to arm you with the knowled...
Nov 25, 2024•45 min•Season 2Ep. 196
Send us a text Ever wondered about the hidden dangers lurking in outdated systems? Join me, Sean Gerber, as we tackle the pressing issues surrounding end-of-life assets on the CISSP Cyber Training Podcast. This episode unpacks the critical risks of holding onto systems that no longer receive manufacturer support and the security implications that follow. We'll explore the fine balance between managing costs and ensuring compliance when extending the life of these aging systems, all through ...
Nov 21, 2024•15 min
Send us a text Unlock the secrets to mastering cybersecurity management with insights from Sean Gerber. How can businesses effectively handle the risks of outdated technology and safeguard their assets? Join us as we explore Domain 2.5 of the CISSP exam and unravel the complexities behind end-of-life and end-of-support for assets, a critical area for anyone aiming for exam success. Drawing on expert guidance from leading organizations like NCSC, NIST, and CISA, this episode highlights the vulner...
Nov 18, 2024•29 min
Send us a text Unlock the secrets of cybersecurity mastery as Sean Gerber unpacks the importance of CISSP certification amidst a looming gap of over 5 million unfilled cybersecurity positions by 2024. This episode promises to equip you with insights from the latest ISC² global workforce study, emphasizing the blend of technical prowess and essential soft skills employers crave, such as communication and critical thinking. Dive into expert advice on acing CISSP exam questions, especially those tr...
Nov 14, 2024•25 min•Season 2Ep. 193
Send us a text Is your organization equipped to combat the latest cybersecurity threats as we enter 2024? Join me, Sean Gerber, as we explore the critical cybersecurity issues affecting both local and international landscapes. We'll unpack the recent ransomware attacks that have disrupted essential services, ranging from the Kansas court system in the U.S. to sensitive children's court hearings in Australia. These incidents highlight the urgent need for enhanced security measures, espe...
Nov 11, 2024•42 min•Season 2Ep. 192
Send us a text Discover the hidden threats lurking in your kitchen appliances and learn why your next air fryer might be spying on you. On this episode of the CISSP Cyber Training Podcast, we unravel the alarming findings from Infosecurity Magazine about Chinese IoT devices and their potential to invade your privacy. We emphasize the critical importance of educating ourselves and others about the risks of IoT devices and the vast amounts of data they can collect. Additionally, we highlight new I...
Nov 07, 2024•19 min•Season 2Ep. 191
Send us a text Unlock the secrets of integrating security within every phase of software development as we tackle Domain 8 of the CISSP exam. Our exploration begins with a deep dive into the software development lifecycle (SDLC) and its various methodologies like Agile, Waterfall, DevOps, and DevSecOps. Through a gripping tale of a Disney World IT insider's digital manipulation, we underscore the critical importance of safeguarding systems, especially when skilled employees exit the stage. ...
Nov 04, 2024•46 min•Season 2Ep. 190
Send us a text Unlock the keys to safeguarding the future of our global supply chains as we tackle the formidable intersection of IT and OT environments in cybersecurity. Imagine the chaos if operational technology systems on ships and cranes were compromised. Discover how the notorious Maersk hack serves as a cautionary tale illustrating the potential for worldwide disruption. We introduce PrivX OT Edition, a game-changing platform ensuring secure remote access to vital systems on container shi...
Oct 31, 2024•21 min
Send us a text Ready to elevate your cybersecurity acumen and conquer the CISSP exam? Tune in to our latest episode, where we unravel the intricacies of a significant ransomware attack that exploited a supply chain vulnerability, impacting 60 US credit unions via the Citrix bleed vulnerability. This real-world scenario stresses the necessity of securing third-party relationships and maintaining a robust security posture. We shift gears to dissect Domain 7.5 of the CISSP, offering insights into e...
Oct 28, 2024•28 min•Season 2Ep. 188
Send us a text Can cheaply made smart devices compromise your security? Uncover the hidden risks of AI and hardware hacking as we explore the vulnerabilities in these devices that make them prime targets for cybercriminals. Learn how secure coding practices and proper device isolation can serve as critical defenses, and consider the implications of AI misconfigurations that could lead to remote code execution. Through engaging discussions, we shed light on the growing threat landscape and the ne...
Oct 24, 2024•24 min•Season 2Ep. 187
Send us a text Unlock the secrets to enhancing your organization's security posture by mastering the art of security audits. Tune in to discover how security audits play a pivotal role in both the CISSP exam and real-world scenarios. Through personal anecdotes and expert insights, we explore how conducting effective audits with departments like finance can transform your approach to cybersecurity. We also introduce Vuln Hunter, an innovative open-source tool showcased at the No Hat Security...
Oct 21, 2024•38 min•Season 2Ep. 186
Send us a text Unlock the secrets to mastering access control models essential for conquering the CISSP exam and advancing your cybersecurity expertise. Imagine having a comprehensive understanding of how discretionary, mandatory, role-based, risk-based, rule-based, attribute-based, and hybrid models function in various scenarios. This episode features Sean Gerber as he navigates the complex world of access control frameworks, offering insightful questions and real-world applications. Whether yo...
Oct 17, 2024•11 min•Season 2Ep. 185
Send us a text Unlock the secrets of cybersecurity in our latest episode where we promise to transform your understanding of access control mechanisms. We kick things off by dissecting the discretionary access controls (DAC) and the power dynamics behind resource ownership. Discover why assigning ownership is crucial to sidestep security pitfalls and how to tackle the double-edged sword of permission propagation and creep. We also unveil strategies for seamless security management, including the...
Oct 14, 2024•35 min•Season 2Ep. 184
Send us a text Unlock the secrets of the OSI and TCP/IP models with Sean Gerber as your guide on the CISSP Cyber Training Podcast. Ever wondered how the presentation layer manages to format and translate data seamlessly for the application layer? Or how the network layer deftly routes packets across networks? Prepare to gain a comprehensive understanding of these essential concepts, crucial for acing the CISSP exam. Plus, dive into the intriguing details of the TCP/IP model's transport laye...
Oct 10, 2024•11 min•Season 2Ep. 183
Send us a text Unlock the secrets of cybersecurity mastery with Sean Gerber as we embark on a journey through Domain 4 of the CISSP exam. Ever wondered how AI could transform the chaotic world of Security Operations Centers (SOCs)? Discover the potential of artificial intelligence to streamline alert management and enhance detection efficiency, a much-needed solution for the 60% of SOC professionals swamped by alert overload. Stay ahead of the curve by understanding the rapid rise of AI startups...
Oct 07, 2024•34 min•Season 2Ep. 182
Send us a text Crack the code of security architecture and engineering with this episode of the CISSP Cyber Training Podcast! Ever wondered how different security models apply to real-world scenarios? We'll give you the insights and knowledge you need to discuss these models confidently with senior leaders and implement robust security controls. We promise you'll walk away with a mastery of foundational models like Bell-LaPadula and Biba, essential for any cybersecurity professional. J...
Oct 03, 2024•41 min•Season 2Ep. 181
Send us a text What if your organization's security posture could withstand any cyber threat? This episode of the CISSP Cyber Training Podcast promises to equip you with actionable insights from CISSP Domain 3, emphasizing the critical principle of failing securely. We tackle the intricacies of separation of duties, zero trust, and the benefits of maintaining simplicity in your systems. Plus, I share my firsthand experience with virtual CISO roles, providing a roadmap for hiring a security ...
Sep 30, 2024•45 min•Season 2Ep. 180
Send us a text Ever wondered about the real difference between a data leak and a data breach? Join me, Sean Gerber, on the latest episode of the CISSP Cyber Training Podcast as we unpack the nuances between these two critical cybersecurity concepts. Learn how data leaks often result from human mistakes like weak passwords, while data breaches involve deliberate cyber attacks. We'll walk through different types of sensitive data—including PII, financial information, PHI, and intellectual pro...
Sep 26, 2024•20 min•Season 2Ep. 179
Send us a text Ever wondered how a TI-84 calculator can be transformed into a powerful tool for ChatGPT? Join me, Sean Gerber, on this thrilling episode of the CISSP Cyber Training Podcast as we uncover this fascinating tale and explore the evolving landscape of data security. We'll dissect the crucial elements of Domain 2.6 of the CISSP exam, from protecting data-at-rest to data-in-motion, and delve into the significance of Digital Rights Management (DRM) and Data Loss Prevention (DLP). Th...
Sep 23, 2024•37 min•Season 2Ep. 178
Send us a text How can we effectively bridge the cybersecurity skills gap and protect sensitive data in the cloud? In this action-packed episode of the CISSP Cyber Training Podcast, we kick things off by analyzing insights from a recent UK international cyber skills conference. We discuss the UK's innovative initiatives to enhance cybersecurity education and talent, including support schemes and competitions, and emphasize the importance of gaining practical experience, even through pro bon...
Sep 19, 2024•21 min
Send us a text Are you ready to uncover the secrets behind successful candidate screening and robust employment agreements in cybersecurity? Join us on this episode of the CISSP Cyber Training Podcast, where we promise to equip you with essential techniques to vet the right candidates for sensitive security roles. From structured interviews to behavioral questions and technical assessments, we cover the full spectrum of best practices. Plus, we'll discuss the critical importance of maintain...
Sep 16, 2024•40 min
Send us a text Can API gateways really be the ultimate shield against cyber threats? Prepare to uncover the secrets of API security as we dissect CISSP Domain 8.5 in this episode of the CISSP Cyber Training Podcast. We'll walk you through practice questions that decode the most common API vulnerabilities and why denial of service isn't always the primary threat. Discover how an API gateway centralizes security and learn about essential authentication mechanisms like OAuth for secure to...
Sep 12, 2024•16 min•Season 2Ep. 175
Send us a text Want to stay ahead in the rapidly evolving world of IT? Join Sean Gerber on the CISSP Cyber Training Podcast as he discusses the essential skills you need to thrive in this dynamic field. You'll get a personal peek into Sean's consulting career and his family business ventures before diving into the nuts and bolts of Domain 8.5 with a focus on Application Programming Interfaces (APIs). Learn how APIs serve as the backbone of modern software applications, facilitating sea...
Sep 09, 2024•41 min•Season 2Ep. 174
Send us a text Unlock the secrets to safeguarding your organization's most sensitive data and enhance your cybersecurity acumen. Join us on the CISSP Cyber Training Podcast as I, Sean Gerber, break down the critical importance of managing secrets within popular collaboration tools like Slack, Jira, and Confluence. Discover practical methods such as real-time monitoring and swift remediation to secure API keys and encryption tokens. Learn how fostering a culture of security awareness through...
Sep 05, 2024•19 min•Season 2Ep. 173
Send us a text What if AI could be your company's best asset—and its biggest risk? Join me, Sean Gerber, on this enlightening episode of the CISSP Cyber Training Podcast, where we journey through the essentials of cybersecurity with a particular focus on media protection techniques from Domain 7.5 of the CISSP ISC² training manual. We’ll also navigate the secure-by-design principles crucial in the age of artificial intelligence. With AI transforming large enterprises, I’ll share eye-opening...
Sep 02, 2024•31 min•Season 2Ep. 172
Send us a text Unlock the secrets to mastering the CISSP exam and bolster your cybersecurity prowess with Sean Gerber in this action-packed episode of the CISSP Cyber Training Podcast! Ever wondered which assessment type is crucial for ensuring ISO 27001 compliance? Discover why internal audits are the gold standard. We'll also cover the key considerations for selecting the right security assessment for your organization, focusing on the pivotal role of aligning with your risk profile and a...
Aug 29, 2024•17 min•Season 2Ep. 171
Send us a text Ever wondered how to ensure your organization's cybersecurity measures meet international standards? Join us for an action-packed episode as we unpack Domain 6.5 of the CISSP exam, exploring crucial assessments, tests, and audit strategies every cybersecurity professional should master. Learn the importance of choosing a consistent framework like ISO 27001 or the NIST Cybersecurity Framework to steer your audit processes. We'll dive into internal and external audits and ...
Aug 26, 2024•41 min•Season 2Ep. 170
Send us a text Can quantum computing break your encryption overnight? Discover the profound impact of this emerging technology on cybersecurity as we decode the recently introduced FIPS 203, 204, and 205 standards. Join me, Sean Gerber, on this week's electrifying episode of the CISSP Cyber Training Podcast to understand how the US government is preemptively tackling "harvest now, decrypt later" threats. Learn why these standards are crucial for federal entities and contractors an...
Aug 22, 2024•19 min•Season 2Ep. 169
Send us a text What would you do if your social security number was compromised in a massive data breach affecting billions? In our latest episode of the CISSP Cyber Training Podcast, we unpack the alarming reality of a recent breach that exposed the personal records of 3 billion people. We provide critical advice on how to protect yourself using tools like "Have I Been Pwned," setting up credit freezes, and enabling multi-factor authentication. It's not just about safeguarding yo...
Aug 19, 2024•41 min•Season 2Ep. 168
