In episode 182 of Cybersecurity Where You Are, Sean Atkinson sits down with Brian Calkin , Chief Technology and Innovation Officer at the Center for Internet Security® (CIS®). Together, they discuss how organizations can strike a balance on their journeys of artificial intelligence (AI) adoption. Here are some highlights from our episode: 00:39 . Introductions to Brian 01:06 . The risk of overbuilding governance when introducing an AI strategy 02:36 . Unknowns, data concerns, and other commonali...
Apr 08, 2026•33 min•Ep. 182
In episode 181 of Cybersecurity Where You Are, Tony Sager sits down with Vilius Benetis , Director of NRD Cyber Security. Together, they discuss how Vilius applies his expertise as a CIS Critical Security Controls® (CIS Controls®) Ambassador to help to cultivate supply and demand for growing cybersecurity ecosystems around the world. Here are some highlights from our episode: 01:11 . Introductions to Vilius and recollections of how he met Tony for the first time 02:06 . The CIS Controls as a rea...
Apr 01, 2026•46 min•Ep. 181
In episode 180 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager sit down with Stephen Thomas , SVP of Sales and Business Services at the Center for Internet Security® (CIS®), and Nick Rust , Director of Distribution at CIS. Together, they discuss how CIS supports secure by design by integrating it into operational practices. Here are some highlights from our episode: 00:48 . Introductions to Stephen and Nick 02:20 . The need to connect development and operational environments 07:31 ....
Mar 25, 2026•40 min•Ep. 180
In episode 179 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager conclude their discussion of 2026 cybersecurity predictions from seven CIS experts, as shared on the CIS website . Here are some highlights from our episode: 01:09 . How threat actors' adoption of Agentic AI is reshaping the defender's dilemma 06:28 . Public confidence: The primary focus for attackers seeking to undermine U.S. elections 10:43 . The surge in threat actors targeting operational technology and critical infr...
Mar 18, 2026•54 min•Ep. 179
In episode 178 of Cybersecurity Where You Are, Sean Atkinson sits down with Theodore "TJ" Sayers, Senior Director of Threat Intelligence at the Center for Internet Security® (CIS®). Together, they discuss how to mount an appropriate defense to Iranian threat activity observed in February and March 2026. Here are some highlights from our episode: 00:58 . Iran's historical tit-for-tat style of cyber operations 02:50 . Regional targets: A primary focus of Iran's state-sponsored threat actors 04:05 ...
Mar 11, 2026•34 min•Ep. 178
In episode 177 of Cybersecurity Where You Are, Tony Sager sits down with Bob Gendler , IT Specialist at the National Institute of Standards and Technology (NIST), and Edward Byrd , Senior Cybersecurity Engineer of the CIS Benchmarks® at the Center for Internet Security® (CIS®). Together, they use the open-source macOS Security Compliance Project to discuss the power of community-developed security content. Here are some highlights from our episode: 01:15 . Introductions to Bob and Edward along w...
Mar 04, 2026•38 min•Ep. 177
In episode 176 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager sit down with Brock Boggs, Director of Technology at Cityscape Schools and Multi-State Information Sharing and Analysis Center® (MS-ISAC®) member , and Maureen Kunac, Senior Product Manager at the Center for Internet Security® (CIS®). Together, they discuss Brock's story of using incremental wins to advance his organization on its cybersecurity journey. Here are some highlights from our episode: 02:10 . Getting started m...
Feb 25, 2026•36 min•Ep. 176
In episode 175 of Cybersecurity Where You Are, Tony Sager sits down with Phil Reitinger, Chair and Senior Advisor of Global Cyber Alliance. Together, they look back on Phil's career and his dedication to exploring how to practically solve cyber problems at scale. Here are some highlights from our episode: 00:57 . How Phil got started in cybersecurity during the "infosec" era 04:51 . Old wine in new bottles: trust exploitation, authentication failures, and update challenges 06:14 . The lack of po...
Feb 18, 2026•34 min•Ep. 175
In episode 174 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager sit down with Kyle Leonard, Cyber Threat Intelligence Analyst at the Center for Internet Security® (CIS®), and Randy Rose, VP of Security Operations & Intelligence at CIS. Together, they continue their discussion of 2026 cybersecurity predictions from seven CIS experts, as shared on the CIS website . Here are some highlights from our episode: 02:00 . How cross-platform campaigns are becoming the norm 03:09 . Threat a...
Feb 11, 2026•39 min•Ep. 174
In episode 173 of Cybersecurity Where You Are, Sean Atkinson is joined by Roger Grimes , CISO Advisor at KnowBe4. Together, they discuss "scammer jousting," a term coined by Tony Sager which describes empowering organizations to manage human risk using simulated phishing. Here are some highlights from our episode: 01:05 . How simulated phishing and scammer jousting manage human risk 03:48 . The shift in perception of security awareness training over the past 20 years 06:19 . The need for testing...
Feb 04, 2026•34 min•Ep. 173
In episode 172 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager sit down with Chirag Arora , Cyber Security Executive Advisor and CISO at Dorf Nelson & Zauderer LLP. Together, they discuss how Chirag draws upon his experience as a CISO and his community work as a CIS Critical Security Controls® (CIS Controls®) Ambassador to help other CISOs with their cybersecurity programs. Here are some highlights from our episode: 00:51 . Introduction to Chirag and the early years of his work ...
Jan 28, 2026•34 min•Ep. 172
In episode 171 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager sit down with Soledad Antelada Toledano , Security Advisor, Office of the CISO, Google Cloud at Google. Together, they discuss securing critical national infrastructure (CNI) in U.S. State, Local, Tribal, and Territorial (SLTT) government organizations through artificial intelligence (AI) adoption. Here are some highlights from our episode: 00:50 . Introduction to Soledad 02:48 . How the convergence of informational tech...
Jan 21, 2026•37 min•Ep. 171
In Episode 170 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager sit down with Douglas Holland , Senior Solutions Engineer at Akamai Technologies . Together, they discuss how U.S. State, Local, Tribal, and Territorial (SLTT) government organizations can increase their visibility to obstruct the attack attempts of Typhoon advanced persistent threat (APT) groups. Here are some highlights from our episode: 00:49 . Introduction to Douglas 02:16 . How Typhoon APTs are using trusted tools t...
Jan 14, 2026•35 min•Ep. 170
In Episode 169 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager begin their discussion of 2026 cybersecurity predictions from seven experts at the Center for Internet Security® (CIS®), as shared on the CIS website . Here are some highlights from our episode: 01:05 . The impact and promise of artificial intelligence on cyber defense 05:37 . Collective action as an answer to the constraints facing the "cyber-underserved" 12:52 . Zero trust and security best practices as functions of ma...
Jan 07, 2026•40 min•Ep. 169
In Episode 168 of Cybersecurity Where You Are, Tony Sager sits down with Tony Rutkowski, one of the CIS Critical Security Controls® (CIS Controls®) Ambassadors of the Center for Internet Security® (CIS®). Together, they discuss what Tony Rutkowski has learned in his efforts to institutionalize good cybersecurity ideas like the CIS Controls. Here are some highlights from our episode: 01:48 . Introductions to Tony Rutkowski and his career in technology 06:06 . The evolution of the CIS Controls and...
Dec 31, 2025•38 min•Ep. 168
In Episode 167 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager sit down with Kelley Misata, Ph.D. , Chief Trailblazer and Founder at Sightline Security. Together, they discuss how volunteers constitute a critical cybersecurity resource for the Center for Internet Security® (CIS®). Along the way, they explore the nature of volunteerism, the role of volunteers at CIS, and how CIS is looking to mature its engagement with volunteers going forward. Here are some highlights from our episo...
Dec 24, 2025•42 min•Ep. 167
In Episode 166 of Cybersecurity Where You Are, Sean Atkinson sits down with Tyler Moore, Ph.D. , Chair of Cyber Studies at the University of Tulsa, and Daniel Woods , Lecturer at the University of Edinburgh. Together, they review the foundations of actuarial science in cyber risk. Here are some highlights from our episode: 00:48 . Introductions to Tyler and Daniel 01:22 . How actuarial science fits into a traditional approach of risk modeling 02:20 . Why cyber risk has historically been difficul...
Dec 17, 2025•41 min•Ep. 166
In Episode 165 of Cybersecurity Where You Are, Tony Sager sits down with Valecia Stocchetti, Senior Cybersecurity Engineer at the Center for Internet Security® (CIS®), and Charity Otwell , Director of Critical Security Controls at CIS. Together, they take an in-depth look at implementing the CIS Critical Security Controls® (CIS Controls®) , including what you need to know to begin your own CIS Controls implementation efforts. Here are some highlights from our episode: 00:53 . Introductions to Va...
Dec 10, 2025•52 min•Ep. 165
In Episode 164 of Cybersecurity Where You Are, Tony Sager sits down with Curt Dukes , EVP and General Manager of Security Best Practices at the Center for Internet Security® (CIS®), and Steve Lipner , Executive Director of SAFECode.org . Together, they explore the evolution of secure software development and why secure by design is critical for reducing risk in today’s complex environments. Here are some highlights from our episode: 01:08 . Introductions to Curt and Steve 04.01 . The historical ...
Dec 03, 2025•45 min•Ep. 164
In Episode 163 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager sit down with Brock Boggs , Director of Technology at Cityscape Schools, and Maureen Kunac, Senior Product Manager at the Center for Internet Security® (CIS®). They dive into the realities and challenges of K-12 cybersecurity, including limited budgets, small teams, and growing threats. Brock shares how a ransomware incident at a neighboring school district and new state requirements pushed his district to take K-12 cybe...
Nov 26, 2025•41 min•Ep. 163
In Episode 162 of Cybersecurity Where You Are, Tony Sager sits down with Tina Williams-Koroma , Founder and CEO of TCecure, LLC and CyDeploy, Inc . Together, they discuss why "cyber insecurity is not inevitable" and how organizations can take a managed approach to attack surface management. Along the way, Tina shares her journey from software development to cybersecurity entrepreneurship and explains why proactive measures like hardening systems and automating patching are critical for reducing ...
Nov 19, 2025•41 min•Ep. 162
In Episode 161 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Mishal Makshood , Azure Partner Alliance Manager at the Center for Internet Security® (CIS®), and David Kalish , Sr. Cybersecurity Solutions Engineer at CIS. Together, they explore how CIS Hardened Images® help to secure cloud environments and strengthen critical national infrastructure (CNI) resilience through collaboration. Mishal and David explain how these virtual machine images, which are pre-configure...
Nov 12, 2025•38 min•Ep. 161
In Episode 160 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager sit down with Alan Watkins , CIS Controls Ambassador, to explore how the CIS Critical Security Controls® (CIS Controls®) empower small and medium-sized enterprises (SMEs) to build practical, scalable cybersecurity programs. Alan shares his journey from law enforcement to IT leadership in the City of San Diego and how his passion for supporting SME security led him to become a champion of the CIS Controls. The episode hig...
Nov 05, 2025•34 min•Ep. 160
In episode 159 of Cybersecurity Where You Are, Sean Atkinson is joined by Joshua Palsgraf , Sr. Cyber Threat Intelligence Analyst at the Center for Internet Security® (CIS®), and Randy Rose, Vice President of Security Operations & Intelligence at CIS. Together, they dive into the scariest malware of 2025 in this special Halloween edition. The conversation explores what makes today’s malware truly terrifying, from stealthy threats that hide in plain sight to modular malware that evolves faste...
Oct 29, 2025•35 min•Ep. 159
In episode 158 of Cybersecurity Where You Are, Sean Atkinson is joined by Andy Weidner , Product Manager at Nerdio, and Jason Ingalls , Chief Cybersecurity Officer at C3 Integrated Solutions. Together, they explore how organizations can navigate the complexities of Cybersecurity Maturity Model Certification (CMMC) compliance using automation, scalable infrastructure, and hardened cloud environments. The conversation dives into the challenges faced by managed service providers (MSPs) and defense ...
Oct 22, 2025•32 min•Ep. 158
In episode 157 of Cybersecurity Where You Are, Sean Atkinson sits down with Matthew Grieco , Cyber Incident Response Team (CIRT) Principal Analyst at the Center for Internet Security® (CIS®), and Dustin Cox, CIRT Analyst at CIS. Together, they explore the unpredictable world of cyber incident response. From ransomware investigations to digital forensics, the team shares how they adapt to evolving threats, leverage open-source tools, and collaborate to support state and local governments. The con...
Oct 15, 2025•39 min•Ep. 157
In episode 156 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Stephanie Gass, Sr. Director of Information Security at Center for Internet Security® (CIS®), and Angelo Marcotullio , Chief Information Officer at CIS. Together, they explore how CIS practices what it preaches by using CIS products and services internally, which includes implementation of the CIS Critical Security Controls® (CIS Controls®) and CIS Benchmarks®, automation, and alignment to compliance framew...
Oct 08, 2025•37 min•Ep. 156
In episode 155 of Cybersecurity Where You Are, Tony Sager is joined by John Gilligan , President and Chief Executive Officer (CEO) of the Center for Internet Security® (CIS®). Together, they reflect on 25 years of progress for CIS and look ahead to the future. They explore the driving forces behind "CIS 2.0," including the shift toward addressing multidimensional threats, expanding CIS’s audience, and leveraging tools driven by generative artificial intelligence (GenAI). Their discussion highlig...
Oct 01, 2025•43 min•Ep. 155
In episode 154 of Cybersecurity Where You Are, Sean Atkinson discusses incident response in DevSecOps, exploring challenges and solutions in modern software development. He emphasizes the importance of integrating security into development processes and speaks about common issues like alert fatigue and software supply chain vulnerabilities. Here are some highlights from our episode: 01:32 . Common challenges with modern software development 03:54 . High-speed and continuous deployment 07:08 . In...
Sep 24, 2025•33 min•Ep. 154
In episode 153 of Cybersecurity Where You Are, Sean Atkinson is joined by Jason Ashong , IT Support Specialist at the Center for Internet Security® (CIS®). Jason shares his journey from tinkering with tech as a kid to working in IT and pursuing cybersecurity research. The conversation covers education, mentorship, hands-on experience, and advice for newcomers entering the field. Here are some highlights from our episode: 01:10 . Jason’s early days in IT of fixing devices and breaking things to l...
Sep 17, 2025•37 min•Ep. 153
