In episode 62 of Cybersecurity Where You Are, co-host Sean Atkinson sits down with Chris Elgee, Senior Security Analyst at Counter Hack; and Erik Pursley, Technical Engineer at Counter Hack. Together, they discuss the "spidey sense" that goes into being a penetration tester. They reflect on key skills and certifications that help to make a successful pentester, review some of the methodologies that go into pentesting, and consider how specialization might be inevitable in an evolving technology ...
Aug 18, 2023•49 min•Ep. 62
In episode 61 of Cybersecurity Where You Are, co-hosts Sean Atkinson and Tony Sager are joined by Stephanie Gass, Director of Governance, Risk, and Compliance. Together, they discuss the components of an effective cybersecurity risk governance program. They explore how to represent technical security questions to others, how to overcome challenges associated with changing the way a company makes decisions related to risk, and how culture plays into these types of shifts. They also reflect on how...
Aug 04, 2023•48 min•Ep. 61
In episode 60 of Cybersecurity Where You Are, co-host Sean Atkinson is joined by Kathleen Moriarty, CTO at the Center for Internet Security (CIS); Ben Carter, Internet of Things (IoT) specialist at CIS; and Kaitlin Drape, Research and Innovation Process Lead at CIS. Together, they discuss a white paper they recently released that guides IoT vendors on how to build security into their products by default and by design. Kathleen, Ben, and Kaitlin begin by reflecting on why they created such a docu...
Jul 21, 2023•40 min•Ep. 60
In episode 59 of Cybersecurity Where You Are, co-hosts Sean Atkinson and Tony Sager are joined by Ed Skoudis, founder of the SANS Penetration Testing Curriculum and Counter Hack. Together, they discuss the value of penetration testing – all while CIS as an organization is undergoing a pentest! They begin by considering the historical perspective of pentests. (In Tony's words, "the foundational perspective for testing back then was to create drama.") They then reflect on how penetration tests exc...
Jul 07, 2023•55 min•Ep. 59
In episode 58 of Cybersecurity Where You Are, co-host Sean Atkinson is joined by more than a dozen Center for Internet Security (CIS) employees during the company's 2023 Full Staff Meeting at the Sagamore Resort. Together, they discuss the collaborative nature of CIS's award-winning workplace culture. Using the Full Staff Meeting as a lens, each employee reflects on the importance of an annual in-person meeting for all employees. Their responses highlight how colleagues, teams, and business unit...
Jun 23, 2023•35 min•Ep. 58
In episode 57 of Cybersecurity Where You Are, co-hosts Sean Atkinson and Tony Sager are joined by the following guests: William Pelgrin, Founder and Former Chair of the MS-ISAC; Thomas Duffy, Former Senior VP Of Operations and Services at the MS-ISAC; and Karen Sorady, VP of MS-ISAC Stakeholder Engagement Division. Together, they celebrate the 20th anniversary of the Multi-State Information Sharing and Analysis Center (MS-ISAC). They look back on the past two decades and reminisce on pivotal mom...
Jun 09, 2023•1 hr 24 min•Ep. 57
In episode 56 of Cybersecurity Where You Are, co-host Sean Atkinson is joined by Dr. Paulo Shakarian, Associate Professor at the School of Computing, Informatics, and Decision Systems Engineering (CIDSE) at Arizona State University. Together, they discuss the cybersecurity implications of large language models (LLMs) like ChatGPT-3. They first look back on how deep learning has enabled machine learning (ML) and artificial intelligence (AI) to reach new levels of accuracy. Next, they discuss how ...
May 26, 2023•51 min•Ep. 56
In episode 55 of Cybersecurity Where You Are, co-host Sean Atkinson speaks with experts in attendance at RSA Conference 2023. He asks nearly a dozen different attendees to share their impressions of the event. They explain how someone can get the most out of being at RSA and what made this year's conference stand out compared to previous years. (Spoiler alert: "AI" as a buzzword was everywhere.) They also discuss just some of the different topics you can learn about at RSA, such as the opportuni...
May 12, 2023•39 min•Ep. 55
In episode 54 of Cybersecurity Where You Are, co-host Sean Atkinson addresses how to get started in cybersecurity. He begins by looking at the different types of hard skills and soft skills that form the foundation of any cybersecurity career. Next, he draws upon his expertise to offer advice around certifications, learning a programming language, using a training provider, and building a portfolio. He also shares key insights into how you can make cybersecurity a rewarding career choice for yea...
Apr 28, 2023•42 min•Ep. 54
In episode 53 of Cybersecurity Where You Are, co-host Tony Sager is joined by Ron Gula, President and Co-Founder of Gula Tech Foundation. Together, they acknowledge Autism and Neurodiversity Awareness Month by discussing the need to create more opportunities in cybersecurity for neurodiverse individuals. They point out that there's no one way for all employers and supervisors to support employees with different abilities. It's up to the employers and supervisors to decide where those efforts fit...
Apr 14, 2023•39 min•Ep. 53
In episode 52 of Cybersecurity Where You Are, co-hosts Sean Atkinson and Tony Sager discuss RSA Conference 2023. Together, they point out that the annual conference is more than just a trade show. They use that lens to identify some tips and tricks that attendees can use to get the most out of their time there. Additionally, they discuss what themes and activities you can expect to see at RSA Conference 2023. Their conversation ends with a teaser of Sean's talk at the event. Resources A CISO's B...
Mar 31, 2023•45 min•Ep. 52
In episode 51 of Cybersecurity Where You Are, co-hosts Sean Atkinson and Tony Sager discuss the strategic importance of using a roadmap to navigate your cybersecurity journey. Together, they point out that this journey is like many others. You need to know how to get packing, plan your route, hit the road, and take a snapshot of how far you've come and where you're going next. Sean and Tony identify some important considerations to keep in mind for each leg of your trip, and they note that the C...
Mar 15, 2023•1 hr 1 min•Ep. 51
In episode 50 of Cybersecurity Where You Are, co-hosts Sean Atkinson and Tony Sager are joined by Randy Rose, Sr. Director of Security Operations & Intel for the MS-ISAC, and Kathleen Moriarty, Chief Technology Officer at CIS. Together, they celebrate Cybersecurity Where You Are reaching Episode 50. To mark this milestone, they look back on some of their favorite moments in the podcast's history. They also share how those moments tie back not only to the maturation of the podcast but also to...
Mar 03, 2023•47 min•Ep. 50
In episode 49 of Cybersecurity Where You Are, co-hosts Tony Sager and Sean Atkinson discuss artificial intelligence (AI) and cybersecurity. The two review the relationship, specifically how AI and cybersecurity meet, enhance each other, and ways AI could be a detriment. Resources: Episode 48: 3 Trends to Watch in the Cybersecurity Industry LinkedIn Poll: What topic are you interested in learning more about?...
Feb 17, 2023•49 min•Ep. 49
In episode 48 of Cybersecurity Where You Are, co-host Sean Atkinson introduces three trends within the cybersecurity industry that we'll discuss in upcoming episodes. He first touches on how new developments in artificial intelligence, particularly ChatGPT, might affect cybersecurity processes like incident response. Next, Sean reflects on what widespread layoffs in big tech mean for cybersecurity, especially when set against an ongoing cybersecurity skills gap. Finally, he provides an overview ...
Feb 03, 2023•27 min•Ep. 48
In episode 47 of Cybersecurity Where You Are, co-host Sean Atkinson is joined by Sawyer Miller, Senior Manager of Cyber Risk at risk3sixty LLC. Together, they discuss security and compliance. Their discussion explores various ways that security and compliance can align even though they are different business considerations. (Spoiler alert: risk and balance are key.) Sean and Sawyer also touch on how evolving technologies and threats are changing our understanding of security and compliance. They...
Jan 06, 2023•52 min•Ep. 47
In episode 46 of Cybersecurity Where You Are, co-hosts Sean Atkinson and Tony Sager discuss their cybersecurity predictions for 2023 along with those from a few other CIS experts. "Integration" is the word of the day for their conversation. Sean and Tony feel that this concept will shape how we measure the progress of cybersecurity in a number of areas, from managing vendor risk management in the open-source landscape to promoting meaningful discussions about security. Resources Our Experts' Top...
Dec 30, 2022•55 min•Ep. 46
In episode 45 of Cybersecurity Where You Are, co-hosts Sean Atkinson and Tony Sager are joined by Valecia Stocchetti who is a Sr. Cybersecurity Engineer on the CIS Critical Security Controls team here at CIS. Valecia and Sean discuss how their mentorship took shape and how it worked as a partnership from the very beginning. Together with Tony, they go over mentorship vs. career counseling and note that a vetting process can help you spot the difference. They conclude by exploring why it's import...
Dec 16, 2022•43 min•Ep. 47
In episode 44 of Cybersecurity Where You Are, co-host Sean Atkinson is joined by Scott Hall, Security Architect at the Center for Internet Security (CIS). Together, they identify resources and buy-in as some of the key elements for implementing a zero trust framework. So begins a journey that evolves with your organization's changing business processes and functions. To be successful, it's important to accept that you'll always be tweaking things to fit your needs. It's also invaluable to take a...
Dec 02, 2022•59 min•Ep. 44
In episode 43 of Cybersecurity Where You Are, co-hosts Sean Atkinson and Tony Sager are joined by Amanda Flynn, Manager of Admin Services and Board Relations at the Center for Internet Security (CIS), and Elijah Cedeno, Sr. Account Management Specialist at CIS. Together, they discuss the work of CIS CARES, a CIS program that gives back to the community every year through campaigns focused on community, animals, resource conservation, and education. Their conversation looks back at the evolution ...
Nov 18, 2022•25 min•Ep. 43
In episode 42 of Cybersecurity Where You Are, co-host Sean Atkinson is joined by Mat Everman, Information Security Operations Manager at the Center for Internet Security (CIS). Together, they discuss the topic of advocating for the underserved. Both agree that there's no silver bullet that a person or business can use to minimize all cyber risk. In the absence of a cure-all solution, however, there are opportunities for improving the security maturity of the underserved more broadly. This proces...
Oct 28, 2022•54 min•Ep. 42
In episode 41 of Cybersecurity Where You Are, co-host Sean Atkinson is joined by Valecia Stocchetti, Sr. Cybersecurity Engineer of the CIS Critical Security Controls (CIS Controls); Megan Stifel, Chief Strategy Officer for the Institute for Security and Technology; and Davis Hake, Co-Founder and Vice President of Policy at Resilience Insurance. Together, they discuss their collaboration as members of the Ransomware Task Force to create the "Blueprint for Ransomware Defense." After situating this...
Oct 21, 2022•43 min•Ep. 41
In episode 40 of Cybersecurity Where You Are, co-host Tony Sager is joined by Murray Kenyon, Vice Cybersecurity Partnerships Executive at U.S. Bank. Together, they discuss the human dimension of cybersecurity, that is, bringing people with different talents together to understand common problems and help both organizations and individuals make informed choices. This is the philosophy behind Cybersecurity Awareness Month, an initiative which Kenyon helps organize as a Board member of the National...
Oct 07, 2022•41 min•Ep. 42
In episode 39 of Cybersecurity Where You Are, CIS's Chief Information Security Officer Sean Atkinson discusses the importance of scaling in relation to cybersecurity. A business needs to be able to manage growth without risking security, while also managing security without hindering growth. Atkinson offers guidance on how to go about this and highlights the benefits organizations will see when scaling their cybersecurity strategy. Resources How to Scale Cybersecurity for Your Business Jumpstart...
Sep 16, 2022•45 min•Ep. 39
In episode 38 of Cybersecurity Where You Are, co-host Sean Atkinson is joined by Theodore "TJ" Sayers, Manager of the Cyber Threat Intelligence (CTI) team at the Multi-State and Elections Infrastructure Information Sharing and Analysis Centers (MS-ISAC and EI-ISAC), and Aaron Zaleski, Sr. Cyber Incident Response Team Analyst at the MS-ISAC. Together, they discuss how the cyber threat landscape is changing. Some cyber threat actors (CTAs) are now writing their payloads in different programming la...
Sep 02, 2022•33 min•Ep. 38
In episode 37 of Cybersecurity Where You Are, co-hosts Tony Sager and Sean Atkinson are joined by Carlos Kizzee, SVP of CIS Stakeholder Engagement Operations at the Multi-State Information Sharing and Analysis Center (MS-ISAC). Together, they discuss how the 15th Annual ISAC Meeting – held recently in Baltimore – gives an opportunity for representatives of U.S. State, Local, Tribal, and Territorial (SLTT) government organizations to network, share best practices, and learn from one another's exp...
Aug 19, 2022•23 min•Ep. 37
In episode 36 of Cybersecurity Where You Are, co-host Sean Atkinson is joined by Marci Andino, Sr. Director of the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC), and Trevor Timmons, EI-ISAC Executive Committee Chair and Chief Information Officer at Colorado Department of State. Together, they discuss Cyber STRONG, a campaign launched by the EI-ISAC that encourages election officials to take decisive and deliberate steps towards improving their cybersecurity posture. ...
Aug 05, 2022•41 min•Ep. 36
In episode 35 of Cybersecurity Where You Are, co-hosts Tony Sager and Sean Atkinson are joined by Bobbie Stempfley, Board Chair at the Center for Internet Security (CIS). Together, they remember the late Alan Paller, a CIS co-founder and former Board member. Each of them recalls when they first met Alan, and exchange stories of how his passion for bringing people together and solving big challenges helped change their lives, drive CIS's mission, and reshape the cybersecurity industry. Resources ...
Jul 15, 2022•41 min•Ep. 35
In episode 34 of Cybersecurity Where You Are, co-host Sean Atkinson and Chris Elgee, a senior security analyst and Core NetWars Tournament design lead for Counter Hack, look back at how Hollywood has portrayed hacking over the years. They cover long-standing crowd favorites like Hackers, Sneakers, and Mr. Robot along with some lesser-known gems. The overarching trend? Viewers are getting more computer-literate, so the way in which Hollywood portrays hacking is evolving in a way that not only sat...
Jul 08, 2022•46 min•Ep. 34
In episode 33 of Cybersecurity Where You Are, co-host Sean Atkinson and Ben Carter, IoT Specialist for CIS’s Chief Technology Officer, discuss the need to secure IoT devices at the vendor level. This is impossible without taking a high-level view and ensuring that all protocols used by IoT devices and vendors are taken into account. Only by ensuring security by design can organizations in healthcare, manufacturing, government, and other sectors accomplish security at scale for IoT management – a...
Jun 27, 2022•38 min•Ep. 33
