In episode 122 of Cybersecurity Where You Are, Sean Atkinson is joined by Rian Davis , Associate Hybrid Threat Intelligence Analyst at the Center for Internet Security® (CIS®); and Timothy Davis, Lead Cyber Threat Intelligence (CTI) Analyst at CIS. Together, they discuss security and utility considerations surrounding the DeepSeek AI model. Here are some highlights from our episode: 01:31 . What enterprises and individuals can do before they start deploying foreign-developed, open-source large l...
Feb 12, 2025•37 min•Ep. 122
In episode 121 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Tyler Moore, Ph.D. , Chair of Cyber Studies at the University of Tulsa. Together, they discuss the role of economics in cyber risk quantification and cybersecurity decision-making. Here are some highlights from our episode: 01:55 . How incentives, market failures, and other economic principles intersect with cybersecurity 08:39 . A model of translating shared information as a way to capture complexity in cy...
Feb 05, 2025•41 min•Ep. 121
In episode 120 of Cybersecurity Where You Are, Sean Atkinson explores how contextual awareness of generative artificial intelligence (GenAI) deployment in the business creates a foundation for AI governance strategy. Here are some highlights from our episode: 01:58 . Why specificity is important when we use the term "AI" in the governance space 04:10 . Two AI distributions and how contextual function varies between them 13:52 . The importance of engagement and asking the right questions 18:28 . ...
Jan 29, 2025•32 min•Ep. 120
In episode 119 of Cybersecurity Where You Are, Sean Atkinson is joined by John Cohen , Executive Director of Countering Hybrid Threats at the Center for Internet Security® (CIS®). Together, they discuss the importance and provide examples of multidimensional threat defense as a means of securing large events. Here are some highlights from our episode: 01:42 . An overview of the multidimensional threat landscape from 2024 going into 2025 07:00 . The shift to multidimensional threat analysis in cr...
Jan 22, 2025•35 min•Ep. 119
In episode 118 of Cybersecurity Where You Are, Sean Atkinson is joined by Andy Smith , Security Architect for BP and Instructor at the SANS Institute. Together, they review the state of post-quantum cryptography as well as share recommendations for how organizations and individuals can prepare to move into the post-quantum era. Here are some highlights from our episode: 02:55 . What post-quantum cryptography is and why we need to pay attention 04:11 . The impact of a cryptographically relevant q...
Jan 15, 2025•37 min•Ep. 118
In episode 117 of Cybersecurity Where You Are, Sean Atkinson reflects on the 2025 cybersecurity predictions of 12 experts at the Center for Internet Security® (CIS®), as shared on the CIS website . Here are some highlights from our episode: 01:40 . Artificial intelligence (AI) as a means for crafting higher quality phishing emails 04:24 . Zero trust with identity as a catalyst in 2025 07:55 . A governance focus for K-12 school districts 12:37 . Secure by design as part of the DNA of IT departmen...
Jan 08, 2025•34 min•Ep. 117
In episode 116 of Cybersecurity Where You Are, Sean Atkinson discusses the threat of AI-enhanced ransomware along with the use of generative artificial intelligence (GenAI) to defend against it. Here are some highlights from our episode: 02:10 . How AI in the cybersecurity space has advanced over the past few years 05:12 . Why cybercriminals are incorporating artificial intelligence into their attacks 19:24 . The application of AI in various stages of a ransomware attack 26:10 . How AI can infor...
Jan 01, 2025•34 min•Ep. 116
In episode 115 of Cybersecurity Where You Are, Sean Atkinson is joined by Carolyn Comer , Chief Human Resources Officer at the Center for Internet Security® (CIS®); Heidi Gonzalez , Sr. Employee Experience Specialist at CIS; and Jennifer Myers, Sr. Director of Learning and Development at CIS. With an in-person holiday open house and office party as their backdrop, they celebrate the continuous feedback that sustains and grows the employee culture at CIS. Here are some highlights from our episode...
Dec 25, 2024•32 min•Ep. 115
In episode 114 of Cybersecurity Where You Are, Tony Sager is joined by three past and current Board Chairs of the Center for Internet Security® (CIS®): Frank Reeder , CIS Director Emeritus and Founding Chair as well as Director of the National Cybersecurity Scholarship Foundation; John Gilligan , President and Chief Executive Officer of CIS; and Bobbie Stempfley , CIS Board Chair and Business Security Officer of the Infrastructure Solutions Group at Dell Technologies. Together, they reflect on 2...
Dec 18, 2024•49 min•Ep. 114
In episode 113 of Cybersecurity Where You Are, Tony Sager is joined by Phyllis Lee , VP of SBP Content Development at the Center for Internet Security® (CIS®); Adam Bobrow , Co-Founder and President of Veribo Analytics; and Sridevi Joshi , Co-Founder and CEO of Veribo Analytics. Together, they discuss how the Business Impact Analysis tool created by CIS and Veribo Analytics empowers individuals and organizations to use cyber risk prioritization as a basis for their ransomware defense strategy. H...
Dec 11, 2024•41 min•Ep. 113
In episode 112 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Rob T. Lee , Chief of Research and Head of Faculty at SANS Institute. Together, they discuss how SANS Institute applies an operational or "do" model of leadership to gather expertise, build shared purpose, and foster action on evolving cybersecurity trends. Here are some highlights from our episode: 05:47 . How Rob ended up teaching at SANS Institute 08:49 . Rob's first experience meeting and working with t...
Dec 04, 2024•47 min•Ep. 112
In episode 111 of Cybersecurity Where You Are, Tony Sager is joined by Rick Howard, N2K Chief Security Officer and the Chief Analyst and Senior Fellow at The Cyberwire. Together, they discuss a first principle of cybersecurity proposed by Rick in his book, Cybersecurity First Principles: A Reboot of Strategy and Tactics . Here are some highlights from our episode: 04:30 . What drove the need to formulate a foundational cybersecurity assumption 07:44 . How other "first" principles of cybersecurit...
Nov 27, 2024•47 min•Ep. 111
In episode 110 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Lee Noriega , Executive Director of the Cybersecurity Services Organization and Acting General Manager of Sales and Business Services at the Center for Internet Security® (CIS®); and Jerry Gitchel , founder of Leverage Unlimited and listener to Cybersecurity Where You Are. Together, they examine a question sent in by Jerry: if a corporate culture is lacking, can a security culture exist? Here are some highl...
Nov 20, 2024•42 min•Ep. 110
In episode 109 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Randy Rose, VP of Security Operations & Intelligence at the Center for Internet Security® (CIS®); and Theodore "TJ" Sayers, Director of Intelligence & Incident Response at CIS. Together, they examine the scariest malware of 2024 and share some recommendations for how organizations can keep up with the changing cyber threat landscape. Here are some highlights from our episode: 01:32 . What makes cert...
Nov 13, 2024•39 min•Ep. 109
In episode 108 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Ed Skoudis , CEO of Counter Hack Challenges and President of SANS Technology Institute. Together, they discuss the evolution of gaming and competition in cybersecurity and how these activities help to make the industry stronger. Here are some highlights from our episode: 02:04 . What goes into creating a game environment that attracts all kinds of skill levels 04:43 . A multi-disciplinary approach to creati...
Nov 06, 2024•41 min•Ep. 108
In episode 107 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Steve Lipner , Executive Director of SAFECode. Together, they discuss how software development organizations can use principles of "secure by design" to get on a track of continuous improvement. Here are some highlights from our episode: 01:38 . Steve's background and thoughts on the emergence of secure by design 14:04 . Three guiding principles of secure software development 16:13 . The impact of security ...
Oct 30, 2024•38 min•Ep. 107
In episode 106 of Cybersecurity Where You Are, Sean Atkinson is joined by Chris Smith , Social Media Specialist at the Center for Internet Security® (CIS®). Together, they use a donation scam about a natural disaster to advise how you can stay safe against this type of cyber threat. Here are some highlights from our episode: 00:49 . Why it's important to talk about donation scams and why they're so prevalent 05:13 . Recounting a real-world example of a donation scam 10:43 . Common tactics levera...
Oct 23, 2024•32 min•Ep. 106
In episode 105 of Cybersecurity Where You Are, Sean Atkinson discusses the importance of context in maturing how you use cyber risk quantification to build cases for risk treatment strategies. Here are some highlights from our episode: 01:56 . The inspiration for an episode on cyber risk quantification 02:38 . How to situate risk quantification in your business processes 08:56 . Traps to avoid when quantifying cyber risks 12:12 . How the quantification process relates to controls implementation ...
Oct 16, 2024•33 min•Ep. 105
In episode 104 of Cybersecurity Where You Are, Sean Atkinson is joined by Kennidi Ortega, Information Security Analyst at the Center for Internet Security® (CIS®). Together, they explore the experience of a first-year analyst and how they might make the most of getting started in a cybersecurity career. Here are some highlights from our episode: 01:07 . How Kennidi got started in cybersecurity and what led her to the field 03:44 . What the beginning of Sean's cybersecurity career looked like 04:...
Oct 09, 2024•33 min•Ep. 104
In episode 103 of Cybersecurity Where You Are, Sean Atkinson examines education and experience as pathways for new professionals to enter the cybersecurity industry. Here are some highlights from our episode: 01:42 . What's motivating Sean to talk about this topic 03:32 . The value of cybersecurity degrees 05:17 . The pros and cons of degree programs in cybersecurity 07:47 . How a cybersecurity certification compares to a degree 10:57 . Considerations for pursuing a certification in cybersecurit...
Oct 02, 2024•31 min•Ep. 103
In episode 102 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by the following guests: Charity Otwell , Director of the CIS Critical Security Controls® (CIS Controls®) at the Center for Internet Security® (CIS®) Lawrence Cruciana , President of Corporate Information Technologies (CorpInfoTech) Together, they discuss the "sporty" rigor underlying the process and value of achieving CIS Controls Accreditation. Here are some highlights from our episode: 01:36 . What is meant...
Sep 25, 2024•37 min•Ep. 102
In episode 101 of Cybersecurity Where You Are, Sean Atkinson is joined by Justin Kohler , Vice President of Products at SpecterOps, and Jonathan Parfait , Technical Account Manager at SpecterOps. Together, they discuss how the visualization of attack paths in Active Directory helps organizations to better contextualize risks to their enterprise security. Here are some highlights from our episode: 01:54 . What Bloodhound is and how it assists organizations in assessing risks in their Active Direc...
Sep 18, 2024•34 min•Ep. 101
In episode 100 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by David Bisson, Sr. Content Marketing Strategist at the Center for Internet Security® (CIS®). Together, they celebrate the first 100 episodes of Cybersecurity Where You Are and discuss where the podcast might go in the future. Here are some highlights from our episode: 01:14 . How the podcast's approach and content have changed since the first episode 04:19 . What surprised the team about the "machinery" of p...
Sep 11, 2024•42 min•Ep. 100
In episode 99 of Cybersecurity Where You Are, Sean Atkinson is joined by Marcus Sachs, SVP and Chief Engineer at the Center for Internet Security® (CIS®). Together, they discuss how cyber-informed engineering builds resilience to the potential failure of a digital system into new and existing engineering products. Here are some highlights from our episode: 03:51 . What cyber-informed engineering is and how this paradigm has emerged 11:39 . What CIS is doing to emphasize cyber-informed engineerin...
Sep 04, 2024•34 min•Ep. 99
In episode 98 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Roger Grimes , Data-Driven Defense Evangelist at KnowBe4. Together, they embrace transparency as a vehicle for the cybersecurity industry to better defend against insider threats. Here are some highlights from our episode: 01:28 . How KnowBe4 detected an insider threat from North Korea 09:09 . How the Center for Internet Security® (CIS®) responded to news of this incident 21:02 . The role of technical contro...
Aug 28, 2024•36 min•Ep. 98
In episode 97 of Cybersecurity Where You Are, Tony Sager is joined by the following guests: Dr. Ramon Barquin , Board Member at the Center for Internet Security® (CIS®) and President and Chief Executive Officer at Barquin International Franklin Reeder , Director Emeritus and Founding Chair of CIS as well as Director of the National Cybersecurity Scholarship Foundation Clint Kreitner , Founding President/CEO and Former Board Member at CIS Together, they look back at how much CIS has accomplished ...
Aug 21, 2024•51 min•Ep. 97
In episode 96 of Cybersecurity Where You Are, co-hosts Sean Atkinson and Tony Sager are joined by Tarah Wheeler, CEO of Red Queen Dynamics. Together, they discuss ongoing efforts to translate continuous compliance into something actionable for small- to medium-sized businesses (SMBs). Here are some highlights from our episode: 03:11 . The philosophy behind a business model focused on continuous compliance for SMBs 17:44 . How the Fog of More complicates security and compliance for the "cyber-und...
Aug 14, 2024•43 min•Ep. 96
In episode 95 of Cybersecurity Where You Are, Sean Atkinson is joined by Randy Rose, VP of Security Operations & Intelligence at the Center for Internet Security® (CIS®). Together, they discuss AI augmentation in terms of how cyber defenders are using generative artificial intelligence to enhance their capabilities. Here are some highlights from our episode: 01:16 . How artificial intelligence has changed the landscape for cybersecurity defenders 03:49 . How AI is starting to augment threat ...
Aug 07, 2024•35 min•Ep. 95
In episode 94 of Cybersecurity Where You Are, Tony Sager is joined by the following guests from the Center for Internet Security® (CIS®): Carlos Kizzee, SVP of Multi-State Information Sharing and Analysis Center® (MS-ISAC®) Strategy & Plans Karen Sorady, VP of MS-ISAC Strategy & Plans Greta Noble, Director of Community Engagement Together, they discuss how the ISAC Annual Meeting supports the 24x7x365 community defense efforts of the MS-ISAC and Elections Infrastructure Information Shari...
Jul 31, 2024•37 min•Ep. 94
In episode 93 of Cybersecurity Where You Are, co-hosts Sean Atkinson and Tony Sager are joined once again by John Cohen, Executive Director of Countering Hybrid Threats at the Center for Internet Security® (CIS®). Together, they discuss a whole-of-society approach to help make the U.S. public resilient against multidimensional threats in our connected world. Here are some highlights from our episode: 01:52 . What the U.S. public needs to consider in order to strengthen its resilience 06:04 . How...
Jul 24, 2024•29 min•Ep. 93
