In episode 145 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager begin their mid-year review of 12 Center for Internet Security® (CIS®) experts' cybersecurity predictions for 2025. Here are some highlights from our episode: 01:14 . Verizon's Data Breach Investigations Report as a source of enlightenment and humility 02:28 . The use of generative artificial intelligence (GenAI) to finely tune phishing emails 06:31 . Cyber threat actors' Darwinian efficiency in adopting new technology 0...
Jul 23, 2025•36 min•Ep. 145
In episode 144 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Carlos Kizzee , Senior Vice President of Multi-State Information Sharing and Analysis Center® (MS-ISAC®) at the Center for Internet Security®(CIS®). Together, they discuss how the MS-ISAC's new funding model helps to carry on the character and culture of this collaborative cyber defense community. Here are some highlights from our episode: 01:11 . The unique mission, history, and value of building community...
Jul 16, 2025•33 min•Ep. 144
In episode 143 of Cybersecurity Where You Are, Sean Atkinson is joined by John Cohen , Executive Director of the Program for Countering Hybrid Threats at the Center for Internet Security®(CIS®). Together, they discuss Iran's evolving multidimensional threat activity following U.S. airstrikes on Iranian nuclear facilities in June 2025. Here are some highlights from our episode: 00:49 . Lessons from the past on how Iran might respond to the U.S. airstrikes in June 2025 04:56 . The use of informed ...
Jul 09, 2025•32 min•Ep. 143
In episode 142 of Cybersecurity Where You Are, Sean Atkinson is joined by Anthony Essmaker , former Product Marketing Manager at the Center for Internet Security®(CIS®); and Randy Rose, VP of Security Operations & Intelligence at CIS. Together, they discuss the nuanced, empathetic approach that's required to help U.S. State, Local, Tribal, and Territorial (SLTT) government organizations to address their cybersecurity needs. Here are some highlights from our episode: 01.10 . What the acronym ...
Jul 02, 2025•34 min•Ep. 142
In episode 141 of Cybersecurity Where You Are, Tony Sager is joined by Phyllis Lee , VP of SBP Content Development at the Center for Internet Security®(CIS®); and Julie Haney , Computer Scientist & Human-Centered Cybersecurity Researcher at the National Institute of Standards and Technology (NIST). Together, they use a human-centered understanding of security to discuss password policies, including their benefits, drawbacks, and efficacy. Here are some highlights from our episode: 01:03 . In...
Jun 25, 2025•43 min•Ep. 141
In episode 140 of Cybersecurity Where You Are, Sean Atkinson is joined by John Cohen , Executive Director of the Program for Countering Hybrid Threats at the Center for Internet Security®(CIS®). Together, they discuss travel safety tips informed by today's evolving multidimensional threat environment. Here are some highlights from our episode: 01:30 . The most overlooked security risks we need to take seriously whenever we travel 03:42 . How threat actors can exploit our tendency to overshare on...
Jun 18, 2025•34 min•Ep. 140
In episode 139 of Cybersecurity Where You Are, Tony Sager is joined by Amelia Gifford , Sr. Manager, Administration, at the Center for Internet Security®(CIS®); and George Bailey , Director of Purdue cyberTAP . Together, they discuss how the 2025 grant from the Alan Paller Laureate Program will support Purdue cyberTAP's mission of community building for the cyber-underserved. Here are some highlights from our episode: 01:02 . Honoring a legacy of making cybersecurity practical and accessible 03:...
Jun 11, 2025•34 min•Ep. 139
In episode 138 of Cybersecurity Where You Are, Sean Atkinson is joined by Timothy Davis, Lead Cyber Threat Intelligence (CTI) Analyst at the Center for Internet Security®(CIS®). Together, they discuss how organizations can use Generative Artificial Intelligence (GenAI) to refine how they develop Tabletop Exercises (TTXs). Here are some highlights from our episode: 01:49 . Why TTXs function as a "blue sky" opportunity for crisis management and preparedness 04:33 . A quick recap of how GenAI stand...
Jun 04, 2025•34 min•Ep. 138
In episode 137 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Terry Loftus , Assistant Superintendent (Chief Information Officer) of Integrated Technology Services at the San Diego County Office of Education (SDCOE); and Netta Squires , President of Government Affairs, Cybersecurity, & Resilience at Open District Solutions (ODS). Together, they discuss how the Multi-State Information Sharing and Analysis Center® (MS-ISAC®) functions as a space for U.S. State, Loca...
May 28, 2025•42 min•Ep. 137
In episode 136 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined live by Lynn Dohm , Executive Director of Women in CyberSecurity (WiCyS). Together, they discuss how WiCyS works to advance women in cybersecurity. Here are some highlights from our episode: 01:03 . A mission of recruiting, retaining, and advancing women in cybersecurity 05:38 . How community-focused conferences and scholarships promote community growth 06:25 . The need to celebrate the work of and encourage s...
May 21, 2025•39 min•Ep. 136
In episode 135 of Cybersecurity Where You Are, Sean Atkinson is joined live at RSAC Conference 2025 by five attendees, including two Center for Internet Security® (CIS®) employees. He conducts a lightning chat with each attendee to get their thoughts about the conference, how it reflects the changing cybersecurity industry, and the role CIS plays in this ongoing evolution. Here are some highlights from our episode: 00:40 . Stephanie Gass , Sr. Director of Information Security at CIS How to start...
May 14, 2025•24 min•Ep. 135
In episode 134 of Cybersecurity Where You Are, Sean Atkinson is joined by Randy Rose, VP of Security Operations & Intelligence at the Center for Internet Security® (CIS®); and Timothy Davis, Lead Cyber Threat Intelligence (CTI) Analyst at CIS. Together, they discuss how generative artificial intelligence (GenAI) lowers the barrier of entry for cyber threat actors (CTAs). Here are some highlights from our episode: 01:37 . CTAs' use of GenAI to improve their existing campaigns 03:38 . The need...
May 07, 2025•40 min•Ep. 134
In episode 133 of Cybersecurity Where You Are, Sean Atkinson is joined by Lauren McFayden, Threat Intelligence Analyst at the Center for Internet Security® (CIS®). Together, they discuss the Distributed Denial of Service (DDoS) hacktivism of DieNet and how the group continues to evolve its Tactics, Techniques, and Procedures (TTPs). Here are some highlights from our episode: 01:22 . An overview of DieNet and its emergence on Telegram 01:55 . DDoS attacks and the potential for service disruptions...
Apr 30, 2025•33 min•Ep. 133
In episode 132 of Cybersecurity Where You Are, Sean Atkinson is joined by Valecia Stocchetti, Sr. Cybersecurity Engineer of the CIS Critical Security Controls (CIS Controls) at the Center for Internet Security® (CIS®). Together, they discuss what the first day, step, and dollar of implementing a controls framework look like for organizations stepping into their cybersecurity journey. Here are some highlights from our episode: 01:54 . Building and improving a cybersecurity program through the pow...
Apr 23, 2025•35 min•Ep. 132
In episode 131 of Cybersecurity Where You Are, Tony Sager is joined by Stan Stahl, PhD , Founder and President of SecureTheVillage . Together, they discuss how SecureTheVillage, a nonprofit and inaugural Alan Paller Laureate Program awardee , is using a collaboration-driven approach to enhance reasonable cybersecurity awareness and practices within Southern California (SoCal). Here are some highlights from our episode: 01:07 . An introduction to Stan and how he came to champion small business cy...
Apr 16, 2025•33 min•Ep. 131
In episode 130 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by John Gilligan , President and Chief Executive Officer (CEO) of the Center for Internet Security® (CIS®). Set against the backdrop of the 2025 CIS Annual Full Staff Meeting, they celebrate 25 years of CIS, including the "serendipity" by which the company became a global cybersecurity thought leader. They also discuss how this thought leadership may evolve over the next 25 years. Here are some highlights from...
Apr 09, 2025•33 min•Ep. 130
In episode 129 of Cybersecurity Where You Are, Sean Atkinson discusses best practices for embedding cybersecurity in project management. Here are some highlights from our episode: 01:34 . Elements for connecting the dots between cybersecurity risk assessment and project risk assessment 03:06 . How our conceptualization of a project changes under a zero trust implementation 04:02 . What security may look like in a Waterfall vs. Agile approach to project management 06:26 . The importance of resour...
Apr 02, 2025•32 min•Ep. 129
In episode 128 of Cybersecurity Where You Are, Sean Atkinson is joined by Joshua Palsgraf , Senior Cyber Threat Intelligence (CTI) Analyst at the Center for Internet Security® (CIS®). Together, they examine how cyber threat actors use cryptocurrency for financial fraud and how professionals like Joshua track this illicit activity. Here are some highlights from our episode: 01:35 . What a data-driven approach to CTI looks like 02:47 . What makes cryptocurrency useful in the digital economy, inclu...
Mar 26, 2025•35 min•Ep. 128
In episode 127 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Scott Alldridge , President and CEO of IP Services and the IT Process Institute. Together, they use Scott's book, " Visible Ops Cybersecurity: Enhancing Your Cybersecurity Posture with Practical Guidance ," to discuss how visible IT operations (Visible Ops) provide a foundation for cybersecurity. Here are some highlights from our episode: 01:31 . How Visible Ops reflect an appreciation for the original conf...
Mar 19, 2025•38 min•Ep. 127
In episode 126 of Cybersecurity Where You Are, Sean Atkinson is joined by Casey Cannon, Lead Cyber Threat Intelligence (CTI) Analyst at the Center for Internet Security® (CIS®). Together, they review what a regular day looks like for a CTI analyst. Here are some highlights from our episode: 01:46 . How a service-oriented mindset factors into a CTI career 03:55 . What task prioritization looks like at the beginning of a CTI analyst's day 06:50 . How bedrock CTI principles and threat actor matrice...
Mar 12, 2025•36 min•Ep. 126
In episode 125 of Cybersecurity Where You Are, Sean Atkinson is joined by Waldo Perez , Human Resources Support Specialist at the Center for Internet Security® (CIS®); and Penny Davis , Sr. Manager of Leadership Development at CIS. Together, they use the CIS Leadership Principles and other examples from CIS to understand how leadership influences and nurtures the organization's workplace culture. Here are some highlights from our episode: 02:00 . The human aspect in defining workplace culture 03...
Mar 05, 2025•33 min•Ep. 125
In episode 124 of Cybersecurity Where You Are, Sean Atkinson is joined by Timothy Davis, Lead Cyber Threat Intelligence (CTI) Analyst at the Center for Internet Security® (CIS®). Together, they explore the many layers of a malware takedown operation. Here are some highlights from our episode: 01:58 . A high-level overview of what a malware takedown might involve 04:11 . Some of the key players who help to disrupt known malware infrastructure 07:35 . Which operational functionalities make malware...
Feb 26, 2025•33 min•Ep. 124
In episode 123 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Gina Chapman , Chief Operating Officer (COO) at the Center for Internet Security® (CIS®). Together, they use examples from CIS to identify elements of an operational playbook for making an impact in the cybersecurity industry. Here are some highlights from our episode: 01:21 . Business development and organizational change over the course of 12 years at CIS 13:49 . Change management and communication as mea...
Feb 19, 2025•44 min•Ep. 123
In episode 122 of Cybersecurity Where You Are, Sean Atkinson is joined by Rian Davis , Associate Hybrid Threat Intelligence Analyst at the Center for Internet Security® (CIS®); and Timothy Davis, Lead Cyber Threat Intelligence (CTI) Analyst at CIS. Together, they discuss security and utility considerations surrounding the DeepSeek AI model. Here are some highlights from our episode: 01:31 . What enterprises and individuals can do before they start deploying foreign-developed, open-source large l...
Feb 12, 2025•37 min•Ep. 122
In episode 121 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Tyler Moore, Ph.D. , Chair of Cyber Studies at the University of Tulsa. Together, they discuss the role of economics in cyber risk quantification and cybersecurity decision-making. Here are some highlights from our episode: 01:55 . How incentives, market failures, and other economic principles intersect with cybersecurity 08:39 . A model of translating shared information as a way to capture complexity in cy...
Feb 05, 2025•41 min•Ep. 121
In episode 120 of Cybersecurity Where You Are, Sean Atkinson explores how contextual awareness of generative artificial intelligence (GenAI) deployment in the business creates a foundation for AI governance strategy. Here are some highlights from our episode: 01:58 . Why specificity is important when we use the term "AI" in the governance space 04:10 . Two AI distributions and how contextual function varies between them 13:52 . The importance of engagement and asking the right questions 18:28 . ...
Jan 29, 2025•32 min•Ep. 120
In episode 119 of Cybersecurity Where You Are, Sean Atkinson is joined by John Cohen , Executive Director of Countering Hybrid Threats at the Center for Internet Security® (CIS®). Together, they discuss the importance and provide examples of multidimensional threat defense as a means of securing large events. Here are some highlights from our episode: 01:42 . An overview of the multidimensional threat landscape from 2024 going into 2025 07:00 . The shift to multidimensional threat analysis in cr...
Jan 22, 2025•35 min•Ep. 119
In episode 118 of Cybersecurity Where You Are, Sean Atkinson is joined by Andy Smith , Security Architect for BP and Instructor at the SANS Institute. Together, they review the state of post-quantum cryptography as well as share recommendations for how organizations and individuals can prepare to move into the post-quantum era. Here are some highlights from our episode: 02:55 . What post-quantum cryptography is and why we need to pay attention 04:11 . The impact of a cryptographically relevant q...
Jan 15, 2025•37 min•Ep. 118
In episode 117 of Cybersecurity Where You Are, Sean Atkinson reflects on the 2025 cybersecurity predictions of 12 experts at the Center for Internet Security® (CIS®), as shared on the CIS website . Here are some highlights from our episode: 01:40 . Artificial intelligence (AI) as a means for crafting higher quality phishing emails 04:24 . Zero trust with identity as a catalyst in 2025 07:55 . A governance focus for K-12 school districts 12:37 . Secure by design as part of the DNA of IT departmen...
Jan 08, 2025•34 min•Ep. 117
In episode 116 of Cybersecurity Where You Are, Sean Atkinson discusses the threat of AI-enhanced ransomware along with the use of generative artificial intelligence (GenAI) to defend against it. Here are some highlights from our episode: 02:10 . How AI in the cybersecurity space has advanced over the past few years 05:12 . Why cybercriminals are incorporating artificial intelligence into their attacks 19:24 . The application of AI in various stages of a ransomware attack 26:10 . How AI can infor...
Jan 01, 2025•34 min•Ep. 116
