In episode 115 of Cybersecurity Where You Are, Sean Atkinson is joined by Carolyn Comer , Chief Human Resources Officer at the Center for Internet Security® (CIS®); Heidi Gonzalez , Sr. Employee Experience Specialist at CIS; and Jennifer Myers, Sr. Director of Learning and Development at CIS. With an in-person holiday open house and office party as their backdrop, they celebrate the continuous feedback that sustains and grows the employee culture at CIS. Here are some highlights from our episode...
Dec 25, 2024•32 min•Ep. 115
In episode 114 of Cybersecurity Where You Are, Tony Sager is joined by three past and current Board Chairs of the Center for Internet Security® (CIS®): Frank Reeder , CIS Director Emeritus and Founding Chair as well as Director of the National Cybersecurity Scholarship Foundation; John Gilligan , President and Chief Executive Officer of CIS; and Bobbie Stempfley , CIS Board Chair and Business Security Officer of the Infrastructure Solutions Group at Dell Technologies. Together, they reflect on 2...
Dec 18, 2024•49 min•Ep. 114
In episode 113 of Cybersecurity Where You Are, Tony Sager is joined by Phyllis Lee , VP of SBP Content Development at the Center for Internet Security® (CIS®); Adam Bobrow , Co-Founder and President of Veribo Analytics; and Sridevi Joshi , Co-Founder and CEO of Veribo Analytics. Together, they discuss how the Business Impact Analysis tool created by CIS and Veribo Analytics empowers individuals and organizations to use cyber risk prioritization as a basis for their ransomware defense strategy. H...
Dec 11, 2024•41 min•Ep. 113
In episode 112 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Rob T. Lee , Chief of Research and Head of Faculty at SANS Institute. Together, they discuss how SANS Institute applies an operational or "do" model of leadership to gather expertise, build shared purpose, and foster action on evolving cybersecurity trends. Here are some highlights from our episode: 05:47 . How Rob ended up teaching at SANS Institute 08:49 . Rob's first experience meeting and working with t...
Dec 04, 2024•47 min•Ep. 112
In episode 111 of Cybersecurity Where You Are, Tony Sager is joined by Rick Howard, N2K Chief Security Officer and the Chief Analyst and Senior Fellow at The Cyberwire. Together, they discuss a first principle of cybersecurity proposed by Rick in his book, Cybersecurity First Principles: A Reboot of Strategy and Tactics . Here are some highlights from our episode: 04:30 . What drove the need to formulate a foundational cybersecurity assumption 07:44 . How other "first" principles of cybersecurit...
Nov 27, 2024•47 min•Ep. 111
In episode 110 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Lee Noriega , Executive Director of the Cybersecurity Services Organization and Acting General Manager of Sales and Business Services at the Center for Internet Security® (CIS®); and Jerry Gitchel , founder of Leverage Unlimited and listener to Cybersecurity Where You Are. Together, they examine a question sent in by Jerry: if a corporate culture is lacking, can a security culture exist? Here are some highl...
Nov 20, 2024•42 min•Ep. 110
In episode 109 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Randy Rose, VP of Security Operations & Intelligence at the Center for Internet Security® (CIS®); and Theodore "TJ" Sayers, Director of Intelligence & Incident Response at CIS. Together, they examine the scariest malware of 2024 and share some recommendations for how organizations can keep up with the changing cyber threat landscape. Here are some highlights from our episode: 01:32 . What makes cert...
Nov 13, 2024•39 min•Ep. 109
In episode 108 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Ed Skoudis , CEO of Counter Hack Challenges and President of SANS Technology Institute. Together, they discuss the evolution of gaming and competition in cybersecurity and how these activities help to make the industry stronger. Here are some highlights from our episode: 02:04 . What goes into creating a game environment that attracts all kinds of skill levels 04:43 . A multi-disciplinary approach to creati...
Nov 06, 2024•41 min•Ep. 108
In episode 107 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Steve Lipner , Executive Director of SAFECode. Together, they discuss how software development organizations can use principles of "secure by design" to get on a track of continuous improvement. Here are some highlights from our episode: 01:38 . Steve's background and thoughts on the emergence of secure by design 14:04 . Three guiding principles of secure software development 16:13 . The impact of security ...
Oct 30, 2024•38 min•Ep. 107
In episode 106 of Cybersecurity Where You Are, Sean Atkinson is joined by Chris Smith , Social Media Specialist at the Center for Internet Security® (CIS®). Together, they use a donation scam about a natural disaster to advise how you can stay safe against this type of cyber threat. Here are some highlights from our episode: 00:49 . Why it's important to talk about donation scams and why they're so prevalent 05:13 . Recounting a real-world example of a donation scam 10:43 . Common tactics levera...
Oct 23, 2024•32 min•Ep. 106
In episode 105 of Cybersecurity Where You Are, Sean Atkinson discusses the importance of context in maturing how you use cyber risk quantification to build cases for risk treatment strategies. Here are some highlights from our episode: 01:56 . The inspiration for an episode on cyber risk quantification 02:38 . How to situate risk quantification in your business processes 08:56 . Traps to avoid when quantifying cyber risks 12:12 . How the quantification process relates to controls implementation ...
Oct 16, 2024•33 min•Ep. 105
In episode 104 of Cybersecurity Where You Are, Sean Atkinson is joined by Kennidi Ortega, Information Security Analyst at the Center for Internet Security® (CIS®). Together, they explore the experience of a first-year analyst and how they might make the most of getting started in a cybersecurity career. Here are some highlights from our episode: 01:07 . How Kennidi got started in cybersecurity and what led her to the field 03:44 . What the beginning of Sean's cybersecurity career looked like 04:...
Oct 09, 2024•33 min•Ep. 104
In episode 103 of Cybersecurity Where You Are, Sean Atkinson examines education and experience as pathways for new professionals to enter the cybersecurity industry. Here are some highlights from our episode: 01:42 . What's motivating Sean to talk about this topic 03:32 . The value of cybersecurity degrees 05:17 . The pros and cons of degree programs in cybersecurity 07:47 . How a cybersecurity certification compares to a degree 10:57 . Considerations for pursuing a certification in cybersecurit...
Oct 02, 2024•31 min•Ep. 103
In episode 102 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by the following guests: Charity Otwell , Director of the CIS Critical Security Controls® (CIS Controls®) at the Center for Internet Security® (CIS®) Lawrence Cruciana , President of Corporate Information Technologies (CorpInfoTech) Together, they discuss the "sporty" rigor underlying the process and value of achieving CIS Controls Accreditation. Here are some highlights from our episode: 01:36 . What is meant...
Sep 25, 2024•37 min•Ep. 102
In episode 101 of Cybersecurity Where You Are, Sean Atkinson is joined by Justin Kohler , Vice President of Products at SpecterOps, and Jonathan Parfait , Technical Account Manager at SpecterOps. Together, they discuss how the visualization of attack paths in Active Directory helps organizations to better contextualize risks to their enterprise security. Here are some highlights from our episode: 01:54 . What Bloodhound is and how it assists organizations in assessing risks in their Active Direc...
Sep 18, 2024•34 min•Ep. 101
In episode 100 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by David Bisson, Sr. Content Marketing Strategist at the Center for Internet Security® (CIS®). Together, they celebrate the first 100 episodes of Cybersecurity Where You Are and discuss where the podcast might go in the future. Here are some highlights from our episode: 01:14 . How the podcast's approach and content have changed since the first episode 04:19 . What surprised the team about the "machinery" of p...
Sep 11, 2024•42 min•Ep. 100
In episode 99 of Cybersecurity Where You Are, Sean Atkinson is joined by Marcus Sachs, SVP and Chief Engineer at the Center for Internet Security® (CIS®). Together, they discuss how cyber-informed engineering builds resilience to the potential failure of a digital system into new and existing engineering products. Here are some highlights from our episode: 03:51 . What cyber-informed engineering is and how this paradigm has emerged 11:39 . What CIS is doing to emphasize cyber-informed engineerin...
Sep 04, 2024•34 min•Ep. 99
In episode 98 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Roger Grimes , Data-Driven Defense Evangelist at KnowBe4. Together, they embrace transparency as a vehicle for the cybersecurity industry to better defend against insider threats. Here are some highlights from our episode: 01:28 . How KnowBe4 detected an insider threat from North Korea 09:09 . How the Center for Internet Security® (CIS®) responded to news of this incident 21:02 . The role of technical contro...
Aug 28, 2024•36 min•Ep. 98
In episode 97 of Cybersecurity Where You Are, Tony Sager is joined by the following guests: Dr. Ramon Barquin , Board Member at the Center for Internet Security® (CIS®) and President and Chief Executive Officer at Barquin International Franklin Reeder , Director Emeritus and Founding Chair of CIS as well as Director of the National Cybersecurity Scholarship Foundation Clint Kreitner , Founding President/CEO and Former Board Member at CIS Together, they look back at how much CIS has accomplished ...
Aug 21, 2024•51 min•Ep. 97
In episode 96 of Cybersecurity Where You Are, co-hosts Sean Atkinson and Tony Sager are joined by Tarah Wheeler, CEO of Red Queen Dynamics. Together, they discuss ongoing efforts to translate continuous compliance into something actionable for small- to medium-sized businesses (SMBs). Here are some highlights from our episode: 03:11 . The philosophy behind a business model focused on continuous compliance for SMBs 17:44 . How the Fog of More complicates security and compliance for the "cyber-und...
Aug 14, 2024•43 min•Ep. 96
In episode 95 of Cybersecurity Where You Are, Sean Atkinson is joined by Randy Rose, VP of Security Operations & Intelligence at the Center for Internet Security® (CIS®). Together, they discuss AI augmentation in terms of how cyber defenders are using generative artificial intelligence to enhance their capabilities. Here are some highlights from our episode: 01:16 . How artificial intelligence has changed the landscape for cybersecurity defenders 03:49 . How AI is starting to augment threat ...
Aug 07, 2024•35 min•Ep. 95
In episode 94 of Cybersecurity Where You Are, Tony Sager is joined by the following guests from the Center for Internet Security® (CIS®): Carlos Kizzee, SVP of Multi-State Information Sharing and Analysis Center® (MS-ISAC®) Strategy & Plans Karen Sorady, VP of MS-ISAC Strategy & Plans Greta Noble, Director of Community Engagement Together, they discuss how the ISAC Annual Meeting supports the 24x7x365 community defense efforts of the MS-ISAC and Elections Infrastructure Information Shari...
Jul 31, 2024•37 min•Ep. 94
In episode 93 of Cybersecurity Where You Are, co-hosts Sean Atkinson and Tony Sager are joined once again by John Cohen, Executive Director of Countering Hybrid Threats at the Center for Internet Security® (CIS®). Together, they discuss a whole-of-society approach to help make the U.S. public resilient against multidimensional threats in our connected world. Here are some highlights from our episode: 01:52 . What the U.S. public needs to consider in order to strengthen its resilience 06:04 . How...
Jul 24, 2024•29 min•Ep. 93
In episode 92 of Cybersecurity Where You Are, co-hosts Sean Atkinson and Tony Sager are joined by John Cohen, Executive Director of Countering Hybrid Threats at the Center for Internet Security® (CIS®). Together, they discuss "Enhancing Safety in the Connected World — A National Framework for Action," a multi-year project to help law enforcement and security professionals better contextualize and respond to evolving cyber threats. Here are some highlights from our episode: 02:01 . Why the curren...
Jul 17, 2024•33 min•Ep. 92
In episode 91 of Cybersecurity Where You Are, Sean Atkinson is joined by Charity Otwell, Director of the CIS Critical Security Controls® (CIS Controls®) at the Center for Internet Security® (CIS®). Together, they discuss what you need to know about the release of CIS Controls v8.1. Here are some highlights from our episode: 01:17 . What you can expect to see in version 8.1 of the Controls 06:19 . How CIS Controls v8.1 helps you to integrate other governance structures 09:23 . How version 8.0 and...
Jul 10, 2024•33 min•Ep. 91
In episode 90 of Cybersecurity Where You Are, co-hosts Sean Atkinson and Tony Sager are joined by the following guests: Charity Otwell, Director of the CIS Critical Security Controls® (CIS Controls®) at the Center for Internet Security® (CIS®) Mia LaVada, Product Manager of CIS Benchmarks and Cloud at CIS Don Freeley, VP of IT Services at CIS Together, they discuss how you can use CIS resources to ensure control continuity when migrating to the cloud. Here are some highlights from our episode: 0...
Jul 03, 2024•31 min•Ep. 90
In episode 89 of Cybersecurity Where You Are, co-host Sean Atkinson is joined by the following guests: Rian Davis, Elections Cyber Threat Intelligence Intern at the Center for Internet Security® (CIS®) Timothy Davis, Sr. Elections Cyber Threat Intelligence Analyst at CIS Together, they discuss how cyber threat actors (CTAs) are using generative artificial intelligence (GenAI) as an enabler of their attacks. Here are some highlights from our episode: 01:04 . Why it's important to raise awareness ...
Jun 26, 2024•31 min•Ep. 89
In episode 88 of Cybersecurity Where You Are, co-host Sean Atkinson discusses the evolving role of a chief information security officer (CISO). Here are some highlights from our episode: 02:47 . Why communication is a core competency for CISOs 08:35 . How to take a balanced approach when evaluating an organization's implementation of artificial intelligence (AI) and machine learning (ML) 11:47 . The role a CISO plays in integrating privacy requirements into the organization 15:35 . Thoughts on h...
Jun 19, 2024•30 min•Ep. 88
In episode 87 of Cybersecurity Where You Are, co-host Tony Sager is joined by the following guests: Charity Otwell, Director of the CIS Critical Security Controls® (CIS Controls®) at the Center for Internet Security® (CIS®) Philippe Langlois, Senior Principal, Security Risk Management and Author of the Verizon Data Breach Investigations Report (DBIR) Theodore "TJ" Sayers, Director of Intelligence & Incident Response at CIS Together, they celebrate 11 years of CIS and Verizon working together...
Jun 05, 2024•39 min•Ep. 87
In episode 86 of Cybersecurity Where You Are, co-host Sean Atkinson is live once again from Booth 4319 at RSA Conference (RSAC) 2024. 00:57 . Sean chats with Mat Everman, Information Security Operations Manager, about his talk, " Shades of Purple: Getting Started and Making Purple Teaming Possible ." They discuss some of the questions Mat received following his talk and how they can put purple teaming into practice at the Center for Internet Security® (CIS®). Sean asks passersby what they're loo...
May 29, 2024•34 min•Ep. 86
