Cybersecurity Where You Are (video)

Hosted by Center for Internet Security

TechnologyInterviews guests

Website RSS feed

Episodes

191

Latest episode

Jun 2026

Language

EN-US

About the show

Welcome to video version of “Cybersecurity Where You Are,” the podcast of the Center for Internet Security® (CIS®). Cybersecurity affects us all — whether we’re online at home, managing a company, supporting clients, or running a state or local government. Join us on Wednesdays as Sean Atkinson, CISO at CIS, and Tony Sager, SVP & Chief Evangelist at CIS, discuss trends and threats, explore security best practices, and interview experts in the industry. Together, we’ll clarify these issues, creating confidence in the connected world. Subscribe to the audio version of our podcast here: https://fast.wistia.net/embed/channel/wbyhaw35xf?wchannelid=wbyhaw35xf.

Listen to episodes

60 recent

October 2, 2024Episode 10331 min

Episode 103: Education vs. Experience in Cybersecurity

In episode 103 of Cybersecurity Where You Are, Sean Atkinson examines education and experience as pathways for new professionals to enter the cybersecurity industry.Here are some highlights from our episode:01:42. What's motivating Sean to talk about this topic03:32. The value of cybersecurity degrees05:17. The pros and cons of degree programs in cybersecurity07:47. How a cybersecurity certification compares to a degree10:57. Considerations for pursuing a certification in cybersecurity14:00. Using certifications to learn new technology paradigms16:54. Why a breadth of practical experience is important22:49. Pathways for gaining experience in cybersecurityResourcesEpisode 75: How GenAI Continues to Reshape CybersecurityEpisode 59: Probing the Modern Role of the PentestOutliers: The Story of SuccessHack The BoxTryHackMeDavid BombalIppSecPortSwiggerJohn HammondIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

September 18, 2024Episode 10134 min

Episode 101: Visualizing Attack Paths in Active Directory

In episode 101 of Cybersecurity Where You Are, Sean Atkinson is joined by Justin Kohler, Vice President of Products at SpecterOps, and Jonathan Parfait, Technical Account Manager at SpecterOps.Together, they discuss how the visualization of attack paths in Active Directory helps organizations to better contextualize risks to their enterprise security.Here are some highlights from our episode:01:54. What Bloodhound is and how it assists organizations in assessing risks in their Active Directory environments05:08. Why have organizations look at their Active Directory environments11:15. Common vulnerabilities and misconfigurations identified by Bloodhound21:21. How organizations can best use Bloodhound as part of their cyber defensive strategy29:18. How Bloodhound is adapting to keep up with evolving Active Directory environmentsResourcesBloodhound Community EditionEpisode 62: Inside the 'Spidey Sense' of a PentesterWhat You Need to Know About Hybrid Cloud EnvironmentsVulnerability Management Policy Template for CIS Control 7CIS Benchmarks ListIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

September 4, 2024Episode 9934 min

Episode 99: How Cyber-Informed Engineering Builds Resilience

In episode 99 of Cybersecurity Where You Are, Sean Atkinson is joined by Marcus Sachs, SVP and Chief Engineer at the Center for Internet Security® (CIS®).Together, they discuss how cyber-informed engineering builds resilience to the potential failure of a digital system into new and existing engineering products.Here are some highlights from our episode:03:51. What cyber-informed engineering is and how this paradigm has emerged11:39. What CIS is doing to emphasize cyber-informed engineering among U.S. State, Local, Tribal, and Territorial (SLTT) government organizations16:25. Why resilience requires everyone to be "cyber-informed"20:50. The need for boards of directors and C-Suite leaders to understand cybersecurity risk25:30. What preparations help to lay the foundation for cyber-informed engineeringResourcesCyber-Informed EngineeringNational Cyber-Informed Engineering StrategyCyber-Informed Engineering Implementation GuideEpisode 75: How GenAI Continues to Reshape CybersecuritySmart Cities Need Smarter SecurityIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

August 28, 2024Episode 9835 min

Episode 98: Transparency as a Tool to Combat Insider Threats

In episode 98 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Roger Grimes, Data-Driven Defense Evangelist at KnowBe4.Together, they embrace transparency as a vehicle for the cybersecurity industry to better defend against insider threats.Here are some highlights from our episode:01:28. How KnowBe4 detected an insider threat from North Korea09:09. How the Center for Internet Security® (CIS®) responded to news of this incident21:02. The role of technical controls in detecting these types of threats23:56. Common signs you can use to detect fake employees in your hiring process29:22. How cybersecurity companies can use this incident to improve their defensesResourcesHow a North Korean Fake IT Worker Tried to Infiltrate UsNorth Korean Fake IT Worker FAQEpisode 77: Data's Value to Decision-Making in CybersecurityDefense-in-Depth: A Necessary Approach to Cloud SecurityeBook: A CISO’s Guide to Bolstering Cybersecurity PostureIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

August 21, 2024Episode 9751 min

Episode 97: How Far We've Come preceding CIS's 25th Birthday

In episode 97 of Cybersecurity Where You Are, Tony Sager is joined by the following guests:Dr. Ramon Barquin, Board Member at the Center for Internet Security® (CIS®) and President and Chief Executive Officer at Barquin InternationalFranklin Reeder, Director Emeritus and Founding Chair of CIS as well as Director of the National Cybersecurity Scholarship FoundationClint Kreitner, Founding President/CEO and Former Board Member at CISTogether, they look back at how much CIS has accomplished as an organization in the leadup to its 25th birthday.Here are some highlights from our episode:06:04. What brought everyone to CIS's founding meeting at the Cosmos Club16:08. The first steps to operationalizing the takeaways of the Cosmos Club meeting25:40. How CIS's business model came to be34:24. The events that brought the Multi-State Information Sharing and Analysis Center® (MS-ISAC®) into CIS42:42. Tracing the past forward to where we are nowResources20 Years of Creating Confidence in the Connected WorldEpisode 35: Remembering the Late Alan PallerReasonable Cybersecurity GuideEpisode 79: Advancing Common Good in Cybersecurity – Part 1MS-ISAC: 20 Years as Your Trusted Cyber Defense CommunityDr. Ramon BarquinFranklin ReederIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

August 14, 2024Episode 9643 min

Episode 96: Making Continuous Compliance Actionable for SMBs

In episode 96 of Cybersecurity Where You Are, co-hosts Sean Atkinson and Tony Sager are joined by Tarah Wheeler, CEO of Red Queen Dynamics.Together, they discuss ongoing efforts to translate continuous compliance into something actionable for small- to medium-sized businesses (SMBs).Here are some highlights from our episode:03:11. The philosophy behind a business model focused on continuous compliance for SMBs17:44. How the Fog of More complicates security and compliance for the "cyber-underserved"30:56. How the industry can navigate the multiple-framework issue and streamline complianceResourcesFollow Tarah on LinkedInEpisode 95: AI Augmentation and Its Impact on Cyber DefenseImplementation Guide for Small- and Medium-Sized Enterprises CIS Controls IG1Build a Robust Continuous Audit Program in 10 StepsHow Prioritized Security Controls Break Through the Fog of MoreIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

August 7, 2024Episode 9534 min

Episode 95: AI Augmentation and Its Impact on Cyber Defense

In episode 95 of Cybersecurity Where You Are, Sean Atkinson is joined by Randy Rose, VP of Security Operations & Intelligence at the Center for Internet Security® (CIS®).Together, they discuss AI augmentation in terms of how cyber defenders are using generative artificial intelligence to enhance their capabilities.Here are some highlights from our episode:01:16. How artificial intelligence has changed the landscape for cybersecurity defenders03:49. How AI is starting to augment threat detection10:12. What security researchers are exploring around AI and cyber defense20:54. Key challenges and limitations for AI-based cyber defense30:54. Future trends and innovations for cybersecurity defenders' use of AIResourcesEpisode 56: Cybersecurity Risks and Rewards of LLMsEpisode 59: Probing the Modern Role of the PentestSEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionalsfr0gger / Awesome-GPT-AgentsThe LLM Misinformation Problem I Was Not ExpectingSeparating FUD from Practical for Post-Quantum CryptographyIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

July 31, 2024Episode 9437 min

Episode 94: Community Defense at the ISAC Annual Meeting

In episode 94 of Cybersecurity Where You Are, Tony Sager is joined by the following guests from the Center for Internet Security® (CIS®):Carlos Kizzee, SVP of Multi-State Information Sharing and Analysis Center® (MS-ISAC®) Strategy & PlansKaren Sorady, VP of MS-ISAC Strategy & PlansGreta Noble, Director of Community EngagementTogether, they discuss how the ISAC Annual Meeting supports the 24x7x365 community defense efforts of the MS-ISAC and Elections Infrastructure Information Sharing and Analysis Center® (EI-ISAC®).Here are some highlights from our episode:02:30. Background information on ISACs in general and the role of the MS-ISAC04:17. Why it's an annual meeting and not a conference06:40. What made the 2024 ISAC Annual Meeting the largest of its kind so far08:43. How the human dimension drives our yearly meeting15:44. The role of the MS- and EI-ISACs in CIS's broader strategy19:42. How our yearly meeting improves what CIS does29:57. What's next for the ISAC Annual MeetingResourcesMS-ISAC: 20 Years as Your Trusted Cyber Defense CommunityEpisode 76: The Role of Thought Leadership in CybersecurityReasonable Cybersecurity GuideCybersecurity at Scale: Piercing the Fog of MoreIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

July 24, 2024Episode 9329 min

Episode 93: Keeping Societal Confidence in a Connected World

In episode 93 of Cybersecurity Where You Are, co-hosts Sean Atkinson and Tony Sager are joined once again by John Cohen, Executive Director of Countering Hybrid Threats at the Center for Internet Security® (CIS®).Together, they discuss a whole-of-society approach to help make the U.S. public resilient against multidimensional threats in our connected world.Here are some highlights from our episode:01:52. What the U.S. public needs to consider in order to strengthen its resilience06:04. How a national framework addresses the need for organizations to build resilience and intercommunication in the face of increasingly sophisticated threats11:41. Identifying who key partners are in a complex, hybrid world16:49. How people are responding to the national framework and where they are seeing value21:50. Clarifying hopes for the national framework going forwardResourcesJohn D. CohenEnhancing Safety in the Connected World — A National Framework for ActionEpisode 92: A Framework to Counter Evolving Cyber ThreatsWhy Whole-of-State Cybersecurity Is the Way ForwardPublic Water and Wastewater Sector Face Mounting Cyber ThreatThe National Cybersecurity StrategyIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

July 17, 2024Episode 9233 min

Episode 92: A Framework to Counter Evolving Cyber Threats

In episode 92 of Cybersecurity Where You Are, co-hosts Sean Atkinson and Tony Sager are joined by John Cohen, Executive Director of Countering Hybrid Threats at the Center for Internet Security® (CIS®). Together, they discuss "Enhancing Safety in the Connected World — A National Framework for Action," a multi-year project to help law enforcement and security professionals better contextualize and respond to evolving cyber threats.Here are some highlights from our episode:02:01. Why the current threat environment necessitates a framework that accounts for "cyber physical," "cyber safety," and other considerations08:48. How entities at the federal level and local law enforcement approach evolving cyber threats differently16:34. The different types of threats that characterize the evolving cyber threat environment22:05. How the Federalist Papers inform the Framework's "whole-of-society" approachResourcesJohn D. CohenEnhancing Safety in the Connected WorldEpisode 75: How GenAI Continues to Reshape CybersecurityWhy Whole-of-State Cybersecurity Is the Way ForwardEstablishing Essential Cyber HygieneIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.