Cybersecurity Where You Are

In episode 101 of Cybersecurity Where You Are, Sean Atkinson is joined by Justin Kohler, Vice President of Products at SpecterOps, and Jonathan Parfait, Technical Account Manager at SpecterOps.Together, they discuss how the visualization of attack paths in Active Directory helps organizations to better contextualize risks to their enterprise security.Here are some highlights from our episode:01:54. What Bloodhound is and how it assists organizations in assessing risks in their Active Directory environments05:08. Why have organizations look at their Active Directory environments11:15. Common vulnerabilities and misconfigurations identified by Bloodhound21:21. How organizations can best use Bloodhound as part of their cyber defensive strategy29:18. How Bloodhound is adapting to keep up with evolving Active Directory environmentsResourcesBloodhound Community EditionEpisode 62: Inside the 'Spidey Sense' of a PentesterWhat You Need to Know About Hybrid Cloud EnvironmentsVulnerability Management Policy Template for CIS Control 7CIS Benchmarks ListIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].

In episode 99 of Cybersecurity Where You Are, Sean Atkinson is joined by Marcus Sachs, SVP and Chief Engineer at the Center for Internet Security® (CIS®).Together, they discuss how cyber-informed engineering builds resilience to the potential failure of a digital system into new and existing engineering products.Here are some highlights from our episode:03:51. What cyber-informed engineering is and how this paradigm has emerged11:39. What CIS is doing to emphasize cyber-informed engineering among U.S. State, Local, Tribal, and Territorial (SLTT) government organizations16:25. Why resilience requires everyone to be "cyber-informed"20:50. The need for boards of directors and C-Suite leaders to understand cybersecurity risk25:30. What preparations help to lay the foundation for cyber-informed engineeringResourcesCyber-Informed EngineeringNational Cyber-Informed Engineering StrategyCyber-Informed Engineering Implementation GuideEpisode 75: How GenAI Continues to Reshape CybersecuritySmart Cities Need Smarter SecurityIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].

In episode 98 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Roger Grimes, Data-Driven Defense Evangelist at KnowBe4.Together, they embrace transparency as a vehicle for the cybersecurity industry to better defend against insider threats.Here are some highlights from our episode:01:28. How KnowBe4 detected an insider threat from North Korea09:09. How the Center for Internet Security® (CIS®) responded to news of this incident21:02. The role of technical controls in detecting these types of threats23:56. Common signs you can use to detect fake employees in your hiring process29:22. How cybersecurity companies can use this incident to improve their defensesResourcesHow a North Korean Fake IT Worker Tried to Infiltrate UsNorth Korean Fake IT Worker FAQEpisode 77: Data's Value to Decision-Making in CybersecurityDefense-in-Depth: A Necessary Approach to Cloud SecurityeBook: A CISO’s Guide to Bolstering Cybersecurity PostureIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].

In episode 97 of Cybersecurity Where You Are, Tony Sager is joined by the following guests:Dr. Ramon Barquin, Board Member at the Center for Internet Security® (CIS®) and President and Chief Executive Officer at Barquin InternationalFranklin Reeder, Director Emeritus and Founding Chair of CIS as well as Director of the National Cybersecurity Scholarship FoundationClint Kreitner, Founding President/CEO and Former Board Member at CISTogether, they look back at how much CIS has accomplished as an organization in the leadup to its 25th birthday.Here are some highlights from our episode:06:04. What brought everyone to CIS's founding meeting at the Cosmos Club16:08. The first steps to operationalizing the takeaways of the Cosmos Club meeting25:40. How CIS's business model came to be34:24. The events that brought the Multi-State Information Sharing and Analysis Center® (MS-ISAC®) into CIS42:42. Tracing the past forward to where we are nowResources20 Years of Creating Confidence in the Connected WorldEpisode 35: Remembering the Late Alan PallerReasonable Cybersecurity GuideEpisode 79: Advancing Common Good in Cybersecurity – Part 1MS-ISAC: 20 Years as Your Trusted Cyber Defense CommunityDr. Ramon BarquinFranklin ReederIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].