Cybersecurity Where You Are (audio)

• Episode 134: How GenAI Lowers Bar for Cyber Threat Actors

  In episode 134 of Cybersecurity Where You Are, Sean Atkinson is joined by Randy Rose, VP of Security Operations & Intelligence at the Center for Internet Security® (CIS®); and Timothy Davis, Lead Cyber Threat Intelligence (CTI) Analyst at CIS. Together, they discuss how generative artificial intelligence (GenAI) lowers the barrier of entry for cyber threat actors (CTAs). Here are some highlights from our episode:01:37. CTAs' use of GenAI to improve their existing campaigns03:38. The need for CTI teams to look beyond language in analyzing GenAI-enabled threats07:22. The evolving impact of GenAI on phishing campaigns, malware development, deepfakes, and malicious Artificial Intelligence as a Service (AIaaS) offerings12:28. How GenAI increases the the speed at which CTAs can scale their efforts17:29. Technical barriers and other limitations that shape CTAs' use of GenAI22:46. A historical perspective of AI-enabled cybersecurity and how GenAI can support cybersecurity awareness training26:50. The cybersecurity benefits of AI and machine learning (ML) capabilities for clustering data29:05. What the future might hold for GenAI from an offensive and defensive perspectiveResourcesThe Evolving Role of Generative Artificial Intelligence in the Cyber Threat LandscapeEpisode 89: How Threat Actors Are Using GenAI as an EnablerEpisode 95: AI Augmentation and Its Impact on Cyber Defense12 CIS Experts' Cybersecurity Predictions for 2025CIS Critical Security Controls®Multi-State Information Sharing and Analysis Center®If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].

  --------  

  39:48
• Episode 133: DieNet's DDoS Hacktivism and Evolving TTPs

  In episode 133 of Cybersecurity Where You Are, Sean Atkinson is joined by Lauren McFayden, Threat Intelligence Analyst at the Center for Internet Security® (CIS®). Together, they discuss the Distributed Denial of Service (DDoS) hacktivism of DieNet and how the group continues to evolve its Tactics, Techniques, and Procedures (TTPs). Here are some highlights from our episode:01:22. An overview of DieNet and its emergence on Telegram01:55. DDoS attacks and the potential for service disruptions02:55. DieNet's pro-Palestinian ideology and opposition to the 47th U.S. Presidential Administration05:00. U.S. and foreign targets claimed by the group06:30. DieNet's history of claiming attacks against U.S. critical national infrastructure (CNI)10:33. Two pieces of evidence used to partially assess the credibility of a claimed attack15:16. How DieNet v2 suggests an escalation of attack strategies20:43. How the DDoS hacktivist group may continue to evolve its TTPs in subsequent versions23:48. The use of the CIS Critical Security Controls (CIS Controls) to reduce an attack surface25:56. How ThreatWA stands out in keeping you informed about emerging threatsResourcesHacktivist Group DieNet Claims DDoS Attacks against U.S. CNIMS-ISAC Guide to DDoS AttacksThreatWACIS Critical Security Control 1: Inventory and Control of Enterprise AssetsCIS Critical Security Control 2: Inventory and Control of Software AssetsCIS Critical Security Control 3: Data ProtectionEpisode 44: A Zero Trust Framework Knows No EndIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].

  --------  

  32:33
• Episode 132: Day One, Step One, Dollar One for Cybersecurity

  In episode 132 of Cybersecurity Where You Are, Sean Atkinson is joined by Valecia Stocchetti, Sr. Cybersecurity Engineer of the CIS Critical Security Controls (CIS Controls) at the Center for Internet Security® (CIS®). Together, they discuss what the first day, step, and dollar of implementing a controls framework look like for organizations stepping into their cybersecurity journey. Here are some highlights from our episode:01:54. Building and improving a cybersecurity program through the power of consensus04:55. The use of an assessment to determine where you are and where you're going09:15. How cross-mapping to multiple frameworks simplifies regulatory compliance efforts12:00. The use of governance to secure leadership buy-in for your cybersecurity program13:33. Continuous auditing and monitoring as tools for adapting to change15:10. How Controls prioritization flows through the Implementation Groups (IGs)19:39. Leadership as the backbone for getting any business program off the ground22:59. Calculating the cost of cyber defense as a preventative action24:55. Tradeoffs with security tools to keep in mind so that you can budget efficiently30:00. Qualifications when using security offerings of MSPs and CSPsResourcesCIS Community Defense Model 2.0How Risk Quantification Tests Your Reasonable Cyber DefenseCIS Controls Self Assessment Tool (CIS CSAT)Guide to Implementation Groups (IG): CIS Critical Security Controls v8.1How to Plan a Cybersecurity Roadmap in 4 StepsThe Cost of Cyber Defense: CIS Controls IG1If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].

  --------  

  34:35
• Episode 131: It Takes a Village to 'Reasonably' Secure SoCal

  In episode 131 of Cybersecurity Where You Are, Tony Sager is joined by Stan Stahl, PhD, Founder and President of SecureTheVillage. Together, they discuss how SecureTheVillage, a nonprofit and inaugural Alan Paller Laureate Program awardee, is using a collaboration-driven approach to enhance reasonable cybersecurity awareness and practices within Southern California (SoCal). Here are some highlights from our episode:01:07. An introduction to Stan and how he came to champion small business cybersecurity04:28. How SecureTheVillage emerged to support small businesses' cybersecurity needs using the power of community07:15. The need for nonprofits to play a strong role in addressing cybersecurity challenges12:01. How Stan drew inspiration from Alan Paller and support from the Alan Paller Laureate Program to advance SecureTheVillage's work17:57. Reasonable cybersecurity as part of SecureTheVillage's foundation story22.13. Aligning cybersecurity needs to the goals of public policy25:33. What's next for SecureTheVillage29:52. Closing thoughts on why a "village" model for cybersecurity is so importantResourcesAlan Paller Laureate ProgramImplementation Guide for Small- and Medium-Sized Enterprises CIS Controls IG1Episode 30: Solving Cybersecurity at Scale with NonprofitsReasonable Cybersecurity GuideIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].

  --------  

  32:56
• Episode 130: The Story and Future of CIS Thought Leadership

  In episode 130 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by John Gilligan, President and Chief Executive Officer (CEO) of the Center for Internet Security® (CIS®). Set against the backdrop of the 2025 CIS Annual Full Staff Meeting, they celebrate 25 years of CIS, including the "serendipity" by which the company became a global cybersecurity thought leader. They also discuss how this thought leadership may evolve over the next 25 years. Here are some highlights from our episode:01:30. How CIS started along with how John and Tony initially got involved07:12. How CIS thought leadership changed with the absorption of the "SANS Top 20," the precursor of the CIS Critical Security Controls11:04. The "serendipity" through which CIS grew and formalized its sales, funding, support, and other operations in the 2010s15:18. How mission and culture advanced CIS to its 25th anniversary in 202522:52. What the future might hold for "CIS 2.0"Resources25 Years of Creating Confidence in the Connected WorldEpisode 97: How Far We've Come preceding CIS's 25th BirthdayEpisode 114: 3 Board Chairs Reflect on 25 Years of CommunityEpisode 76: The Role of Thought Leadership in CybersecurityEpisode 125: How Leadership Principles Influence CIS CultureEpisode 120: How Contextual Awareness Drives AI GovernanceEpisode 119: Multidimensional Threat Defense at Large EventsIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].

  --------  

  32:38

Meer Technologie podcasts

Trending Technologie -podcasts

Over Cybersecurity Where You Are (audio)