x

75% of people globally want unbiased news (Pew Research) but are concerned they're not getting that.

Get balanced coverage with Symby. See how stories are covered across diverse outlets and spot when one side covers a story the other skips.

PODCAST

Framework: The Center for Internet Security (CIS) Top 18 Controls

The **CIS Critical Security Controls Audio Course** is a comprehensive, audio-first training series that guides listeners through all eighteen **CIS Controls**, transforming one of the world’s most respected cybersecurity frameworks into clear, actionable learning. Designed for professionals, students, and auditors alike, this series explains each control in practical, plain language—focusing on how to implement, assess, and sustain them in real environments. With eighty-three structured episodes,

technology courses

All Episodes

11:15

Episode 63 — Overview – Human factor in cyber defense

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

Control 14—Security Awareness and Skills Training—addresses the most variable element in cybersecurity: human behavior. Technology can block many attacks, but user actions often determine whether defenses hold or fail. This control ensures that employees understand the threats they face and know how to respond appropriately. Effective awareness programs transform users from potential vulnerabilities into active participants in defense. Topics typically include recognizing phishing attempts,

en

10:57

Episode 62 — Remaining safeguards summary (Control 13)

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

The remaining safeguards under Control 13 enhance monitoring precision, response efficiency, and overall situational awareness. They include collecting network traffic flow logs, enforcing port-level access control, and tuning alert thresholds regularly. Collecting flow logs provides visibility into data movement and communication patterns, supporting both security analysis and capacity planning. Port-level access control—using technologies such as 802.1X—verifies the identity of devices

en

9:15

Episode 61 — Safeguard 13.3 – Anomaly detection

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

Safeguard 13.3 focuses on detecting anomalies within network activity that may signal emerging threats or compromised systems. Traditional defenses rely on predefined signatures, but anomaly detection analyzes behavioral patterns—such as unexpected traffic spikes, irregular data transfers, or unusual login times—to identify suspicious deviations from normal operations. These systems use statistical baselines or machine learning models to understand what “normal” looks like for the

en

10:10

Episode 60 — Safeguard 13.2 – Segmentation and filtering

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

Safeguard 13.2 extends the principle of defense in depth by enforcing traffic segmentation and filtering between network zones. The goal is to limit unnecessary communication paths so that even if one area is compromised, attackers cannot easily move laterally. Segmentation divides the network into distinct trust zones—such as production, development, and user environments—while filtering defines which traffic types are permitted between them. Firewalls, access control lists (ACLs), and

en

10:09

Episode 59 — Safeguard 13.1 – Intrusion detection and...

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

Safeguard 13.1 requires organizations to centralize security event alerting and deploy systems that can detect and, when appropriate, block malicious activity across enterprise networks and endpoints. Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) play complementary roles: IDS monitors traffic for suspicious behavior and generates alerts, while IPS actively blocks or quarantines detected threats. The safeguard emphasizes integration—alerts should feed into

en

10:30

Episode 58 — Overview – Monitoring as the nervous system

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

Control 13—Network Monitoring and Defense—represents the organization’s sensory system for detecting, analyzing, and responding to cyber threats. Even the best preventive controls can fail, making continuous monitoring essential for timely detection and containment. This control requires enterprises to collect and analyze network telemetry to identify anomalies, intrusions, and suspicious behaviors. The goal is to develop situational awareness across all environments—on-premises, cloud, and

en

10:04

Episode 57 — Remaining safeguards summary (Control 12)

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

The remaining safeguards under Control 12 reinforce disciplined management of network infrastructure by combining secure management, centralized authentication, and dedicated administrative environments. They require enforcing secure network protocols such as SSH and HTTPS, centralizing authentication through AAA (Authentication, Authorization, and Accounting) services, and establishing separate systems for administrative work. These practices ensure that network devices are managed

en

10:33

Episode 56 — Safeguard 12.3 – Remove legacy and...

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

Safeguard 12.3 requires organizations to identify, isolate, and remove legacy or unused network devices that no longer serve operational or security purposes. Outdated hardware and abandoned configurations pose a hidden but significant risk—they often lack vendor support, remain unpatched, and may still provide active network connections that attackers can exploit. These devices can also create bottlenecks or interfere with newer technologies, introducing inefficiencies alongside

en

9:59

Episode 55 — Safeguard 12.2 – Secure and configure...

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

Safeguard 12.2 focuses on the secure configuration and segmentation of network infrastructure, ensuring that devices operate within controlled, least-privilege boundaries. Secure network architecture begins with clear separation between critical and general-purpose segments—isolating administrative networks, production systems, and user environments to limit lateral movement. The safeguard also mandates consistent configuration management that enforces encryption, access control, and

en

10:01

Episode 54 — Safeguard 12.1 – Maintain network diagrams

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

Safeguard 12.1 requires organizations to establish and maintain accurate network architecture diagrams, ensuring complete visibility of how assets and data connect across the enterprise. These diagrams should depict physical, virtual, and cloud components, including routers, switches, firewalls, wireless access points, and external service connections. By visualizing these relationships, administrators can identify single points of failure, redundant paths, and potential vulnerabilities in

en

9:40

Episode 53 — Overview – Network devices and hygiene

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

Control 12—Network Infrastructure Management—ensures that the systems responsible for connecting, routing, and protecting enterprise communications are securely configured, maintained, and monitored. Network infrastructure includes routers, switches, firewalls, wireless access points, and virtual gateways—components that form the backbone of connectivity and data flow. Because these devices sit at the intersection of internal and external systems, attackers often target them to intercept

en

9:42

Episode 52 — Remaining safeguards summary (Control 11)

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

The remaining safeguards within Control 11 establish a comprehensive framework for secure, reliable data recovery. They include protecting recovery data with equivalent security controls as production data, maintaining an isolated instance of backups, and ensuring encryption and access control mechanisms safeguard stored copies. These measures guarantee that recovery repositories themselves do not become attack targets. Backups must be shielded from ransomware and insider threats by using

en

10:12

Episode 51 — Safeguard 11.2 – Testing data recovery

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

Safeguard 11.2 requires organizations to test their data recovery capabilities on a regular basis, validating that backup systems and restoration procedures function as intended. Backups only hold value if they can be successfully restored when needed. Testing confirms data integrity, verifies procedural accuracy, and reveals gaps in both technology and human readiness. The safeguard calls for quarterly recovery tests—or more frequent exercises for critical systems—covering a representative

en

10:50

Episode 50 — Safeguard 11.1 – Backup process design

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

Safeguard 11.1 directs organizations to establish and maintain a documented data recovery process that defines how, where, and when critical information is backed up. The process must specify scope, recovery priorities, and the security of backup data. It also outlines responsibilities, schedules, and verification procedures. Automated backup solutions ensure that important data is captured regularly—ideally daily—and that copies are protected from tampering, deletion, or ransomware

en

10:01

Episode 49 — Overview – Planning for inevitable failures

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

Control 11—Data Recovery—acknowledges an unavoidable truth in cybersecurity: failures, whether caused by attacks, accidents, or system errors, are inevitable. The focus of this control is to ensure that organizations can restore critical assets and operations to a trusted state after an incident. Recovery is not only about backup copies; it is about the ability to rebuild functionality and confidence quickly, reducing downtime and loss. This control mandates defining, implementing, and

en

9:57

Episode 48 — Remaining safeguards summary (Control 10)

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

The remaining safeguards under Control 10 reinforce malware defense through layered, automated protection and proactive monitoring. These include automatic signature updates, disabling autorun and autoplay on removable media, scanning all external storage upon connection, enabling anti-exploitation features, and centralizing anti-malware management. Each measure addresses a different stage of the attack chain—prevention, detection, and containment. For example, disabling autorun stops

en

9:17

Episode 47 — Safeguard 10.2 – Endpoint detection and...

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

Safeguard 10.2 expands traditional anti-malware defenses by introducing Endpoint Detection and Response (EDR)—a technology designed to detect, analyze, and contain threats that bypass signature-based systems. EDR platforms monitor endpoint behavior in real time, capturing telemetry such as process creation, registry changes, and network connections. This data enables security analysts to identify anomalies indicative of advanced or fileless attacks that would otherwise remain hidden. The

en

9:17

Episode 46 — Safeguard 10.1 – Anti-malware solutions

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

Safeguard 10.1 directs organizations to deploy and maintain anti-malware software on all enterprise assets to provide a frontline defense against malicious code. This includes endpoints, servers, and mobile devices that connect to corporate networks. Anti-malware solutions serve as the first detection and containment layer against viruses, ransomware, and spyware, inspecting files and processes for known patterns or suspicious behavior. These systems continuously monitor activity, blocking

en

9:35

Episode 45 — Overview – Malware threats and defenses

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

Control 10—Malware Defenses—addresses the ongoing challenge of detecting, preventing, and mitigating malicious code across the enterprise. Malware encompasses a broad spectrum of threats, including viruses, Trojans, ransomware, and fileless attacks that exploit legitimate processes. These threats evolve continuously, often leveraging automation, obfuscation, and artificial intelligence to evade detection. The control’s objective is to deploy technical and procedural measures that reduce

en

9:20

Episode 44 — Remaining safeguards summary (Control 9)

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

The remaining safeguards under Control 9 expand email and web browser protection into a comprehensive strategy against social engineering and content-based attacks. They include implementing DNS filtering services, maintaining URL filters, restricting unauthorized extensions, deploying DMARC authentication, blocking unnecessary file types, and maintaining email server anti-malware defenses. Each of these measures targets a specific weakness in the content-delivery chain. DNS and URL

en

83 results

Similar Podcasts

Lead With AI

Tamara Nall

Linux in the Ham Shack

Black Sparrow Media

Data Engineering Podcast

Tobias Macey

Eye On A.I.

Craig S. Smith

Reflections

Livewire Labs