x

75% of people globally want unbiased news (Pew Research) but are concerned they're not getting that.

Get balanced coverage with Symby. See how stories are covered across diverse outlets and spot when one side covers a story the other skips.

PODCAST

Framework: The Center for Internet Security (CIS) Top 18 Controls

The **CIS Critical Security Controls Audio Course** is a comprehensive, audio-first training series that guides listeners through all eighteen **CIS Controls**, transforming one of the world’s most respected cybersecurity frameworks into clear, actionable learning. Designed for professionals, students, and auditors alike, this series explains each control in practical, plain language—focusing on how to implement, assess, and sustain them in real environments. With eighty-three structured episodes,

technology courses

All Episodes

9:29

Episode 23 — Overview – Managing identity and accounts

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

Control 5, Account Management, addresses one of cybersecurity’s most exploited weaknesses—mismanaged credentials. Attackers often gain entry not through advanced exploits but through valid usernames and passwords left unprotected or unused. This control ensures that enterprises create, maintain, and monitor accounts responsibly across their lifecycle. It establishes clear processes for provisioning, auditing, and deactivating user, administrator, and service accounts. The objective is to

en

9:40

Episode 22 — Remaining safeguards summary (Control 4)

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

The remaining safeguards under Control 4 extend the secure configuration principle into everyday system operation, ensuring that protections remain active and measurable. They include requirements for implementing host-based and network firewalls, managing default accounts, disabling unnecessary services, enforcing session locks, and maintaining secure management protocols. Together, these measures harden systems by removing excess functionality and securing administrative access pathways

en

9:46

Episode 21 — Safeguard 4.2 – Automated configuration...

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

Safeguard 4.2 builds upon the secure baseline concept by emphasizing automation as the means to enforce and maintain configurations consistently. Manual configuration is error-prone, slow, and unsustainable at enterprise scale, particularly in hybrid and cloud environments where systems are provisioned and decommissioned daily. Automation eliminates human drift by ensuring that every deployed asset adheres to approved security settings from the moment it is created. Tools such as

en

10:31

Episode 20 — Safeguard 4.1 – Establish secure...

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

Safeguard 4.1 requires organizations to establish and maintain formal, secure configuration processes for all enterprise assets and software. This means defining standard settings that enforce the principles of least functionality and defense in depth. Each configuration baseline should specify security parameters such as user permissions, network services, authentication methods, and encryption requirements. For example, disabling unused ports, renaming or disabling default administrative

en

9:37

Episode 19 — Overview – Why secure configs matter

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

Secure configuration management forms the backbone of system hardening and operational stability. Control 4—Secure Configuration of Enterprise Assets and Software—addresses the risks associated with default settings, open services, and weak baseline security. Out-of-the-box configurations prioritize usability and convenience rather than protection, often leaving unnecessary features enabled or outdated protocols active. Attackers exploit these weaknesses to gain unauthorized access,

en

10:18

Episode 18 — Remaining safeguards summary (Control 3)

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

The remaining safeguards under Control 3 extend data protection across its entire lifecycle, ensuring that sensitive information is both managed and monitored. These include establishing clear ownership of data, documenting data flows, segmenting storage environments by sensitivity, and deploying Data Loss Prevention (DLP) solutions. Data ownership assigns accountability—every dataset has a custodian responsible for its handling, access, and compliance. Documenting data flows maps how

en

10:12

Episode 17 — Safeguard 3.3 – Data encryption at rest...

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

Safeguard 3.3 requires organizations to protect sensitive data through encryption, both when stored (at rest) and when moving across networks (in transit). Encryption transforms readable information into an unreadable form using cryptographic algorithms, ensuring that even if data is intercepted or stolen, it cannot be easily exploited. Encrypting data at rest protects information stored on servers, databases, laptops, or removable media from unauthorized access or loss. Encrypting data in

en

10:10

Episode 16 — Safeguard 3.2 – Data retention and disposal

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

Safeguard 3.2 ensures that organizations implement structured, defensible practices for retaining and disposing of data. Every enterprise accumulates vast amounts of information—some vital for business continuity, and some obsolete or redundant. Retaining data indefinitely increases both storage costs and security exposure. Attackers often exploit forgotten archives and unsecured backups because they contain sensitive information outside normal monitoring. This safeguard requires defining

en

8:55

Episode 15 — Safeguard 3.1 – Data classification and...

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

Safeguard 3.1 instructs organizations to establish and maintain a structured data management process, beginning with classification and inventory. This process determines what data exists, where it resides, who owns it, and how sensitive it is. Classification typically categorizes information as public, internal, confidential, or restricted, though labels may vary depending on industry or regulation. The goal is to assign clear handling requirements and protection levels to each category

en

8:33

Episode 14 — Overview – Protecting sensitive data

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

Data protection is the third pillar of the CIS Controls, and it addresses one of the most critical aspects of cybersecurity: safeguarding the organization’s most valuable asset—its information. Control 3 emphasizes the need to identify, classify, and secure data throughout its entire lifecycle, from creation to destruction. Unlike purely technical controls, data protection requires coordination across departments, blending security, legal, and operational responsibilities. Sensitive data

en

8:36

Episode 13 — Remaining safeguards summary (Control 2)

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

The remaining safeguards under Control 2 emphasize automation, enforcement, and continuous verification of software integrity. Safeguards 2.3 through 2.7 outline the operational lifecycle for managing software once the inventory and authorization baselines are established. They include removing or documenting exceptions for unauthorized software, using automated tools to detect installations, and deploying allowlists for approved applications, libraries, and scripts. These technical

en

9:43

Episode 12 — Safeguard 2.2 – Only allow authorized...

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

Safeguard 2.2 builds on inventory management by enforcing the principle that only approved and supported software should exist within the enterprise environment. Unauthorized or unmaintained applications can become significant liabilities, often introducing unpatched vulnerabilities or violating licensing and compliance obligations. This safeguard requires organizations to classify all software as either authorized or unauthorized, ensuring that only software meeting business, technical,

en

9:23

Episode 11 — Safeguard 2.1 – Maintain a software...

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

Safeguard 2.1 focuses on creating and maintaining a detailed, authoritative inventory of all software within an organization’s environment. This includes operating systems, applications, utilities, and any other programs capable of executing code or processing data. Each software entry should record its title, publisher, version, installation date, business purpose, and deployment mechanism. The inventory acts as the digital equivalent of a supply chain manifest—it shows what is running,

en

8:57

Episode 10 — Overview – Managing the software landscape

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

Just as organizations must maintain visibility into their hardware, they must also control the software that runs on it. Control 2 of the CIS framework—Inventory and Control of Software Assets—addresses the risks introduced by unauthorized, outdated, or vulnerable applications. Every piece of software represents potential entry points for attackers, whether through unpatched flaws or malicious code disguised as legitimate tools. By actively managing software inventories, organizations

en

9:54

Episode 9 — Remaining safeguards summary (Control 1)

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

The remaining safeguards under Control 1 build upon the foundation of asset inventory and unauthorized asset management by introducing proactive detection and continuous monitoring techniques. Safeguards 1.3 through 1.5 recommend using a combination of active, passive, and DHCP-based discovery methods to maintain a real-time view of connected assets. Active discovery tools periodically probe the network to identify devices, while passive sensors observe traffic to detect assets silently

en

8:48

Episode 8 — Safeguard 1.2 – Address unauthorized assets

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

Safeguard 1.2 emphasizes the importance of identifying and responding to unauthorized assets that appear within the enterprise environment. Unapproved devices can range from rogue wireless access points and personal laptops to forgotten test systems and decommissioned servers still connected to the network. Each represents a potential backdoor for attackers. The safeguard requires organizations to maintain an active process—executed weekly or more frequently—to detect and remediate these

en

8:36

Episode 7 — Safeguard 1.1 – Inventory of assets

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

Safeguard 1.1 directs organizations to establish and maintain a detailed inventory of all enterprise assets capable of storing or processing data. This includes not just traditional endpoints and servers but also virtual machines, network appliances, IoT devices, and cloud instances. The goal is to produce a living, authoritative record that accurately reflects the organization’s digital environment. Each entry in the inventory should capture attributes such as hardware and IP addresses,

en

7:37

Episode 6 — Overview – Why asset management is...

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

Asset management is the cornerstone of every effective cybersecurity program because you cannot protect what you do not know exists. Control 1 of the CIS framework—Inventory and Control of Enterprise Assets—focuses on developing a precise, continually updated record of all devices, systems, and components connected to the enterprise environment. These include desktops, laptops, servers, network devices, mobile phones, and even non-computing Internet of Things (IoT) assets such as printers

en

9:17

Episode 5 — Glossary of common cybersecurity terms

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

As cybersecurity practices mature, professionals encounter more specialized terminology that connects operational tactics to governance and technical architecture. Multi-Factor Authentication (MFA) enhances login security by requiring two or more proofs of identity—something you know, have, or are. Encryption transforms readable data into a coded form to protect its confidentiality both in transit and at rest. Patch management refers to the continuous process of applying vendor updates to

en

9:16

Episode 4 — Glossary of common cybersecurity terms

Framework: The Center for Internet Security (CIS) Top... ·

2025/10/18

Understanding cybersecurity language is fundamental to applying the CIS Controls effectively. Many terms describe foundational components of systems, threats, and defenses that appear throughout the framework. Asset refers to any device, software, or data that the organization must protect, while enterprise assets include servers, workstations, and IoT devices that store or process information. Vulnerability denotes a flaw that could be exploited by an adversary, and threat represents the

en

83 results

Similar Podcasts

Lead With AI

Tamara Nall

Linux in the Ham Shack

Black Sparrow Media

Data Engineering Podcast

Tobias Macey

Eye On A.I.

Craig S. Smith

Reflections

Livewire Labs