Cybersecurity Where You Are (video)

In episode 178 of Cybersecurity Where You Are, Sean Atkinson sits down with Theodore "TJ" Sayers, Senior Director of Threat Intelligence at the Center for Internet Security® (CIS®). Together, they discuss how to mount an appropriate defense to Iranian threat activity observed in February and March 2026.Here are some highlights from our episode:00:58. Iran's historical tit-for-tat style of cyber operations02:50. Regional targets: A primary focus of Iran's state-sponsored threat actors04:05. What the CIS Cyber Threat Intelligence (CTI) team is watching for05:19. Contextualizing a drop in precursor-related threat activity from Iran06:59. Sectors directly and indirectly affected by observed Iranian threat activity09:12. Password spraying, data wipers, and more: Common TTPs of Iranian threat groups11:50. The importance of cybersecurity awareness training in countering TTPs that still work16:07. Advice to SOC managers: How to detect what CIS CTI is expecting the most21:25. NASCIO's Top 10 Priorities as a guide for framing strategic risk of Iran's threat activity26:39. What an effective threat intel team does and does not do29:29. Community defense for U.S. State, Local, Tribal, and Territorial (SLTT) organizationsResourcesMulti-State Information Sharing and Analysis Center®Snap Call: Public Sector Threat Update Amid Conflict in IranHow to Defend Against Iran's Cyber Retaliation PlaybookCloudflare | Traffic in IranEpisode 143: Iran's Growing Multidimensional Threat ActivityEpisode 142: SLTTs and Their Nuanced Cybersecurity NeedsMS-ISAC Guide to DDoS AttacksExploited Protocols: Remote Desktop Protocol (RDP)Commonly Exploited Protocols: Server Message Block (SMB)State CIO Top Ten Policy and Technology Priorities for 2026If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In episode 177 of Cybersecurity Where You Are, Tony Sager sits down with Bob Gendler, IT Specialist at the National Institute of Standards and Technology (NIST), and Edward Byrd, Senior Cybersecurity Engineer of the CIS Benchmarks® at the Center for Internet Security® (CIS®). Together, they use the open-source macOS Security Compliance Project to discuss the power of community-developed security content.Here are some highlights from our episode:01:15. Introductions to Bob and Edward along with their first Mac devices03:24. Why CIS Benchmarks are needed for macOS05:49. The need to make security guidance a collaborative, ongoing exercise11:06. Inside the expanding community supporting the macOS Security Compliance Project16:59. A practical win: making daily security operations easier to manage21:40. An operational feedback loop of improving the CIS Benchmarks25:25. The implications of compliance pointing to assurance, not security30:53. Advice on how to prepare for an audit using the CIS Benchmarks34:18. The importance of rationale in defining reasonable cybersecurity behavior35:30. A teaser of upcoming changes and how to get involvedResourcesCIS Benchmarks ListMapping and Compliance with the CIS BenchmarksApple macOSCIS WorkBenchCIS CommunitiesEpisode 156: How CIS Uses CIS Products and ServicesReasonable CybersecurityIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In episode 176 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager sit down with Brock Boggs, Director of Technology at Cityscape Schools and Multi-State Information Sharing and Analysis Center® (MS-ISAC®) member, and Maureen Kunac, Senior Product Manager at the Center for Internet Security® (CIS®). Together, they discuss Brock's story of using incremental wins to advance his organization on its cybersecurity journey.Here are some highlights from our episode:02:10. Getting started making the largest measurable impact with CIS-CAT® Pro Assessor03:52. Implementation Group 1: A filter for prioritizing secure configuration management efforts09:16. The use of essential cyber hygiene to build an on-ramp to a security controls program11:18. Navigating breakage, dependency, and other principles of change management13:37. Lessons learned from beta testing and enterprise rollout of security changes22:24. Advice: How to start on a journey of system hardening with measurable impactResourcesEpisode 163: K-12 Cybersecurity Made PracticalFormalizing K-12 Cybersecurity Policies in Less TimeCIS-CAT® Pro AssessorCIS-CAT Pro Results Focus on CIS Controls IG1CIS Critical Security Controls®Guide to Implementation Groups (IG): CIS Critical Security Controls v8.1What SLTTs Should Know About the FREE CIS SecureSuite MembershipIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In episode 175 of Cybersecurity Where You Are, Tony Sager sits down with Phil Reitinger, Chair and Senior Advisor of Global Cyber Alliance. Together, they look back on Phil's career and his dedication to exploring how to practically solve cyber problems at scale.Here are some highlights from our episode:00:57. How Phil got started in cybersecurity during the "infosec" era04:51. Old wine in new bottles: trust exploitation, authentication failures, and update challenges06:14. The lack of political will, not technology, in solving fundamental cyber problems07:33. How industry and government share similar challenges in cybersecurity10:09. The importance of metrics in incentivizing the right actions12:33. Scale: the biggest obstacle to collective cyber defense there ever was or will be22:50. The Global Cyber Alliance and a focus on practically solving cyber problems at scaleResourcesEpisode 30: Solving Cybersecurity at Scale with NonprofitsEpisode 79: Advancing Common Good in Cybersecurity – Part 1Episode 80: Advancing Common Good in Cybersecurity – Part 2Quad9If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In episode 174 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager sit down with Kyle Leonard, Cyber Threat Intelligence Analyst at the Center for Internet Security® (CIS®), and Randy Rose, VP of Security Operations & Intelligence at CIS. Together, they continue their discussion of 2026 cybersecurity predictions from seven CIS experts, as shared on the CIS website.Here are some highlights from our episode:02:00. How cross-platform campaigns are becoming the norm03:09. Threat actors' use of generative artificial intelligence (GenAI) to expand their attacks and gain efficiencies05:08. The blurring line of what separates today's script kiddies from nation-state threat actors07:47. Fully autonomous malware: in the realm of possibility but not here yet13:19. How specialization in the criminal ecosystem requires us to rethink analysis itself16:07. Shrinking dwell time: a product of the democratization of complex tools' availability18:02. The effective use of social engineering to lower threat actors' operational costs19:20. Malware's increasing use of trusted infrastructure to thwart cyber defenses20:25. The use of behavioral analysis to apply bottleneck security mechanisms22:40. Evolving threat actors' tradecraft: pseudo-random subdomains, GenAI models, and SEO poisoning26:39. What trust looks like today: something that's dynamic and negotiated at a moment's notice31:25. Supply chain attackers' pivot to edge device vendors and security appliance makers33:43. The ongoing work of CIS to support state and local governments' cybersecurity effortsResourcesEpisode 169: 2026 Cybersecurity Predictions from CIS — Pt 1The Evolving Role of Generative Artificial Intelligence in the Cyber Threat LandscapeSurge of QakBot Activity Using Malspam, Malicious XLSB FilesActive Lumma Stealer Campaign Impacting U.S. SLTTsEpisode 173: Scammer Jousting as Human Risk ManagementClickFix: An Adaptive Social Engineering TechniqueImpact of Federal Funding Cuts to the Value of MS-ISAC CTIEpisode 157: How a Modern, Mission-Driven CIRT OperatesIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In episode 173 of Cybersecurity Where You Are, Sean Atkinson is joined by Roger Grimes, CISO Advisor at KnowBe4. Together, they discuss "scammer jousting," a term coined by Tony Sager which describes empowering organizations to manage human risk using simulated phishing.Here are some highlights from our episode:01:05. How simulated phishing and scammer jousting manage human risk03:48. The shift in perception of security awareness training over the past 20 years06:19. The need for testing to build capability and resiliency amongst employees09:27. The many faces of phishing attacks and the impact of generative artificial intelligence15:00. How gamification is proven to help users learn more in their cybersecurity training16:57. How data empowers organizations to communicate the potential impact of a phish19:57. The use of behavior engineering to foster a stronger security culture23:56. The value of customer feedback in continuously enhancing phishing training29:52. Continuous and hyper-personalized training as the future of spammer joustingResourcesEpisode 77: Data's Value to Decision-Making in CybersecurityEpisode 98: Transparency as a Tool to Combat Insider ThreatsA Short Guide for Spotting Phishing AttemptsCIS Controls v8.1 Security Awareness Skills Training Policy TemplateSANS Workforce Security and Risk TrainingThe Evolving Role of Generative Artificial Intelligence in the Cyber Threat LandscapeEpisode 110: How Security Culture and Corporate Culture MeshIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In episode 172 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager sit down with Chirag Arora, Cyber Security Executive Advisor and CISO at Dorf Nelson & Zauderer LLP. Together, they discuss how Chirag draws upon his experience as a CISO and his community work as a CIS Critical Security Controls® (CIS Controls®) Ambassador to help other CISOs with their cybersecurity programs.Here are some highlights from our episode:00:51. Introduction to Chirag and the early years of his work as a CIS Controls Ambassador06:03. The value of measurement and psychology when discussing assessments with CISOs09:00. Chirag's work on a CISO certification and vision for aligning it to the CIS Controls12:31. How open sharing of wisdom between CISOs makes the world more secure20:57. The importance of storytelling for CISOs, CIS Controls Ambassadors, and other leaders24:29. Chirag's use of law school to take his understanding of reasonableness up a level28:13. Regular opportunities for CIS Controls Ambassadors to discuss universal issues31:08. The heightened importance of nonprofit organizations bringing people togetherResourcesCIS Critical Security Controls®Episode 160: Championing SME Security with the CIS ControlsEpisode 168: Institutionalizing Good Cybersecurity IdeasReasonable Cybersecurity GuideSimplify Security Management with CIS SecureSuite PlatformCISO Certification by GlobalCISO Leadership Foundation™If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In episode 171 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager sit down with Soledad Antelada Toledano, Security Advisor, Office of the CISO, Google Cloud at Google. Together, they discuss securing critical national infrastructure (CNI) in U.S. State, Local, Tribal, and Territorial (SLTT) government organizations through artificial intelligence (AI) adoption.Here are some highlights from our episode:00:50. Introduction to Soledad02:48. How the convergence of informational technology (IT) and operational technology (OT) has created bigger attack surfaces04:10. The proliferation of threat actors targeting critical infrastructure sectors07:24. The challenge of legacy systems for U.S. SLTT owners of CNI08:13. Alert fatigue, limited visibility, and other challenges facing OT networks13:22. The value of automated cyber threat intelligence (CTI)24:46. Building strategic AI implementation around human in the loop (HITL)33:17. U.S. SLTTs' use of the cloud to test and build trust for securing CNIResourcesThe Changing Landscape of Security Operations and Its Impact on Critical InfrastructureCybersecurity for Critical InfrastructureEpisode 139: Community Building for the Cyber-UnderservedEpisode 119: Multidimensional Threat Defense at Large EventsLeveraging Generative Artificial Intelligence for Tabletop Exercise DevelopmentThe Evolving Role of Generative Artificial Intelligence in the Cyber Threat LandscapeEpisode 148: How MDR Helps Shine a Light on Zero-Day AttacksVulnerability Management Policy Template for CIS Control 7CIS Critical Security Controls v8.1 Industrial Control Systems (ICS) GuideIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In Episode 170 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager sit down with Douglas Holland, Senior Solutions Engineer at Akamai Technologies. Together, they discuss how U.S. State, Local, Tribal, and Territorial (SLTT) government organizations can increase their visibility to obstruct the attack attempts of Typhoon advanced persistent threat (APT) groups.Here are some highlights from our episode:00:49. Introduction to Douglas02:16. How Typhoon APTs are using trusted tools to target critical infrastructure08:30. Professionalism as a tell of sophisticated nation-state threat actors09:15. How U.S. SLTTs come up with creative solutions despite budgeting and staffing limits14:14. The "big credential playground" that is U.S. SLTTs' expanded attack surface16:46. Visibility into network activity as a way to continuously build defensive capability19:11. The use of context to connect technical visibility to defensive action23:20. Identity as the new perimeter, cloud and SaaS posture, and micro-segmentation29:18. One piece of advice: assume an attacker is already in the network or will beResourcesMalicious Domain Blocking and Reporting (MDBR)Living off the Land: The Power Behind PowerShellCybersecurity for Critical InfrastructureBuild a Zero Trust Roadmap for FinServ with CIS SecureSuiteIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In Episode 169 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager begin their discussion of 2026 cybersecurity predictions from seven experts at the Center for Internet Security® (CIS®), as shared on the CIS website.Here are some highlights from our episode:01:05. The impact and promise of artificial intelligence on cyber defense05:37. Collective action as an answer to the constraints facing the "cyber-underserved"12:52. Zero trust and security best practices as functions of managing cycles of time21:22. How tailored threat intelligence can help to frame cybersecurity around mission31:18. The convergence of cybersecurity and privacy as a necessity for governanceResourcesAn Introduction to Artificial IntelligenceCybersecurity for Critical InfrastructureEpisode 144: Carrying on the MS-ISAC's Character and CultureEpisode 142: SLTTs and Their Nuanced Cybersecurity NeedsCollective SLTT Cyber DefenseGuide to Implementation Groups (IG): CIS Critical Security Controls v8.1Episode 90: Migrating to the Cloud with Control ContinuityBuild a Zero Trust Roadmap for FinServ with CIS SecureSuiteSecure by Design: A Guide to Assessing Software Security PracticesEpisode 110: How Security Culture and Corporate Culture MeshEpisode 147: Actualizing Threat Intel for Effective DefenseLaw EnforcementReasonable Cybersecurity GuideNIST SP 800-207: Zero Trust ArchitectureEpisode 74: The Nexus of Cybersecurity & Privacy LegislationMapping and Compliance with the CIS ControlsMapping and Compliance with the CIS BenchmarksIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In Episode 168 of Cybersecurity Where You Are, Tony Sager sits down with Tony Rutkowski, one of the CIS Critical Security Controls® (CIS Controls®) Ambassadors of the Center for Internet Security® (CIS®). Together, they discuss what Tony Rutkowski has learned in his efforts to institutionalize good cybersecurity ideas like the CIS Controls.Here are some highlights from our episode:01:48. Introductions to Tony Rutkowski and his career in technology06:06. The evolution of the CIS Controls and how Tony Rutkowski came to advocate for them12:50. The "Fog of More" as a metaphor to focus attention, not create new solutions17:50. How institutionalizing good cybersecurity ideas is like conducting an orchestra21:44. The use of timing and the right security content to help people clarify their intentions24:25. The value of industry mappings in reducing duplicate implementation efforts26:41. Secure by design: a 2025 example of creating a new formal global technical standardResourcesEpisode 160: Championing SME Security with the CIS ControlsEpisode 167: Volunteers as a Critical Cybersecurity ResourceReasonable Cybersecurity GuideCybersecurity at Scale: Piercing the Fog of MoreMapping and Compliance with the CIS ControlsSecure by Design: A Guide to Assessing Software Security PracticesEpisode 164: Secure by Design in Software DevelopmentCIS Critical Security Controls Implementation GroupsIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In Episode 167 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager sit down with Kelley Misata, Ph.D., Chief Trailblazer and Founder at Sightline Security. Together, they discuss how volunteers constitute a critical cybersecurity resource for the Center for Internet Security® (CIS®). Along the way, they explore the nature of volunteerism, the role of volunteers at CIS, and how CIS is looking to mature its engagement with volunteers going forward.Here are some highlights from our episode:01:37. Introductions to Kelley and her experience with cybersecurity volunteers03:09. Kelley's use of research, expertise, and an open mind to check in with CIS volunteers04:50. How volunteers have deepened their passion and dedication with CIS for 25 years06:55. Volunteers as a critical cybersecurity resource for "One CIS" going forward10:51. Commitment, conflict resolution, and openness to formal process in CIS Communities14:39. The use of directionality and accolades to encourage different types of contributors19:43. The importance of flexibility in management to meet volunteers where they are20:30. Leadership, storytelling, and recruitment as opportunities for volunteerism at CIS24:37. The risk of volunteer burnout and how to protect against it26:00. Collaboration with employers to treat volunteerism as a growth experience30:09. A balancing act of making volunteers useful without depleting the mission34:51. Sean's take: volunteer management as the original Large Language Model (LLM)38:32. Other observations and final thoughtsResources25 Years of Creating Confidence in the Connected WorldCIS CommunitiesEpisode 160: Championing SME Security with the CIS ControlsStoryCorpsIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In Episode 166 of Cybersecurity Where You Are, Sean Atkinson sits down with Tyler Moore, Ph.D., Chair of Cyber Studies at the University of Tulsa, and Daniel Woods, Lecturer at the University of Edinburgh. Together, they review the foundations of actuarial science in cyber risk.Here are some highlights from our episode:00:48. Introductions to Tyler and Daniel01:22. How actuarial science fits into a traditional approach of risk modeling02:20. Why cyber risk has historically been difficult to quantify04:01. How data sources available to insurers and individual organizations have evolved07:21. Adaptability as a key principle to model risk for an evolving cyber threat landscape08:58. Loss distribution modeling for different types of cyber threats11:38. Similarities and differences between how actuaries and frameworks view risks13:10. Quantifying severity, frequency, and resilience to different cyber risks14:31. How insurers differ from underwriters in their view of risk17:43. Ransomware as a case study where actuarial modeling improved risk management22:30. The value of translating cyber risk to business risk for CISOs like Sean26:20. Why data on which security controls matter most remains elusive32:33. The biggest misconceptions of using actuarial models in cybersecurity36:09. How cyber actuarial science can help to determine what works in cybersecurityResourcesEpisode 121: The Economics of Cybersecurity Decision-MakingEpisode 105: Context in Cyber Risk QuantificationEpisode 77: Data's Value to Decision-Making in CybersecurityHow Risk Quantification Tests Your Reasonable Cyber DefenseEpisode 113: Cyber Risk Prioritization as Ransomware DefenseEpisode 65: Making Cyber Risk Analysis Practical with QRAFAIR: A Framework for Revolutionizing Your Risk AnalysisIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In Episode 165 of Cybersecurity Where You Are, Tony Sager sits down with Valecia Stocchetti, Senior Cybersecurity Engineer at the Center for Internet Security® (CIS®), and Charity Otwell, Director of Critical Security Controls at CIS. Together, they take an in-depth look at implementing the CIS Critical Security Controls® (CIS Controls®), including what you need to know to begin your own CIS Controls implementation efforts.Here are some highlights from our episode:00:53. Introductions to Valecia and Charity02:48. How the CIS Controls ecosystem answers the deeper question of how to implement06:42. The importance of clear strategy, business priorities, and a realistic timeline09:56. How the CIS Community Defense Model (CDM) clarifies cyber defense priorities13:01. The use of calculations around costing to make a security program achievable15:31. Bringing IT and the Board of Directors together through governance20:36. "Herding cats" as a metaphor for navigating different compliance frameworks23:17. Why one prescriptive ask per CIS Safeguard starts cybersecurity workflows25:30. "Why" vs. "how" communication, accountability, staffing, budget, and continuous improvement as keys to success for CIS Controls implementation42:03. CIS Controls Assessment Specification as an answer to implementation subjectivity47:21. Parting thoughts around team effort, change, and CIS Controls AccreditationResourcesCloud Companion Guide for CIS Controls v8.1CIS Community Defense Model 2.0The Cost of Cyber Defense CIS Controls IG1Episode 132: Day One, Step One, Dollar One for CybersecurityPolicy TemplatesEpisode 107: Continuous Improvement via Secure by DesignReasonable Cybersecurity GuideCIS Controls ResourcesCIS Controls Assessment SpecificationEpisode 156: How CIS Uses CIS Products and ServicesCIS Controls AccreditationControls AccreditationEpisode 102: The Sporty Rigor of CIS Controls AccreditationIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In Episode 164 of Cybersecurity Where You Are, Tony Sager sits down with Curt Dukes, EVP and General Manager of Security Best Practices at the Center for Internet Security® (CIS®), and Steve Lipner, Executive Director of SAFECode.org. Together, they explore the evolution of secure software development and why secure by design is critical for reducing risk in today’s complex environments.Here are some highlights from our episode:01:08. Introductions to Curt and Steve04.01. The historical challenge of implementation errors in software security08:41. The emergence of secure by design and the need to measure against specified criteria14:39. The value of artifacts as evidence of secure software development28:52: How the CIS Critical Security Controls® (CIS Controls®) support secure software39:59. The use of community projects to address challenges like secure by designResourcesSecure by Design: A Guide to Assessing Software Security PracticesHow Secure by Design Helps Developers Build Secure SoftwareCIS, SAFECode Launch Secure by Design Guide to Help Developers Meet National Software Security ExpectationsEpisode 107: Continuous Improvement via Secure by DesignSecure by DesignSecure Software Development FrameworkEpisode 63: Building Capability and Integration with SBOMsIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In Episode 163 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager sit down with Brock Boggs, Director of Technology at Cityscape Schools, and Maureen Kunac, Senior Product Manager at the Center for Internet Security® (CIS®). They dive into the realities and challenges of K-12 cybersecurity, including limited budgets, small teams, and growing threats.Brock shares how a ransomware incident at a neighboring school district and new state requirements pushed his district to take K-12 cybersecurity more seriously. He explains how CIS SecureSuite® tools gave him a clear starting point and helped him transform panic into progress. Maureen highlights how CIS continues to adapt its cybersecurity solutions for K-12 schools and why simplicity matters when resources are tight.Here are some highlights from our episode:00:47. Introductions to Brock and Maureen02:50. What prompted Cityscape Schools to prioritize cybersecurity and how Brock found CIS11:50. The importance of simplicity in making K-12 cybersecurity practical12:39. A collaborative journey of helping Brock get comfortable learning about cybersecurity22:52. A look back at Cityscape Schools pivoted to remote education during COVID-1934:20. Brock's advice for other school districts to get started with a cybersecurity programResourcesFormalizing K-12 Cybersecurity Policies in Less TimeHow to Plan a Cybersecurity Roadmap in 4 Steps2025 K-12 State of Cybersecurity Report: Where Education Meets Community ResilienceEpisode 142: SLTTs and Their Nuanced Cybersecurity Needs25 Years of Creating Confidence in the Connected WorldIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In Episode 162 of Cybersecurity Where You Are, Tony Sager sits down with Tina Williams-Koroma, Founder and CEO of TCecure, LLC and CyDeploy, Inc. Together, they discuss why "cyber insecurity is not inevitable" and how organizations can take a managed approach to attack surface management.Along the way, Tina shares her journey from software development to cybersecurity entrepreneurship and explains why proactive measures like hardening systems and automating patching are critical for reducing risk. Here are some highlights from our episode:00:50. Introductions to Tina, her career pivot, and her entrepreneurial path03:35. The value of the secure configuration guidance provided by the CIS Benchmarks®07:35. Why a well-managed system makes for a hard target11:00. Marketing against “magic” in a hype-driven cybersecurity market13:44. The translative work of moving well-managed infrastructure beyond "mere hygiene"19:14. Tina's faith-based inspiration for helping others get as far as she's gotten27:23. Soccer analogies for a managed attack surface33:54. Tina's pep talk: "Why cyber insecurity is not inevitable"38:38. Free cybersecurity resources for small businessesResourcesMapping and Compliance with the CIS BenchmarksGuide to Asset Classes: CIS Critical Security Controls v8.1Gartner Says That in the Age of GenAI, Preemptive Capabilities, Not Detection and Response, Are the Future of CybersecurityCIS Community Defense Model 2.0OwlThis — Powered By CyDeployIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In Episode 161 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Mishal Makshood, Azure Partner Alliance Manager at the Center for Internet Security® (CIS®), and David Kalish, Sr. Cybersecurity Solutions Engineer at CIS. Together, they explore how CIS Hardened Images® help to secure cloud environments and strengthen critical national infrastructure (CNI) resilience through collaboration.Mishal and David explain how these virtual machine images, which are pre-configured to the CIS Benchmarks®, serve as secure, scalable blueprints for cloud deployments. They highlight how CIS Hardened Images reduce human error, accelerate compliance, and foster trust across a global cybersecurity ecosystem that includes hyperscalers, supply chains, and public-private partnerships.Tony shares the origin story of the CIS Hardened Images and reflects on the evolution of cybersecurity from isolated efforts to a cooperative model built on shared standards and integrated tooling. The group also discusses how CIS Hardened Images align to frameworks and how they help organizations navigate multi-cloud environments while maintaining consistent security postures. Here are some highlights from our episode:00:50. Introductions to Mishal and David01:36. What CIS Hardened Images are and why they matter03:14. Why CIS Hardened Images are uniquely suited to strengthening CNI resilience04:24. The cultural shift toward working as an ecosystem to start from secure baselines06:34. The origin story of the CIS Hardened Images10:32. The value of taking guesswork out of secure configuration management in the cloud13:44. How CIS Hardened Images support compliance directly and through the CIS Critical Security Controls® (CIS Controls®)20:39. Building trust through cloud partnerships and collaboration28:50. The foundational role of configuration management in cybersecurity34:35. Getting started with strengthening your cloud security foundationResourcesCIS Hardened Images® ListSecure by Design: A Guide to Assessing Software Security PracticesSoftware Supply Chain Security25 Years of Creating Confidence in the Connected WorldMapping and Compliance with the CIS ControlsGuide to Implementation Groups (IG): CIS Critical Security Controls v8.1Build a Zero Trust Roadmap for FinServ with CIS SecureSuiteEpisode 154: Integration of Incident Response into DevSecOpsHow to Construct a Sustainable GRC Program in 8 StepsIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In Episode 160 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager sit down with Alan Watkins, CIS Controls Ambassador, to explore how the CIS Critical Security Controls® (CIS Controls®) empower small and medium-sized enterprises (SMEs) to build practical, scalable cybersecurity programs.Alan shares his journey from law enforcement to IT leadership in the City of San Diego and how his passion for supporting SME security led him to become a champion of the CIS Controls. The episode highlights the importance of translating complex cybersecurity guidance into actionable steps that SMEs can realistically implement even with limited resources.Here are some highlights from our episode:00:49. Introductions to Alan, his career path, and his connection to the CIS Controls11:43. How Alan supports SMEs to mature their cybersecurity postures18:04. The work of CIS Controls Ambassadors to "memorialize" security best practices22:23. The need to translate how cyber hygiene supports business success25:31. CIS WorkBench and in-person communities as avenues to get involvedResourcesImplementation Guide for Small- and Medium-Sized Enterprises CIS Controls IG1Establishing Essential Cyber HygieneEpisode 132: Day One, Step One, Dollar One for CybersecurityEpisode 97: How Far We've Come preceding CIS's 25th BirthdayPCI & CIS: Partners in Data Security2024 DBIR Findings & How the CIS Critical Security Controls Can Help to Mitigate Risk to Your OrganizationPolicy TemplatesIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In episode 159 of Cybersecurity Where You Are, Sean Atkinson is joined by Joshua Palsgraf, Sr. Cyber Threat Intelligence Analyst at the Center for Internet Security® (CIS®), and Randy Rose, Vice President of Security Operations & Intelligence at CIS. Together, they dive into the scariest malware of 2025 in this special Halloween edition.The conversation explores what makes today’s malware truly terrifying, from stealthy threats that hide in plain sight to modular malware that evolves faster than defenses can adapt. The trio also discusses the corporatization of cybercrime, the rise of Malware as a Service, and how generative artificial intelligence (GenAI) is lowering the barrier to entry for cybercriminals.Here are some highlights from our episode:00:42. Introductions to Josh and Randy02:21. What makes the scariest malware of 2025 truly "scary"05:42. Evolution of malware: people, process, and technology09:33. How the corporatization of malware helps to democratize cybercrime11:25. The most "terrifying" malware strains of 202515:49. Malware reincarnation: Old threats with new masks17:20. GenAI as the great equalizer for cybercriminals, especially social engineers23:32. Defense-in-depth and threat-informed strategies24:45. Why incident response playbooks must evolve and become living documents27:02. What incident response looks like for cloud assets in the Fourth Industrial Revolution29:27. Naming malware after horror movie iconsResourcesMulti-State Information Sharing and Analysis Center®Episode 144: Carrying on the MS-ISAC's Character and CultureEpisode 126: A Day in the Life of a CTI AnalystA Short Guide for Spotting Phishing AttemptsThe CIS Security Operations Center (SOC): The Key to Growing Your SLTT's Cyber MaturityEpisode 157: How a Modern, Mission-Driven CIRT OperatesLiving Off the Land: Scheduled TasksCyber defenders sound the alarm as F5 hack exposes broad risksEpisode 134: How GenAI Lowers Bar for Cyber Threat ActorsActive Lumma Stealer Campaign Impacting U.S. SLTTsMS-ISAC Member-Reported Phishing Likely from Tycoon2FA PhaaSClickFix: An Adaptive Social Engineering TechniqueTop 10 Malware Q1 2025CTAs Leveraging Fake Browser Updates in Malware CampaignsItalian police freeze cash from AI-voice scam that targeted business leadersCornCon Cybersecurity ConferenceIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.