Claim OwnershipCISSP Cyber Training Podcast - CISSP Training Program
Subscribed: 186Played: 3,900
Subscribe
© 2025 CISSP Cyber Training Podcast - CISSP Training Program
Description
Join Shon Gerber on his weekly CISSP Cyber Training podcast, where his extensive 23-year background in cybersecurity shines through. With a rich history spanning corporate sectors, government roles, and academic positions, Shon imparts the essential insights and advice necessary to conquer the CISSP exam. His expertise is not just theoretical; as a CISSP credential holder since 2009, Shon translates his deep understanding into actionable training. Each episode is packed with invaluable security strategies and tips that you can implement right away, giving you an edge in the cybersecurity realm. Tune in and take the reins of your cybersecurity journey—let’s ride into excellence together! 🚀
256 Episodes
Reverse
Send us a text Security professionals face a constant battle to keep up with evolving threats, and our latest CISSP Question Thursday podcast delivers critical insights into one of the most fundamental cybersecurity capabilities: effective logging and monitoring. The episode begins with a warning about a sophisticated attack campaign targeting recruiters. The hacker group FIN6 (Skeleton Spiders) has been creating fake candidate profiles with malware-laced resume attachments, tricking HR prof...
Send us a text Dive deep into the critical world of security logging and monitoring as we explore Domain 7.2 of the CISSP certification. This episode unpacks the strategic considerations behind effective logging practices that balance comprehensive visibility with practical resource management. We begin with a thought-provoking look at Anthropic's new AI chatbot designed specifically for classified government environments. Could this be the beginning of something like Skynet? While AI offers...
Send us a text The boundaries between digital vulnerabilities and physical warfare are dissolving before our eyes. Ukrainian forces have dramatically shifted military paradigms by marrying cybersecurity breaches with commercial drone attacks against strategic Russian targets like Tupolev aircraft manufacturers. This evolution demands security professionals develop capabilities far beyond traditional network defense – a stark reminder that our field continues expanding into unexpected territor...
Send us a text Vulnerability assessments serve as the frontline defense against cybersecurity threats, yet many professionals struggle to understand the terminology and methodologies that make them effective. In this comprehensive episode, we demystify the critical components of vulnerability management that every security practitioner should master – whether you're preparing for the CISSP exam or strengthening your organization's security posture. We begin by examining recent ransomware att...
Send us a text Ransomware attacks are surging at an alarming rate - a Scottish non-profit recently reported a 100% increase year-over-year, with fraud cases expected to exceed $33 million. Even more concerning, businesses report feeling less resilient against these threats than in previous years. As cybersecurity professionals, we have a responsibility to help organizations understand and mitigate these risks before they become existential threats. Today's CISSP Question Thursday dives deep ...
Send us a text Navigating the complex landscape of authentication frameworks is essential for any cybersecurity professional, especially those preparing for the CISSP exam. This deep-dive episode unravels the intricate world of authentication systems that protect our digital identities across multiple platforms and services. We begin by examining OAuth 2.0 and OpenID Connect (OIDC), exploring how these token-based frameworks revolutionize third-party authentication without exposing user cred...
Send us a text A shocking incident in Spain recently left 60% of the country's power grid dark in less than five seconds. Was it a cyber attack? The jury's still out, but this real-world event perfectly illustrates why understanding access controls and security mechanisms is critical for today's cybersecurity professionals. Sean Gerber, despite battling a cold that affects his voice, delivers a compelling analysis of the Spanish power grid incident before diving into essential CISSP domain f...
Send us a text Cybersecurity professionals need a solid understanding of secure communication protocols, not just for exam success but for real-world implementation. This episode unpacks the essential protocols covered in CISSP Domain 4.1.3, providing clear explanations of how each works and when to use them. We begin with a timely discussion of the recent UnitedHealthcare hack, examining how ransomware crippled Change Healthcare systems nationwide. This case study highlights the critical im...
Send us a text Security regulations are changing dramatically in response to major breaches, and the implications for cybersecurity professionals are profound. Sean Gerber kicks off this episode with a career announcement, sharing his transition to independent consulting after 13 years with his previous employer—a move that highlights the evolving opportunities in the cybersecurity field. The heart of this episode examines the recent UnitedHealthcare breach, where attackers targeted Change H...
Send us a text Ever wondered how your sensitive messages stay secure in an increasingly dangerous digital landscape? The answer lies in message integrity controls, digital signatures, and certificate validation – the core components of modern cybersecurity we tackle in this episode. We begin with a timely breakdown of Microsoft's recent security breach by Russian hackers who stole source code by exploiting a test environment. This real-world example perfectly illustrates why proper security ...
Send us a text What happens when a security professional falls victim to malicious AI? The consequences can be devastating, as demonstrated by our analysis of a recent high-profile breach where a Disney security engineer downloaded AI-generated artwork containing hidden malware. This sophisticated attack led to the theft of 1.1 terabytes of sensitive corporate data and resulted in criminal charges for the attacker and career devastation for the victim. We break down exactly how it happened an...
Send us a text Four million people affected by a single data breach. Let that sink in. This sobering reality frames today's deep dive into Domain 2 of the CISSP exam: Asset Security. As cybersecurity professionals, understanding how to establish proper information and asset handling requirements isn't just academic—it's essential for preventing exactly these types of incidents. The podcast tackles the complete data security lifecycle, beginning with the foundations of asset security and the ...
Send us a text The cybersecurity talent gap is widening at an alarming rate. According to the 2023 ISC² Global Workforce Study, we're facing a shortfall of 5.5 million cybersecurity professionals by 2024, with the workforce needing to grow 12.6% annually just to keep pace with demand. Yet growth is stalling at only 8.7%, creating both challenges and unprecedented opportunities for those pursuing cybersecurity careers. What might surprise aspiring security professionals is that technical skil...
Send us a text The rapid evolution of artificial intelligence and machine learning has created a pivotal moment for financial institutions. As these organizations race to implement AI solutions, they face both transformative opportunities and significant cybersecurity challenges that demand immediate attention. Sean Gerber draws from over 20 years of cybersecurity experience to demystify the complex intersection of AI, machine learning, and financial security. With his straightforward approa...
Send us a text Ever wonder why organizations with robust cybersecurity teams still fall victim to devastating attacks? The answer often lies not in fancy technology but in something far more fundamental: documentation. In this eye-opening episode, Shon Gerber takes listeners into the critical world of cybersecurity documentation hierarchy, revealing how properly structured policies, standards, procedures, and guidelines form an organization's first and most important line of defense against ...
Send us a text Cybersecurity isn't just for enterprises—small and medium businesses face increasingly sophisticated threats with fewer resources to combat them. In this information-packed episode, Shon Gerber explores why cybersecurity matters critically for SMBs while delivering practical CISSP exam questions focused on Domain 8.3. Shon begins by examining how even non-tech businesses rely heavily on digital systems, making them vulnerable to attacks that could devastate operations. A ranso...
Send us a text Software security assessment can make or break your organization's defense posture, yet many professionals struggle with implementing effective evaluation strategies. This deep dive into CISSP Domain 8.3 reveals critical approaches to software security that balance technical requirements with business realities. The recent funding crisis surrounding CVEs (Common Vulnerability Exposures) serves as a perfect case study of how fragile our security infrastructure can be. When the ...
Send us a text Wondering how to tackle incident response questions on the CISSP exam? This episode delivers exactly what you need, walking through fifteen essential incident management scenarios that test your understanding of this critical domain. Sean Gerber breaks down the fundamentals of incident management, exploring how security professionals should approach detection, response, mitigation, and recovery. From distinguishing between legitimate security incidents and routine activities t...
Send us a text Cybersecurity incidents aren't a matter of if, but when. Are you prepared to respond effectively? Sean Gerber takes us through the complete incident response lifecycle, breaking down the seven essential phases every security professional must master. From developing comprehensive response plans to conducting effective post-incident analysis, this episode provides actionable guidance for both CISSP candidates and working cybersecurity practitioners. The stakes couldn't b...
Send us a text The collision of artificial intelligence and cybersecurity takes center stage in this episode as we explore how Agentic AI is revolutionizing Security Operations Centers. Moving beyond simple assistant AI or co-pilots, this new generation of autonomous systems proactively investigates alerts, follows structured playbooks, and performs triage at scale—potentially liberating human analysts from the crushing weight of alert fatigue. For security professionals and organizations st...
Comments
Download from Google Play
Download from App Store
United States