Cybersecurity Where You Are (video)

In Episode 162 of Cybersecurity Where You Are, Tony Sager sits down with Tina Williams-Koroma, Founder and CEO of TCecure, LLC and CyDeploy, Inc. Together, they discuss why "cyber insecurity is not inevitable" and how organizations can take a managed approach to attack surface management.Along the way, Tina shares her journey from software development to cybersecurity entrepreneurship and explains why proactive measures like hardening systems and automating patching are critical for reducing risk. Here are some highlights from our episode:00:50. Introductions to Tina, her career pivot, and her entrepreneurial path03:35. The value of the secure configuration guidance provided by the CIS Benchmarks®07:35. Why a well-managed system makes for a hard target11:00. Marketing against “magic” in a hype-driven cybersecurity market13:44. The translative work of moving well-managed infrastructure beyond "mere hygiene"19:14. Tina's faith-based inspiration for helping others get as far as she's gotten27:23. Soccer analogies for a managed attack surface33:54. Tina's pep talk: "Why cyber insecurity is not inevitable"38:38. Free cybersecurity resources for small businessesResourcesMapping and Compliance with the CIS BenchmarksGuide to Asset Classes: CIS Critical Security Controls v8.1Gartner Says That in the Age of GenAI, Preemptive Capabilities, Not Detection and Response, Are the Future of CybersecurityCIS Community Defense Model 2.0OwlThis — Powered By CyDeployIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In Episode 161 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Mishal Makshood, Azure Partner Alliance Manager at the Center for Internet Security® (CIS®), and David Kalish, Sr. Cybersecurity Solutions Engineer at CIS. Together, they explore how CIS Hardened Images® help to secure cloud environments and strengthen critical national infrastructure (CNI) resilience through collaboration.Mishal and David explain how these virtual machine images, which are pre-configured to the CIS Benchmarks®, serve as secure, scalable blueprints for cloud deployments. They highlight how CIS Hardened Images reduce human error, accelerate compliance, and foster trust across a global cybersecurity ecosystem that includes hyperscalers, supply chains, and public-private partnerships.Tony shares the origin story of the CIS Hardened Images and reflects on the evolution of cybersecurity from isolated efforts to a cooperative model built on shared standards and integrated tooling. The group also discusses how CIS Hardened Images align to frameworks and how they help organizations navigate multi-cloud environments while maintaining consistent security postures. Here are some highlights from our episode:00:50. Introductions to Mishal and David01:36. What CIS Hardened Images are and why they matter03:14. Why CIS Hardened Images are uniquely suited to strengthening CNI resilience04:24. The cultural shift toward working as an ecosystem to start from secure baselines06:34. The origin story of the CIS Hardened Images10:32. The value of taking guesswork out of secure configuration management in the cloud13:44. How CIS Hardened Images support compliance directly and through the CIS Critical Security Controls® (CIS Controls®)20:39. Building trust through cloud partnerships and collaboration28:50. The foundational role of configuration management in cybersecurity34:35. Getting started with strengthening your cloud security foundationResourcesCIS Hardened Images® ListSecure by Design: A Guide to Assessing Software Security PracticesSoftware Supply Chain Security25 Years of Creating Confidence in the Connected WorldMapping and Compliance with the CIS ControlsGuide to Implementation Groups (IG): CIS Critical Security Controls v8.1Build a Zero Trust Roadmap for FinServ with CIS SecureSuiteEpisode 154: Integration of Incident Response into DevSecOpsHow to Construct a Sustainable GRC Program in 8 StepsIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In Episode 160 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager sit down with Alan Watkins, CIS Controls Ambassador, to explore how the CIS Critical Security Controls® (CIS Controls®) empower small and medium-sized enterprises (SMEs) to build practical, scalable cybersecurity programs.Alan shares his journey from law enforcement to IT leadership in the City of San Diego and how his passion for supporting SME security led him to become a champion of the CIS Controls. The episode highlights the importance of translating complex cybersecurity guidance into actionable steps that SMEs can realistically implement even with limited resources.Here are some highlights from our episode:00:49. Introductions to Alan, his career path, and his connection to the CIS Controls11:43. How Alan supports SMEs to mature their cybersecurity postures18:04. The work of CIS Controls Ambassadors to "memorialize" security best practices22:23. The need to translate how cyber hygiene supports business success25:31. CIS WorkBench and in-person communities as avenues to get involvedResourcesImplementation Guide for Small- and Medium-Sized Enterprises CIS Controls IG1Establishing Essential Cyber HygieneEpisode 132: Day One, Step One, Dollar One for CybersecurityEpisode 97: How Far We've Come preceding CIS's 25th BirthdayPCI & CIS: Partners in Data Security2024 DBIR Findings & How the CIS Critical Security Controls Can Help to Mitigate Risk to Your OrganizationPolicy TemplatesIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In episode 159 of Cybersecurity Where You Are, Sean Atkinson is joined by Joshua Palsgraf, Sr. Cyber Threat Intelligence Analyst at the Center for Internet Security® (CIS®), and Randy Rose, Vice President of Security Operations & Intelligence at CIS. Together, they dive into the scariest malware of 2025 in this special Halloween edition.The conversation explores what makes today’s malware truly terrifying, from stealthy threats that hide in plain sight to modular malware that evolves faster than defenses can adapt. The trio also discusses the corporatization of cybercrime, the rise of Malware as a Service, and how generative artificial intelligence (GenAI) is lowering the barrier to entry for cybercriminals.Here are some highlights from our episode:00:42. Introductions to Josh and Randy02:21. What makes the scariest malware of 2025 truly "scary"05:42. Evolution of malware: people, process, and technology09:33. How the corporatization of malware helps to democratize cybercrime11:25. The most "terrifying" malware strains of 202515:49. Malware reincarnation: Old threats with new masks17:20. GenAI as the great equalizer for cybercriminals, especially social engineers23:32. Defense-in-depth and threat-informed strategies24:45. Why incident response playbooks must evolve and become living documents27:02. What incident response looks like for cloud assets in the Fourth Industrial Revolution29:27. Naming malware after horror movie iconsResourcesMulti-State Information Sharing and Analysis Center®Episode 144: Carrying on the MS-ISAC's Character and CultureEpisode 126: A Day in the Life of a CTI AnalystA Short Guide for Spotting Phishing AttemptsThe CIS Security Operations Center (SOC): The Key to Growing Your SLTT's Cyber MaturityEpisode 157: How a Modern, Mission-Driven CIRT OperatesLiving Off the Land: Scheduled TasksCyber defenders sound the alarm as F5 hack exposes broad risksEpisode 134: How GenAI Lowers Bar for Cyber Threat ActorsActive Lumma Stealer Campaign Impacting U.S. SLTTsMS-ISAC Member-Reported Phishing Likely from Tycoon2FA PhaaSClickFix: An Adaptive Social Engineering TechniqueTop 10 Malware Q1 2025CTAs Leveraging Fake Browser Updates in Malware CampaignsItalian police freeze cash from AI-voice scam that targeted business leadersCornCon Cybersecurity ConferenceIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In episode 158 of Cybersecurity Where You Are, Sean Atkinson is joined by Andy Weidner, Product Manager at Nerdio, and Jason Ingalls, Chief Cybersecurity Officer at C3 Integrated Solutions. Together, they explore how organizations can navigate the complexities of Cybersecurity Maturity Model Certification (CMMC) compliance using automation, scalable infrastructure, and hardened cloud environments.The conversation dives into the challenges faced by managed service providers (MSPs) and defense contractors, the importance of baking in security from the start, and how Nerdio’s platform acts as a force multiplier for compliance and operational efficiency. Jason shares a compelling anecdote from his time in a security operations center (SOC), illustrating the real-world stakes of cybersecurity and the origins of CMMC.Here are some highlights from our episode:00:44. Introductions to Andy and Jason01:17. How to address common challenges of CMMC compliance03:40. A real-world story of data exfiltration and its national security impact08:34. How Nerdio and CIS Hardened Images® help organizations in their CMMC journey12:15. Understanding the vision to scale configuration management18:14. Strategy and automation as key elements to approaching CMMC Level 225:19. The value of baking scalability in vs. bolting it on26:38. Segregation of duties as a means of pursuing dual-scope CMMC certification29:22. Where to learn more about Nerdio and C3 Integrated SolutionsResourcesNerdioC3 Integrated SolutionsCIS Hardened Images®How to Plan a Cybersecurity Roadmap in 4 StepsCIS Controls v8.1 Mapping to CMMC 2.0CIS Controls v8.1 Mapping to NIST SP 800-53 Rev 5CIS Controls v8.1 Mapping to NIST SP 800-171 Rev 3If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In episode 157 of Cybersecurity Where You Are, Sean Atkinson sits down with Matthew Grieco, Cyber Incident Response Team (CIRT) Principal Analyst at the Center for Internet Security® (CIS®), and Dustin Cox, CIRT Analyst at CIS. Together, they explore the unpredictable world of cyber incident response. From ransomware investigations to digital forensics, the team shares how they adapt to evolving threats, leverage open-source tools, and collaborate to support state and local governments. The conversation highlights the mission-driven mindset that fuels their work and the importance of continuous learning, effective communication, and teamwork in cybersecurity. Here are some highlights from our episode:00:44. Introductions to Matt and Dustin01:20. Inside the typically untypical day of a CIRT analyst05:33. Continuous learning and teamwork as ways to keep up with evolving threats07:38. Inside the cybersecurity tooling used by CIRT to support state and local governments14:51. How different skillsets on the team produce a unified incident response methodology19:26. The work of a mission-driven team to uncover root causes for security incidents25:52. An example of a case handled by Matt and Dustin30:16. How CIRT assesses potential talent and looks for problem solversResourcesMulti-State Information Sharing and Analysis Center®The CIS Security Operations Center (SOC): The Key to Growing Your SLTT's Cyber MaturityEpisode 152: Driving Response Time While Enriching TelemetryEpisode 126: A Day in the Life of a CTI AnalystCombatting RansomwareIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In episode 156 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Stephanie Gass, Sr. Director of Information Security at Center for Internet Security® (CIS®), and Angelo Marcotullio, Chief Information Officer at CIS. Together, they explore how CIS practices what it preaches by using CIS products and services internally, which includes implementation of the CIS Critical Security Controls® (CIS Controls®) and CIS Benchmarks®, automation, and alignment to compliance frameworks. Their discussion highlights how CIS builds a strong cybersecurity foundation while adapting to evolving threats and regulatory requirements.The conversation dives into practical applications, cultural alignment, and the importance of repeatable processes for scaling security across new products and services. It also touches on the role of privacy regulations, cyber risk quantification, and the community-driven approach that underpins CIS best practices. Here are some highlights from our episode:01:12. Why CIS “drinks its own champagne” when it comes to cybersecurity02:56. Three ways the CIS Controls help modern enterprises defend against threat actors04:02. The importance of pulling together security lessons learned in a way that's translatable10:03. Our use of the CIS Controls to align to SOC 2, ISO 27001, and other frameworks12:01. How governance, risk, and compliance (GRC) engineering works with automation to help build repeatable processes22:43. The role of collaboration and communication in building a cybersecurity program27:17. Privacy regulations as a catalyst for security innovation30:24. The CIS Community Defense Model and evidence-based practices32:40. How CIS leverages lessons learned to improve our security best practicesResourcesEpisode 146: What Security Looks Like for a Security CompanyImplementation Guide for Small and Medium-Sized Enterprises CIS Controls IG1How to Construct a Sustainable GRC Program in 8 StepsMapping and Compliance with the CIS ControlsCIS Completes SOC 2 Type II Audit Using CIS Best PracticesEpisode 74: The Nexus of Cybersecurity & Privacy LegislationCIS Community Defense Model 2.0Episode 121: The Economics of Cybersecurity Decision-MakingEpisode 77: Data's Value to Decision-Making in CybersecurityCIS CommunitiesIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In episode 155 of Cybersecurity Where You Are, Tony Sager is joined by John Gilligan, President and Chief Executive Officer (CEO) of the Center for Internet Security® (CIS®). Together, they reflect on 25 years of progress for CIS and look ahead to the future. They explore the driving forces behind "CIS 2.0," including the shift toward addressing multidimensional threats, expanding CIS’s audience, and leveraging tools driven by generative artificial intelligence (GenAI). Their discussion highlights how CIS is adapting to a new era while staying true to its mission-driven roots and foundational principles. Here are some highlights from our episode:01:11. The need for a mission-driven nonprofit to support the role of government04:28. Understanding the primary catalyst behind CIS 2.005:53. Multidimensional threats, expanded audiences, and revamped tools as adaptive opportunities12:57. The challenge of linking technology risk to operational risk13:45. How attackers tend to be more systems-level thinkers than defenders15:50. Culture as a support system for navigating the evolving skills and processes of CIS 2.022:24. Collaboration, partnerships, mission focus, and culture as foundational CIS elements31:11. How our engagement with state and local governments, thought leadership, and products and services will change going forward40:47. Parting thoughts and an important reminderResources25 Years of Creating Confidence in the Connected WorldEpisode 119: Multidimensional Threat Defense at Large EventsStrengthening Critical Infrastructure: SLTT Progress & PrioritiesEnhanced Cyber Resilience as a Secure Cyber CityThe CIS Security Operations Center (SOC): The Key to Growing Your SLTT's Cyber MaturityEpisode 115: Continuous Feedback as CIS Employee CultureEpisode 125: How Leadership Principles Influence CIS CultureCIS CultureCIS CommunitiesEpisode 97: How Far We've Come preceding CIS's 25th BirthdayWhy Whole-of-State Cybersecurity Is the Way ForwardAn Introduction to Artificial IntelligenceReasonable CybersecurityIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In episode 154 of Cybersecurity Where You Are, Sean Atkinson discusses incident response in DevSecOps, exploring challenges and solutions in modern software development. He emphasizes the importance of integrating security into development processes and speaks about common issues like alert fatigue and software supply chain vulnerabilities. Here are some highlights from our episode:01:32. Common challenges with modern software development03:54. High-speed and continuous deployment07:08. Incident correlation with cloud deployment strategies10:00. Software supply chain vulnerabilities12:45. Alert fatigue and false positives14:30. Testing and automation as enablers of real-time anomaly detection17:40. The responsibility of incident responders to understand what they see18:58. Automated control and a projectized approach to implementing zero trust21:26. Oversight and governance with artificial intelligence and machine learning23:24. Continuous improvement and early detection28:08. Continuous monitoring and logging, automation, and incident response drills30:03. Moving down a path of helping incident responders become culturally awareResourcesCloud Security and the Shared Responsibility ModelCIS Software Supply Chain Security GuideAn Introduction to Artificial IntelligenceDefense-in-Depth: A Necessary Approach to Cloud SecurityEpisode 63: Building Capability and Integration with SBOMsEpisode 44: A Zero Trust Framework Knows No EndLeveraging Generative Artificial Intelligence for Tabletop Exercise DevelopmentIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In episode 153 of Cybersecurity Where You Are, Sean Atkinson is joined by Jason Ashong, IT Support Specialist at the Center for Internet Security® (CIS®). Jason shares his journey from tinkering with tech as a kid to working in IT and pursuing cybersecurity research. The conversation covers education, mentorship, hands-on experience, and advice for newcomers entering the field. Here are some highlights from our episode:01:10. Jason’s early days in IT of fixing devices and breaking things to learn02:14. First professional IT/helpdesk experience at Dutchess Community College03:48. The importance of mentors pushing you to grow06:02. Jason’s advice to students of understanding foundational computing knowledge08:45. The value of technical skills in networking, cryptography, and coding11:00. Hands-on experience through labs, competitions, and research projects16:08. Self-confidence, practice, and dedicated time as tips for navigating the job market19:29. The role of attitude in opening up new opportunities24:40. Jason flips the script and interviews SeanMistakes to avoid when entering the field: imposter syndrome and perfectionismCybersecurity as a path of continuous learningOpportunities for newcomers with experience in artificial intelligence and data scienceResourcesEpisode 129: Embedding Cybersecurity in Project ManagementEpisode 95: AI Augmentation and Its Impact on Cyber DefenseEpisode 44: A Zero Trust Framework Knows No EndTryHackMeHack The BoxIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In episode 152 of Cybersecurity Where You Are, Sean Atkinson is joined by Cliff Moten, Manager, Cybersecurity Solutions Engineering at the Center for Internet Security® (CIS®); and Richard Vargas, Security Operations Center Manager at CIS. Together, they discuss how the 24x7x365 CIS Security Operations Center (SOC) and CIS Managed Detection and Response™ (CIS MDR™) work together to accelerate response time while enriching telemetry. Here are some highlights from our episode:01:40. Demystifying SOCs and MDR as cybersecurity concepts02:52. How the CIS SOC works to provide information, context, and next steps for an event05:04. Artificial intelligence and automation as ways to accelerate response time10:20. Real-world instances where a fast response time made a difference13:10. What it means to support underfunded organizations with the resources they need17:22. The role of contextual cyber threat intelligence in accelerating response times19:01. The value of security orchestration, automation, and response (SOAR) in helping defenders move quickly27:33. Lessons that organizations can use to cut down on their incident response timesResourcesThe CIS Security Operations Center (SOC): The Key to Growing Your SLTT's Cyber MaturityEpisode 148: How MDR Helps Shine a Light on Zero-Day AttacksEpisode 144: Carrying on the MS-ISAC's Character and CultureEpisode 137: National Cybersecurity Through SLTT ResilienceCombatting RansomwareEstablishing Essential Cyber HygieneCIS Community Defense Model 2.0If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In episode 151 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager conclude their mid-year review of 12 Center for Internet Security® (CIS®) experts' cybersecurity predictions for 2025. Here are some highlights from our episode:01:12. The importance of consolidating security operations and using what already exists03:18. The promise of generative artificial intelligence (GenAI) in relieving grunt work08:26. The great responsibility and burden of integrating GenAI into business operations10:53. How control and inspection generate trust in systems17:57. Post-quantum cryptography, IoT in edge computing, and GenAI's sociopolitical risks30:21. The need for a more holistic understanding of compliance33:34. Why zero trust doesn't mean "no trust"36:56. The need for AI as an element of critical security control41:33. The dynamic challenge of protecting all assets with varying levels of securityResources12 CIS Experts' Cybersecurity Predictions for 2025Episode 145: 2025 Cybersecurity Predictions H2 Review — Pt 1Episode 135: Five Lightning Chats at RSAC Conference 2025Establishing Essential Cyber HygieneEpisode 95: AI Augmentation and Its Impact on Cyber DefenseGuide to Asset Classes: CIS Critical Security Controls v8.1An Examination of How Cyber Threat Actors Can Leverage Generative AI PlatformsAn Introduction to Artificial IntelligenceEpisode 120: How Contextual Awareness Drives AI GovernanceEpisode 118: Preparing for Post-Quantum CryptographyEpisode 63: Building Capability and Integration with SBOMsEpisode 99: How Cyber-Informed Engineering Builds ResilienceMapping and Compliance with the CIS ControlsMapping and Compliance with the CIS BenchmarksCIS Community Defense Model 2.0If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In episode 150 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Chad Rogers, Sr. Manager, Digital Media Services, at the Center for Internet Security® (CIS®); Rudy Uhde, Video Editor at CIS; and David Bisson, Sr. Content Strategist at CIS. Together, they use a roundtable chat to celebrate 150 episodes of Cybersecurity Where You Are. Here are some highlights from our episode:01:33. How the cybersecurity landscape and podcast have changed since Episode 10005:40. The "labor of love" that goes into editing and preparing an episode for publication12:13. Memorable guests and moments that changed the team's thinking about cybersecurity25:45. How the larger podcast team drives continuous improvement and innovation30:13. Parting thoughts for the audienceResourcesEpisode 100: Celebrating 100 Episodes and Looking AheadEpisode 149: Human Error, AI Missteps, and Other VM RisksEpisode 9: Mitigating Risk: Information Security GovernanceEpisode 96: Making Continuous Compliance Actionable for SMBsEpisode 121: The Economics of Cybersecurity Decision-MakingEpisode 114: 3 Board Chairs Reflect on 25 Years of CommunityEpisode 136: How WiCyS Advances Women in CybersecurityEpisode 120: How Contextual Awareness Drives AI GovernanceEpisode 116: AI-Enhanced Ransomware and Defending Against ItEpisode 146: What Security Looks Like for a Security CompanyEpisode 110: How Security Culture and Corporate Culture MeshIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In episode 149 of Cybersecurity Where You Are, Sean Atkinson is joined by Chris McCullar, Director of Sales, Cloud Security, at the Center for Internet Security® (CIS®); and Mishal Makshood, Sr. Cloud Security Account Executive at CIS. Together, they discuss how to navigate human error, artificial intelligence (AI) missteps, and other landmarks in a new frontier of virtual machine (VM) risks. Here are some highlights from our episode:00:50. Introductions with Chris and Mishal02:20. The ongoing need to address the risk of human error when configuring VMs04:55. The value of building trusted security into a VM image by design07:28. A reality check of what the shared responsibility model means to an organization13:06. How the integration of AI into DevOps accelerates both automation and mistakes15:21. The importance of a secure foundation in the cloud on which you can build with AI18:19. Automated enforcement and AI's role in complementing human judgment21:03. Two examples how CIS resources can drive governance and policy integration28:05. Cybersecurity as a community-driven team sport30:33. Lifecycle management as a way of addressing organizations' security needsResourcesKeep the Cloud Secure with CIS after Migrating to the CloudAutomated Compliance: The Byproduct of Holistic HardeningMeet the Shared Responsibility Model with New CIS ResourcesEpisode 135: Five Lightning Chats at RSAC Conference 20252025 Data Breach Investigations ReportIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In episode 148 of Cybersecurity Where You Are, Sean Atkinson is joined by Rob Reese, Cyber Incident Response Team Manager at the Center for Internet Security® (CIS®); Dustin Cox, Cyber Incident Response Team Analyst at CIS; and Cliff Moten, Manager, Cybersecurity Solutions Engineering at CIS. Together, they discuss how organizations can use Managed Detection and Response (MDR) tools to help defend against zero-day attacks. Here are some highlights from our episode:01.06. Demystifying zero-day vulnerabilities with a definition02:36. Why zero-day attacks are some of the most serious threats facing organizations today04:19. Examples of zero-day exploits and how these threats affect Incident Response (IR)10:06. The importance of understanding your environment and patch management13:58. How MDR assists with behavioral analysis, assembling holistic inventories, and IR20:02. The role of asset inventories in determining scope and containing a zero-day incident24:08. Why it's important to have humans managing and monitoring an MDR solution27:11. MDR as a means of centralizing evidence of a zero-day attack30:05. Parting thoughts for those concerned with their endpoint security postureResourcesCIS Managed Detection and Response™ (CIS MDR)Multi-State Information Sharing and Analysis Center®CIS Critical Security Control 1: Inventory and Control of Enterprise AssetsCIS Critical Security Control 2: Inventory and Control of Software AssetsThe CIS Security Operations Center (SOC): The Key to Growing Your SLTT's Cyber MaturityReal-Time Indicator FeedsIncident Response Policy Template for CIS Control 17If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In episode 147 of Cybersecurity Where You Are, Sean Atkinson is joined by John Cohen, Executive Director of the Program for Countering Hybrid Threats at the Center for Internet Security® (CIS®); and Kaitlin Drape, Hybrid Threat Intelligence Analyst at CIS. Together, they discuss how to actualize threat intel for the purpose of building effective defense programs and operational response plans. Here are some highlights from our episode:01:27. Which two questions you want to answer when providing intelligence on a threat05:19. How to avoid underutilizing or misunderstanding the utility of threat intel13.18. A real-life story from John of when intelligence made a difference in a security incident17:05. The foundation and building blocks of maturing your threat intelligence program22:14. The value of working with non-intelligence groups to formulate effective response plans24:22. CIS's ongoing work to help organizations proactively ingest and use threat intel28:24. How cross-collaboration across an organization brings threat intel into a lifecycle31:01. Kaitlin's work as an exemplar of how to make threat intelligence operational36:20. The ongoing evolution of hybrid threat intel to inform meaningful operational responsesResourcesThreatWA™How Threat Modeling, Actor Attribution Grow Cyber DefensesCountering Multidimensional Threats: Lessons Learned from the 2024 ElectionEpisode 119: Multidimensional Threat Defense at Large EventsSinaloa cartel used phone data and surveillance cameras to find FBI informants, DOJ saysIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In episode 146 of Cybersecurity Where You Are, Tony Sager is joined by Angelo Marcotullio, Chief Information Officer at the Center for Internet Security®(CIS®); and Stephanie Gass, Sr. Director of Information Security at CIS. Together, they look back on periods of transition at CIS to discuss what security looks like for a security company. Here are some highlights from our episode:00:58. Introductions with Angelo and Stephanie02:07. A pro and a con of IT consulting work04:12. The importance of soft skills in bringing the Multi-State Information Sharing and Analysis Center® into CIS06:12. Looking at security from a corporate perspective with the CIS Critical Security Controls07:08. How IT and IT security are essential to corporate strategy07:45. The use of governance to support merging three business units into an integrated security company12:04. The value of security champions in adapting to regulatory and business changes15:15. What IT and Security teams can accomplish when they work as partners17:18. The use of data to inform Board decisions and conversations around risk20:38. How getting a seat at the table helps with understanding a Board's risk appetite and communicating that out to teams25:01. How infrastructure built for growth, not the smallest business case, produced a smooth transition to work from home in March 202029:30. Advice for folks starting out in security31.28. The importance of collaboration and culture in implementing security as an organizationResourcesEpisode 144: Carrying on the MS-ISAC's Character and CultureThe CIS Security Operations Center (SOC): The Key to Growing Your SLTT's Cyber MaturityGuide to Implementation Groups (IG): CIS Critical Security Controls v8.1CIS Controls v8.1 Mapping to ISO/IEC 27001:2022CIS Controls v8.1 Mapping to SOC2CIS Controls v8.1 Mapping to NIST SP 800-171 Rev 3Reasonable CybersecurityEpisode 110: How Security Culture and Corporate Culture MeshIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In episode 145 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager begin their mid-year review of 12 Center for Internet Security® (CIS®) experts' cybersecurity predictions for 2025. Here are some highlights from our episode:01:14. Verizon's Data Breach Investigations Report as a source of enlightenment and humility02:28. The use of generative artificial intelligence (GenAI) to finely tune phishing emails06:31. Cyber threat actors' Darwinian efficiency in adopting new technology07:50. Policies, oversight, and compliance in slowing defenders' adoption of technology10:30. The two-sided, dynamic challenge of managing supply chain risk18:23. Cybersecurity as a strategic business investment in protecting revenue20:40. The value of partnerships in determining rational social expectations for cybersecurity26:45. Rapid recap of several of our 2025 cybersecurity predictions28:43. Designing technology with human awareness to create a culture of responsibility32:29. The need to rethink what "connected" means in our complex worldResources12 CIS Experts' Cybersecurity Predictions for 2025Episode 117: 2025 Cybersecurity Predictions from CIS Experts2025 Data Breach Investigations Report2024 DBIR Findings & How the CIS Critical Security Controls Can Help to Mitigate Risk to Your OrganizationEpisode 119: Multidimensional Threat Defense at Large EventsHow to Construct a Sustainable GRC Program in 8 StepsSociety of Information Risk AnalystsReasonable CybersecurityEpisode 135: Five Lightning Chats at RSAC Conference 2025If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In episode 144 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Carlos Kizzee, Senior Vice President of Multi-State Information Sharing and Analysis Center® (MS-ISAC®) at the Center for Internet Security®(CIS®). Together, they discuss how the MS-ISAC's new funding model helps to carry on the character and culture of this collaborative cyber defense community. Here are some highlights from our episode:01:11. The unique mission, history, and value of building community at the MS-ISAC05:36. A new fee-based model to preserve services and support amid federal funding changes07:08. Service continuity as a commitment to U.S. State, Local, Tribal, and Territorial entities09:45. Initial feedback and considerations heard at the 2025 ISAC Annual Meeting11:40. The new membership funding model and how it preserves SLTT collaboration15:25. A cost-effective approach to securing the "cyber-underserved"19:31. The range of U.S. SLTT government organizations who can enroll as members now21:59. The illusion of "free" in helping U.S. SLTTs to strengthen their cyber defenses22:55. Why U.S. SLTTs need to enroll in paid MS-ISAC membership before October 1, 202528:03. Scale as the key to making MS-ISAC activities as cost-effective as possible30:05. The essential need for U.S. SLTT government organizations to invest in the MS-ISACResourcesMulti-State Information Sharing and Analysis Center®Episode 142: SLTTs and Their Nuanced Cybersecurity NeedsEpisode 137: National Cybersecurity Through SLTT ResilienceISAC Annual MeetingMS-ISAC Membership ResourcesBecome an MS-ISAC MemberEpisode 30: Solving Cybersecurity at Scale with NonprofitsIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In episode 143 of Cybersecurity Where You Are, Sean Atkinson is joined by John Cohen, Executive Director of the Program for Countering Hybrid Threats at the Center for Internet Security®(CIS®). Together, they discuss Iran's evolving multidimensional threat activity following U.S. airstrikes on Iranian nuclear facilities in June 2025. Here are some highlights from our episode:00:49. Lessons from the past on how Iran might respond to the U.S. airstrikes in June 202504:56. The use of informed practice and continuous awareness to better prepare defenders06:41. Recap of Iranian multidimensional threat activity observed between 2024 and 202511:53. The impact of contextual intelligence and education in driving threat awareness19:17. Why understanding of impact is critical to addressing a business risk23:09. Three things you need to do to be an effective threat briefer25:07. The use of tabletop exercises (TTXs) to promote incident response26:56. The 2024 General Election as a case study of what threat preparedness can doResourcesThreatWA™US hits 3 Iranian nuclear sites, Trump says, plunging America into conflictAre national security threats a concern after U.S. military strike on Iranian nuclear sites?New report: Hacker for El Chapo helped boss hunt and kill FBI informantsMS-ISAC Guide to DDoS AttacksWith July 4 just days away, US law enforcement on high alert for Iran retaliationIran-linked hackers threaten to release Trump aides' emailsIranian-aligned hackers claim responsibility for Truth Social cyberattackIranian-Aligned Hackers Claim Responsibility for Attack on Trump’s Truth Social PlatformStates and Congress wrestle with cybersecurity after Iran attacks small town water utilitiesNYPD deploying additional resources across city following US strikes on IranCIS Critical Security Controls v8.1 Industrial Control Systems (ICS) GuideEnhancing Safety in the Connected World — A National Framework for ActionEpisode 138: The Use of GenAI to Refine Your TTX DevelopmentCountering Multidimensional Threats: Lessons Learned from the 2024 ElectionIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.