Sign up to save your podcasts
Or
Share CCT 094: Assessment, Compliance, and Improvement Strategies (CISSP Domain 6.5)
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
CCT 094: Assessment, Compliance, and Improvement Strategies (CISSP Domain 6.5)
Send us a text
Ever wonder how safe your data really is in the cloud? Or what steps are necessary to ensure your organization's compliance with critical cybersecurity standards? You won't want to miss our latest episode where we tackle these tough questions head-on, promising to leave you more informed and prepared to safeguard your organization's valuable digital assets. We dive into the complexities of compliance assessments and audit strategies, exemplified by Japan's Space Agency's recent cyber attack. We also unpack the nuanced differences between internal and external audits, all while guiding you through the often confusing maze of legal and regulatory compliance.
In a world where cyber threats are an everyday reality, understanding how to identify vulnerabilities within your organization's systems has never been more crucial. We'll take you through the practicalities of penetration testing, and break down the differences between black box and white box tests. You'll learn how hackers use methodical, stealthy approaches to bypass your security measures, while gaining insights into how log reviews, synthetic transactions, and code testing can help bolster your defenses. Speaking of defenses, we'll also reveal why third-party involvement in website checkout processes can be a game-changer in preventing SQL injections and input flaws.
But, complexities don't end there. We also explore the perils of account management in the cloud - a topic that's indeed a double-edged sword. While the ease and accessibility of cloud services are undeniable, so are the risks. We delve into strategies for managing these risks, such as how to deal with unused or unremoved user accounts that can be easily exploited by malicious actors. We underline the importance of regular audits and management reviews, and the necessity to comply with third-party agreements and Service Level Agreements (SLAs), to ensure your cloud services are not just convenient, but secure. So, tune in to our latest episode, and take a step towards securing your digital assets like a pro.
Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success.
Join now and start your journey toward CISSP mastery today!
View all episodes
By Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur
4.4
3232 ratings
Send us a text
Ever wonder how safe your data really is in the cloud? Or what steps are necessary to ensure your organization's compliance with critical cybersecurity standards? You won't want to miss our latest episode where we tackle these tough questions head-on, promising to leave you more informed and prepared to safeguard your organization's valuable digital assets. We dive into the complexities of compliance assessments and audit strategies, exemplified by Japan's Space Agency's recent cyber attack. We also unpack the nuanced differences between internal and external audits, all while guiding you through the often confusing maze of legal and regulatory compliance.
In a world where cyber threats are an everyday reality, understanding how to identify vulnerabilities within your organization's systems has never been more crucial. We'll take you through the practicalities of penetration testing, and break down the differences between black box and white box tests. You'll learn how hackers use methodical, stealthy approaches to bypass your security measures, while gaining insights into how log reviews, synthetic transactions, and code testing can help bolster your defenses. Speaking of defenses, we'll also reveal why third-party involvement in website checkout processes can be a game-changer in preventing SQL injections and input flaws.
But, complexities don't end there. We also explore the perils of account management in the cloud - a topic that's indeed a double-edged sword. While the ease and accessibility of cloud services are undeniable, so are the risks. We delve into strategies for managing these risks, such as how to deal with unused or unremoved user accounts that can be easily exploited by malicious actors. We underline the importance of regular audits and management reviews, and the necessity to comply with third-party agreements and Service Level Agreements (SLAs), to ensure your cloud services are not just convenient, but secure. So, tune in to our latest episode, and take a step towards securing your digital assets like a pro.
Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success.
Join now and start your journey toward CISSP mastery today!
More shows like CISSP Cyber Training Podcast - CISSP Training Program
View all
Hacked
186 Listeners
Security Now (Audio)
2,004 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
371 Listeners
Risky Business
374 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
637 Listeners
CyberWire Daily
1,023 Listeners
Smashing Security
322 Listeners
Darknet Diaries
8,013 Listeners
Cybersecurity Today
174 Listeners
Hacking Humans
314 Listeners
CISO Series Podcast
189 Listeners
Defense in Depth
73 Listeners
Cyber Security Headlines
137 Listeners
Risky Bulletin
45 Listeners
Hacker And The Fed
170 Listeners