Sign up to save your podcasts
Or
Share CCT 094: Assessment, Compliance, and Improvement Strategies (CISSP Domain 6.5)
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
CCT 094: Assessment, Compliance, and Improvement Strategies (CISSP Domain 6.5)
Send us a text
Ever wonder how safe your data really is in the cloud? Or what steps are necessary to ensure your organization's compliance with critical cybersecurity standards? You won't want to miss our latest episode where we tackle these tough questions head-on, promising to leave you more informed and prepared to safeguard your organization's valuable digital assets. We dive into the complexities of compliance assessments and audit strategies, exemplified by Japan's Space Agency's recent cyber attack. We also unpack the nuanced differences between internal and external audits, all while guiding you through the often confusing maze of legal and regulatory compliance.
In a world where cyber threats are an everyday reality, understanding how to identify vulnerabilities within your organization's systems has never been more crucial. We'll take you through the practicalities of penetration testing, and break down the differences between black box and white box tests. You'll learn how hackers use methodical, stealthy approaches to bypass your security measures, while gaining insights into how log reviews, synthetic transactions, and code testing can help bolster your defenses. Speaking of defenses, we'll also reveal why third-party involvement in website checkout processes can be a game-changer in preventing SQL injections and input flaws.
But, complexities don't end there. We also explore the perils of account management in the cloud - a topic that's indeed a double-edged sword. While the ease and accessibility of cloud services are undeniable, so are the risks. We delve into strategies for managing these risks, such as how to deal with unused or unremoved user accounts that can be easily exploited by malicious actors. We underline the importance of regular audits and management reviews, and the necessity to comply with third-party agreements and Service Level Agreements (SLAs), to ensure your cloud services are not just convenient, but secure. So, tune in to our latest episode, and take a step towards securing your digital assets like a pro.
Gain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every 15 days for the next 6 months—completely free! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!
View all episodes
By Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur
4.3
2626 ratings
Send us a text
Ever wonder how safe your data really is in the cloud? Or what steps are necessary to ensure your organization's compliance with critical cybersecurity standards? You won't want to miss our latest episode where we tackle these tough questions head-on, promising to leave you more informed and prepared to safeguard your organization's valuable digital assets. We dive into the complexities of compliance assessments and audit strategies, exemplified by Japan's Space Agency's recent cyber attack. We also unpack the nuanced differences between internal and external audits, all while guiding you through the often confusing maze of legal and regulatory compliance.
In a world where cyber threats are an everyday reality, understanding how to identify vulnerabilities within your organization's systems has never been more crucial. We'll take you through the practicalities of penetration testing, and break down the differences between black box and white box tests. You'll learn how hackers use methodical, stealthy approaches to bypass your security measures, while gaining insights into how log reviews, synthetic transactions, and code testing can help bolster your defenses. Speaking of defenses, we'll also reveal why third-party involvement in website checkout processes can be a game-changer in preventing SQL injections and input flaws.
But, complexities don't end there. We also explore the perils of account management in the cloud - a topic that's indeed a double-edged sword. While the ease and accessibility of cloud services are undeniable, so are the risks. We delve into strategies for managing these risks, such as how to deal with unused or unremoved user accounts that can be easily exploited by malicious actors. We underline the importance of regular audits and management reviews, and the necessity to comply with third-party agreements and Service Level Agreements (SLAs), to ensure your cloud services are not just convenient, but secure. So, tune in to our latest episode, and take a step towards securing your digital assets like a pro.
Gain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every 15 days for the next 6 months—completely free! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!
More shows like CISSP Cyber Training Podcast - CISSP Training Program
View all
Risky Business
361 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
628 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
367 Listeners
CISSP Training
16 Listeners
Hacked
180 Listeners
CyberWire Daily
1,007 Listeners
Smashing Security
311 Listeners
Malicious Life
927 Listeners
Darknet Diaries
7,864 Listeners
Cybersecurity Today
169 Listeners
CISO Series Podcast
187 Listeners
Hacking Humans
314 Listeners
Defense in Depth
74 Listeners
Cyber Security Headlines
128 Listeners
Hacker And The Fed
158 Listeners