Sign up to save your podcasts
Or
Share CCT 298: Determining Data Controls - CISSP
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
CCT 298: Determining Data Controls - CISSP
Send us a text
Check us out at: https://www.cisspcybertraining.com/
Get access to 360 FREE CISSP Questions: https://www.cisspcybertraining.com/offers/dzHKVcDB/checkout
Get access to my FREE CISSP Self-Study Essentials Videos: https://www.cisspcybertraining.com/offers/KzBKKouv
A graphing calculator running ChatGPT might make headlines, but our real job is keeping sensitive data from walking out the door. We break down the data states that matter most—at rest, in transit, and in use—and show how to pair encryption, access control, and monitoring without drowning in complexity. Along the way, we share a pragmatic blueprint for classification and labeling that teams actually follow, from visual tags and watermarks to tightly governed upgrade and downgrade paths that keep owners accountable.
From there, we zoom out to strategy. Risk tolerance drives control selection, so we talk through scoping and tailoring: how to apply NIST and ISO 27001 sensibly, where GDPR and HIPAA come into play, and why focused logging beats “collect everything” fantasies. You’ll hear the real differences between DRM and DLP—licensing and usage enforcement versus data path control—and when each tool earns its keep. We also lay out transfer procedures that work in the wild: SFTP with verified keys, email encryption, FIPS‑validated USBs, and restricted cloud shares with time‑boxed access.
Cloud isn’t a blind spot when a CASB sits between your users and SaaS. We explain how a CASB delivers visibility into shadow IT, enforces policy across apps, integrates with identity for conditional access, and even helps you rein in egress costs. Tie it all together and you get a layered, test‑ready approach that helps you pass the CISSP while protecting what matters most. If this helped sharpen your plan, follow the show, share it with a teammate, and leave a quick review so we can keep building tools that move you forward.
Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success.
Join now and start your journey toward CISSP mastery today!
View all episodes
By Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur
4.5
3333 ratings
Send us a text
Check us out at: https://www.cisspcybertraining.com/
Get access to 360 FREE CISSP Questions: https://www.cisspcybertraining.com/offers/dzHKVcDB/checkout
Get access to my FREE CISSP Self-Study Essentials Videos: https://www.cisspcybertraining.com/offers/KzBKKouv
A graphing calculator running ChatGPT might make headlines, but our real job is keeping sensitive data from walking out the door. We break down the data states that matter most—at rest, in transit, and in use—and show how to pair encryption, access control, and monitoring without drowning in complexity. Along the way, we share a pragmatic blueprint for classification and labeling that teams actually follow, from visual tags and watermarks to tightly governed upgrade and downgrade paths that keep owners accountable.
From there, we zoom out to strategy. Risk tolerance drives control selection, so we talk through scoping and tailoring: how to apply NIST and ISO 27001 sensibly, where GDPR and HIPAA come into play, and why focused logging beats “collect everything” fantasies. You’ll hear the real differences between DRM and DLP—licensing and usage enforcement versus data path control—and when each tool earns its keep. We also lay out transfer procedures that work in the wild: SFTP with verified keys, email encryption, FIPS‑validated USBs, and restricted cloud shares with time‑boxed access.
Cloud isn’t a blind spot when a CASB sits between your users and SaaS. We explain how a CASB delivers visibility into shadow IT, enforces policy across apps, integrates with identity for conditional access, and even helps you rein in egress costs. Tie it all together and you get a layered, test‑ready approach that helps you pass the CISSP while protecting what matters most. If this helped sharpen your plan, follow the show, share it with a teammate, and leave a quick review so we can keep building tools that move you forward.
Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success.
Join now and start your journey toward CISSP mastery today!
More shows like CISSP Cyber Training Podcast - CISSP Training Program
View all
Stuff You Should Know
78,845 Listeners
TED Talks Daily
11,213 Listeners
The Ben Shapiro Show
154,092 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
369 Listeners
Software Engineering Daily
624 Listeners
Risky Business
374 Listeners
CyberWire Daily
1,035 Listeners
Darknet Diaries
8,119 Listeners
Cybersecurity Today
178 Listeners
CISO Series Podcast
191 Listeners
Defense in Depth
74 Listeners
Cybersecurity Headlines
138 Listeners
The AI Daily Brief: Artificial Intelligence News and Analysis
645 Listeners
Reduce Cyber Risk Podcast - Cyber Security Made Simple
0 Listeners