Sign up to save your podcasts
Or
Share Episode 165: An In-Depth Look at CIS Controls Implementation
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Episode 165: An In-Depth Look at CIS Controls Implementation
In Episode 165 of Cybersecurity Where You Are, Tony Sager sits down with Valecia Stocchetti, Senior Cybersecurity Engineer at the Center for Internet Security® (CIS®), and Charity Otwell, Director of Critical Security Controls at CIS. Together, they take an in-depth look at implementing the CIS Critical Security Controls® (CIS Controls®), including what you need to know to begin your own CIS Controls implementation efforts.
Here are some highlights from our episode:
- 00:53. Introductions to Valecia and Charity
- 02:48. How the CIS Controls ecosystem answers the deeper question of how to implement
- 06:42. The importance of clear strategy, business priorities, and a realistic timeline
- 09:56. How the CIS Community Defense Model (CDM) clarifies cyber defense priorities
- 13:01. The use of calculations around costing to make a security program achievable
- 15:31. Bringing IT and the Board of Directors together through governance
- 20:36. "Herding cats" as a metaphor for navigating different compliance frameworks
- 23:17. Why one prescriptive ask per CIS Safeguard starts cybersecurity workflows
- 25:30. "Why" vs. "how" communication, accountability, staffing, budget, and continuous improvement as keys to success for CIS Controls implementation
- 42:03. CIS Controls Assessment Specification as an answer to implementation subjectivity
- 47:21. Parting thoughts around team effort, change, and CIS Controls Accreditation
Resources
- Cloud Companion Guide for CIS Controls v8.1
- CIS Community Defense Model 2.0
- The Cost of Cyber Defense CIS Controls IG1
- Episode 132: Day One, Step One, Dollar One for Cybersecurity
- Policy Templates
- Episode 107: Continuous Improvement via Secure by Design
- Reasonable Cybersecurity Guide
- CIS Controls Resources
- CIS Controls Assessment Specification
- Episode 156: How CIS Uses CIS Products and Services
- CIS Controls Accreditation
- Controls Accreditation
- Episode 102: The Sporty Rigor of CIS Controls Accreditation
If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].
View all episodes
By Center for Internet Security
5
1313 ratings
In Episode 165 of Cybersecurity Where You Are, Tony Sager sits down with Valecia Stocchetti, Senior Cybersecurity Engineer at the Center for Internet Security® (CIS®), and Charity Otwell, Director of Critical Security Controls at CIS. Together, they take an in-depth look at implementing the CIS Critical Security Controls® (CIS Controls®), including what you need to know to begin your own CIS Controls implementation efforts.
Here are some highlights from our episode:
- 00:53. Introductions to Valecia and Charity
- 02:48. How the CIS Controls ecosystem answers the deeper question of how to implement
- 06:42. The importance of clear strategy, business priorities, and a realistic timeline
- 09:56. How the CIS Community Defense Model (CDM) clarifies cyber defense priorities
- 13:01. The use of calculations around costing to make a security program achievable
- 15:31. Bringing IT and the Board of Directors together through governance
- 20:36. "Herding cats" as a metaphor for navigating different compliance frameworks
- 23:17. Why one prescriptive ask per CIS Safeguard starts cybersecurity workflows
- 25:30. "Why" vs. "how" communication, accountability, staffing, budget, and continuous improvement as keys to success for CIS Controls implementation
- 42:03. CIS Controls Assessment Specification as an answer to implementation subjectivity
- 47:21. Parting thoughts around team effort, change, and CIS Controls Accreditation
Resources
- Cloud Companion Guide for CIS Controls v8.1
- CIS Community Defense Model 2.0
- The Cost of Cyber Defense CIS Controls IG1
- Episode 132: Day One, Step One, Dollar One for Cybersecurity
- Policy Templates
- Episode 107: Continuous Improvement via Secure by Design
- Reasonable Cybersecurity Guide
- CIS Controls Resources
- CIS Controls Assessment Specification
- Episode 156: How CIS Uses CIS Products and Services
- CIS Controls Accreditation
- Controls Accreditation
- Episode 102: The Sporty Rigor of CIS Controls Accreditation
If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].
More shows like Cybersecurity Where You Are (video)
View all
Hacked
186 Listeners
Security Now (Audio)
2,006 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
372 Listeners
Risky Business
372 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
652 Listeners
CyberWire Daily
1,025 Listeners
Smashing Security
319 Listeners
Click Here
418 Listeners
Darknet Diaries
8,073 Listeners
Cybersecurity Today
176 Listeners
Hacking Humans
315 Listeners
CISO Series Podcast
187 Listeners
Defense in Depth
73 Listeners
Cybersecurity Headlines
140 Listeners
Risky Bulletin
44 Listeners