BBC Radio 5 live’s award winning gaming podcast, discussing the world of video games and games culture.
…
continue reading
İçerik Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur, Shon Gerber, VCISO, CISSP, and Cybersecurity Consultant tarafından sağlanmıştır. Bölümler, grafikler ve podcast açıklamaları dahil tüm podcast içeriği doğrudan Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur, Shon Gerber, VCISO, CISSP, and Cybersecurity Consultant veya podcast platform ortağı tarafından yüklenir ve sağlanır. Birinin telif hakkıyla korunan çalışmanızı izniniz olmadan kullandığını düşünüyorsanız burada https://tr.player.fm/legal özetlenen süreci takip edebilirsiniz.
CISSP Cyber Training Podcast - CISSP Training Program benzeri
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Tech Life discovers and explains the ways technology is changing our lives, wherever we are in the world. We meet the people with bright ideas for rethinking the way we work, learn and play, and get hands-on with the products they dream up. We hold tech giants to account for their huge power to affect our lives, and ask who wins, and who loses, in the technology transformation. Tech Life is your guide to a future being made, and remade, at lightning speed in front of our eyes.
…
continue reading
Every weekday, host Kai Ryssdal helps you make sense of the day's business and economic news — no econ degree or finance background required. "Marketplace" takes you beyond the numbers, bringing you context. Our team of reporters all over the world speak with CEOs, policymakers and regular people just trying to get by.
…
continue reading
Material is a weekly discussion about the Google and Android universe. Your intrepid hosts try to answer the question, “What holds up the digital world?” The answer, so far, is that it’s Google all the way down. Hosted by Andy Ihnatko and Florence Ion.
…
continue reading
The power of Data is undeniable. And unharnessed - it’s nothing but chaos. Making data your ally. Using it to lead with confidence and clarity. Host Jess Carter is solving problems in real-time to reveal what’s possible. Helping communities and people thrive. This is Data Driven Leadership, a show brought to you by Resultant.
…
continue reading
Player FM - Podcast Uygulaması
Player FM uygulamasıyla çevrimdışı Player FM !
Player FM uygulamasıyla çevrimdışı Player FM !
))
CCT 227: Navigating Domain 1: CISSP Question Thursday Deep Dive
Manage episode 471191380 series 3464644
İçerik Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur, Shon Gerber, VCISO, CISSP, and Cybersecurity Consultant tarafından sağlanmıştır. Bölümler, grafikler ve podcast açıklamaları dahil tüm podcast içeriği doğrudan Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur, Shon Gerber, VCISO, CISSP, and Cybersecurity Consultant veya podcast platform ortağı tarafından yüklenir ve sağlanır. Birinin telif hakkıyla korunan çalışmanızı izniniz olmadan kullandığını düşünüyorsanız burada https://tr.player.fm/legal özetlenen süreci takip edebilirsiniz.
A seemingly simple company restructuring at Eaton triggered a devastating cybersecurity incident when software developer Davis Liu planted a logic bomb on their systems after learning his responsibilities would be reduced. This cautionary tale kicks off our deep dive into CISSP Domain 1 concepts, showing exactly why understanding security governance and risk management principles matters in real-world scenarios.
The logic bomb—crafted in Java code to create infinite loops crashing servers—activated upon Liu's termination, causing global disruption and hundreds of thousands of dollars in damage. Now facing up to 10 years in prison, Liu's poor decision perfectly illustrates why organizations must implement robust controls against insider threats.
Through a series of challenging Domain 1 practice questions, we explore how access controls serve as critical technical safeguards for data privacy, and why establishing risk management programs that incorporate legal, regulatory, and industry standards forms the foundation for aligning security with business objectives. We also tackle the complexities of regulatory compliance across healthcare, financial services, and multinational organizations, emphasizing the value of centralized data protection offices and contractual safeguards for cloud services.
The episode provides practical guidance for security professionals facing common challenges: how to handle budget constraints when addressing high-risk vulnerabilities (prioritize based on business impact), what makes ISO 31000 valuable as a risk management framework (its focus on integrating risk into business processes), and why executive sponsorship represents the most important factor for successful security governance implementation.
For CISSP candidates, we clarify essential concepts including the purpose of information security policies (establishing management's intent), the principle most likely to determine liability after a breach (due care), and the most effective controls against insider threats (least privilege combined with activity monitoring).
Ready to accelerate your CISSP preparation? Visit cissp-cyber-training.com for comprehensive training materials, practice questions, and mentorship options tailored to your certification journey.
Gain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every 15 days for the next 6 months—completely free! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!
Bölümler
1. Introduction to CISSP Cyber Training (00:00:00)
2. insider threat case study: Logic Bomb (00:00:25)
3. Domain 1 Question Analysis Begins (00:03:09)
4. Risk Management Frameworks Discussion (00:06:25)
5. Data Privacy and Regulatory Compliance (00:12:23)
6. Security Governance Best Practices (00:19:02)
7. Closing Thoughts and Training Options (00:21:37)
236 bölüm
Paylaş
Manage episode 471191380 series 3464644
İçerik Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur, Shon Gerber, VCISO, CISSP, and Cybersecurity Consultant tarafından sağlanmıştır. Bölümler, grafikler ve podcast açıklamaları dahil tüm podcast içeriği doğrudan Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur, Shon Gerber, VCISO, CISSP, and Cybersecurity Consultant veya podcast platform ortağı tarafından yüklenir ve sağlanır. Birinin telif hakkıyla korunan çalışmanızı izniniz olmadan kullandığını düşünüyorsanız burada https://tr.player.fm/legal özetlenen süreci takip edebilirsiniz.
A seemingly simple company restructuring at Eaton triggered a devastating cybersecurity incident when software developer Davis Liu planted a logic bomb on their systems after learning his responsibilities would be reduced. This cautionary tale kicks off our deep dive into CISSP Domain 1 concepts, showing exactly why understanding security governance and risk management principles matters in real-world scenarios.
The logic bomb—crafted in Java code to create infinite loops crashing servers—activated upon Liu's termination, causing global disruption and hundreds of thousands of dollars in damage. Now facing up to 10 years in prison, Liu's poor decision perfectly illustrates why organizations must implement robust controls against insider threats.
Through a series of challenging Domain 1 practice questions, we explore how access controls serve as critical technical safeguards for data privacy, and why establishing risk management programs that incorporate legal, regulatory, and industry standards forms the foundation for aligning security with business objectives. We also tackle the complexities of regulatory compliance across healthcare, financial services, and multinational organizations, emphasizing the value of centralized data protection offices and contractual safeguards for cloud services.
The episode provides practical guidance for security professionals facing common challenges: how to handle budget constraints when addressing high-risk vulnerabilities (prioritize based on business impact), what makes ISO 31000 valuable as a risk management framework (its focus on integrating risk into business processes), and why executive sponsorship represents the most important factor for successful security governance implementation.
For CISSP candidates, we clarify essential concepts including the purpose of information security policies (establishing management's intent), the principle most likely to determine liability after a breach (due care), and the most effective controls against insider threats (least privilege combined with activity monitoring).
Ready to accelerate your CISSP preparation? Visit cissp-cyber-training.com for comprehensive training materials, practice questions, and mentorship options tailored to your certification journey.
Gain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every 15 days for the next 6 months—completely free! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!
Bölümler
1. Introduction to CISSP Cyber Training (00:00:00)
2. insider threat case study: Logic Bomb (00:00:25)
3. Domain 1 Question Analysis Begins (00:03:09)
4. Risk Management Frameworks Discussion (00:06:25)
5. Data Privacy and Regulatory Compliance (00:12:23)
6. Security Governance Best Practices (00:19:02)
7. Closing Thoughts and Training Options (00:21:37)
236 bölüm
Todos os episódios
×
Player FM'e Hoş Geldiniz!
Player FM şu anda sizin için internetteki yüksek kalitedeki podcast'leri arıyor. En iyi podcast uygulaması ve Android, iPhone ve internet üzerinde çalışıyor. Aboneliklerinizi cihazlar arasında eş zamanlamak için üye olun.
CISSP Cyber Training Podcast - CISSP Training Program benzeri
BBC Radio 5 live’s award winning gaming podcast, discussing the world of video games and games culture.
…
continue reading
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Tech Life discovers and explains the ways technology is changing our lives, wherever we are in the world. We meet the people with bright ideas for rethinking the way we work, learn and play, and get hands-on with the products they dream up. We hold tech giants to account for their huge power to affect our lives, and ask who wins, and who loses, in the technology transformation. Tech Life is your guide to a future being made, and remade, at lightning speed in front of our eyes.
…
continue reading
Every weekday, host Kai Ryssdal helps you make sense of the day's business and economic news — no econ degree or finance background required. "Marketplace" takes you beyond the numbers, bringing you context. Our team of reporters all over the world speak with CEOs, policymakers and regular people just trying to get by.
…
continue reading
Material is a weekly discussion about the Google and Android universe. Your intrepid hosts try to answer the question, “What holds up the digital world?” The answer, so far, is that it’s Google all the way down. Hosted by Andy Ihnatko and Florence Ion.
…
continue reading
The power of Data is undeniable. And unharnessed - it’s nothing but chaos. Making data your ally. Using it to lead with confidence and clarity. Host Jess Carter is solving problems in real-time to reveal what’s possible. Helping communities and people thrive. This is Data Driven Leadership, a show brought to you by Resultant.
…
continue reading
Player FM - Podcast Uygulaması
Player FM uygulamasıyla çevrimdışı Player FM !
Player FM uygulamasıyla çevrimdışı Player FM !
