CISSP Cyber Training Podcast - CISSP Training Program
Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur
Join Shon Gerber on his weekly CISSP Cyber Training podcast, where his extensive 22-year background in cybersecurity shines through. With a rich history spannin...
Send us a textUnlock the secrets to mastering cybersecurity management with insights from Sean Gerber. How can businesses effectively handle the risks of outdated technology and safeguard their assets? Join us as we explore Domain 2.5 of the CISSP exam and unravel the complexities behind end-of-life and end-of-support for assets, a critical area for anyone aiming for exam success. Drawing on expert guidance from leading organizations like NCSC, NIST, and CISA, this episode highlights the vulnerabilities of small and medium-sized businesses and offers strategies to fortify their defenses.Navigate the treacherous waters of managing outdated software and hardware. Discover how these old systems can disrupt operations and what security professionals must communicate to leadership to prevent financial losses. We share actionable strategies for inventory management and risk assessment, helping organizations prioritize and mitigate challenges based on risk tolerance. Whether you're facing the end of support for a high-stakes asset or deciding to repurpose older equipment, this episode equips you with the knowledge to devise an effective asset retirement strategy.Before you tackle the CISSP exam, arm yourself with the tools and resources to ensure a smooth journey. We discuss the importance of compliance, business continuity, and disaster recovery plans, alongside exploring third-party support and open-source alternatives. Don't miss out on the chance to enhance your preparation with the CISSP Cyber Training program, where my Blueprint sets a clear path to help you succeed on your first attempt. Get ready to embrace the wealth of information and prepare for the next chapter of your cybersecurity career.Gain access to 60 FREE CISSP Practice Questions each and every month for the next 6 months by going to FreeCISSPQuestions.com and sign-up to join the team for Free. That is 360 FREE questions to help you study and pass the CISSP Certification. Join Today!
--------
29:19
CCT 193: Practice CISSP Questions - Navigating Cybersecurity Compliance and Data Protection Strategies (Domain 1.5)
Send us a textUnlock the secrets of cybersecurity mastery as Sean Gerber unpacks the importance of CISSP certification amidst a looming gap of over 5 million unfilled cybersecurity positions by 2024. This episode promises to equip you with insights from the latest ISC² global workforce study, emphasizing the blend of technical prowess and essential soft skills employers crave, such as communication and critical thinking. Dive into expert advice on acing CISSP exam questions, especially those tricky legal scenarios involving data transfer you might face.Explore comprehensive strategies for safeguarding data and ensuring compliance in today’s complex digital landscape. Sean discusses the implementation of data loss prevention solutions, the nuances of trans-border data flows, and the challenge of meeting GDPR requirements amidst data localization demands. Discover how endpoint encryption, data classification, and mobile app push notifications play pivotal roles in protecting intellectual property while maintaining user convenience. Learn why collaboration with vendors is critical when investigating potential data breaches.Navigate the intricate world of global security compliance as we delve into the decision-making processes essential for managing international cybersecurity obligations. Sean highlights the necessity of consulting legal counsel and employing a risk-based approach to maintain a uniform security posture across diverse regions. Uncover strategies for addressing critical vulnerabilities and aligning security frameworks with new international data privacy treaties. This episode lays out a holistic security design, integrating every aspect of the CISSP domains to prepare you for a successful career in cybersecurity. Join us for this invaluable journey into the future of cybersecurity.Gain access to 60 FREE CISSP Practice Questions each and every month for the next 6 months by going to FreeCISSPQuestions.com and sign-up to join the team for Free. That is 360 FREE questions to help you study and pass the CISSP Certification. Join Today!
--------
25:05
CCT 192: Enhancing Global Data Privacy and Breach Notification Skills for the CISSP (Domain 1.5)
Send us a textIs your organization equipped to combat the latest cybersecurity threats as we enter 2024? Join me, Sean Gerber, as we explore the critical cybersecurity issues affecting both local and international landscapes. We'll unpack the recent ransomware attacks that have disrupted essential services, ranging from the Kansas court system in the U.S. to sensitive children's court hearings in Australia. These incidents highlight the urgent need for enhanced security measures, especially as cybercriminals reportedly target vital infrastructure like U.S. wastewater treatment facilities.The legal ramifications of cyber crimes are as complex as they are severe. In our discussion, we explore the intricacies of data breaches and transborder data flows, examining how different countries handle data flow regulations and the consequences for offenders—from hefty financial penalties to potential life imprisonment. Real-world examples, such as swatting incidents, illustrate the dual nature of legal liabilities that cybercriminals face. Our conversation aims to shed light on the multifaceted legal landscape, preparing cybersecurity professionals for the challenges ahead.Understanding global breach notification regulations is crucial for any organization. We'll discuss the challenges of navigating different timelines, such as the EU's 72-hour requirement under GDPR, and the importance of having pre-defined protocols for incident management. We also emphasize the significance of international data privacy regulations, highlighting the need for data classification, encryption, and anonymization to protect sensitive information. Whether you're a seasoned security professional or just starting out, this episode offers invaluable insights to enhance your cybersecurity skills and readiness.Gain access to 60 FREE CISSP Practice Questions each and every month for the next 6 months by going to FreeCISSPQuestions.com and sign-up to join the team for Free. That is 360 FREE questions to help you study and pass the CISSP Certification. Join Today!
--------
41:54
CCT 191: Practice CISSP Questions - SDLC, Agile, and DevSecOps (Domain 8.1)
Send us a textDiscover the hidden threats lurking in your kitchen appliances and learn why your next air fryer might be spying on you. On this episode of the CISSP Cyber Training Podcast, we unravel the alarming findings from Infosecurity Magazine about Chinese IoT devices and their potential to invade your privacy. We emphasize the critical importance of educating ourselves and others about the risks of IoT devices and the vast amounts of data they can collect. Additionally, we highlight new ICO regulations that aim to bolster data protection, especially for international companies, ensuring they uphold stringent privacy standards.But that's not all! We shift gears to explore Agile development practices, diving into the adaptability and feedback loops of Scrum and the high-security approach of the spiral model. Discover how the Capability Maturity Model's pinnacle stage fosters continuous improvement and learn the essentials of integrating security into the DevSecOps CI/CD pipeline without sacrificing speed. We also delve into the nuances of pair programming for enhanced code quality and clarify the distinct approaches of Scrum's time-boxed sprints versus Kanban's work-in-progress limits. Tune in for a comprehensive look at modern software development practices and the indispensable role of security in our digital world.Gain access to 60 FREE CISSP Practice Questions each and every month for the next 6 months by going to FreeCISSPQuestions.com and sign-up to join the team for Free. That is 360 FREE questions to help you study and pass the CISSP Certification. Join Today!
--------
18:30
CCT 190: Integrating Security in Software Development - Exploring SDLC, Agile, and DevSecOps for the CISSP (Domain 8.1)
Send us a textUnlock the secrets of integrating security within every phase of software development as we tackle Domain 8 of the CISSP exam. Our exploration begins with a deep dive into the software development lifecycle (SDLC) and its various methodologies like Agile, Waterfall, DevOps, and DevSecOps. Through a gripping tale of a Disney World IT insider's digital manipulation, we underscore the critical importance of safeguarding systems, especially when skilled employees exit the stage. This episode promises to arm you with the knowledge to fortify your organization's cybersecurity posture effectively.We then navigate the contrasting landscapes of software development models, weighing the structured order of the Waterfall model against the adaptive flexibility of Agile and the risk-focused Spiral model. Each approach comes with its own set of challenges and benefits, particularly concerning security integration and usability. Through the lens of iterative feedback and prototype development, we highlight how these methodologies can help refine requirements and minimize ambiguities, ensuring that security and functionality walk hand in hand.Finally, explore how the IDEAL model can transform your organization's security practices. Designed to improve cybersecurity and risk management, this structured improvement approach offers clear phases: Initiating, Diagnosing, Establishing, Acting, and Learning. We also discuss the impactful mission behind CISSP training, where proceeds support a nonprofit for adoptive children. This initiative not only enhances your cybersecurity skills but also contributes to a cause greater than yourself. Join us as we unpack these strategies, providing insights that could significantly shape your cybersecurity career.Gain access to 60 FREE CISSP Practice Questions each and every month for the next 6 months by going to FreeCISSPQuestions.com and sign-up to join the team for Free. That is 360 FREE questions to help you study and pass the CISSP Certification. Join Today!
About CISSP Cyber Training Podcast - CISSP Training Program
Join Shon Gerber on his weekly CISSP Cyber Training podcast, where his extensive 22-year background in cybersecurity shines through. With a rich history spanning corporate sectors, government roles, and academic positions, Shon imparts the essential insights and advice necessary to conquer the CISSP exam. His expertise is not just theoretical; as a CISSP credential holder since 2009, Shon translates his deep understanding into actionable training. Each episode is packed with invaluable security strategies and tips that you can implement right away, giving you an edge in the cybersecurity realm. Tune in and take the reins of your cybersecurity journey—let’s ride into excellence together! 🚀
Listen to CISSP Cyber Training Podcast - CISSP Training Program, Uncanny Valley | WIRED and many other podcasts from around the world with the radio.net app