All Episodes
Displaying 201 - 220 of 222 in total
Episode 201: Effective Compliance Reporting (Domain 5)
Compliance reporting ensures that an organization can demonstrate adherence to regulatory, contractual, and internal security requirements—and in this episode, we expl...
Episode 202: Consequences of Non-Compliance (Domain 5)
Failing to meet regulatory or contractual obligations can carry severe consequences, both financially and reputationally. In this episode, we break down the real-world...
Episode 203: Attestation and Acknowledgement in Compliance (Domain 5)
Attestation and acknowledgement are critical for ensuring that individuals and third parties formally understand and accept their roles in maintaining security and com...
Episode 204: Privacy Laws and Global Compliance (Domain 5)
Data privacy is no longer just a legal issue—it’s a global business imperative, and this episode explores the complex and evolving landscape of privacy laws. We cover ...
Episode 205: Data Inventory, Retention, and the Right to Be Forgotten (Domain 5)
Managing personal data effectively starts with knowing exactly what you have, where it lives, how long you keep it, and what rights users have over it. In this final e...
Episode 206: Privacy and Legal Implications of Compliance (Domain 5)
Privacy and compliance are deeply intertwined, especially as global regulations push organizations to safeguard personal data across jurisdictions. In this episode, we...
Episode 207: Data Management and Compliance (Domain 5)
Effective data management is critical for both operational success and regulatory compliance, and in this episode, we explore how organizations maintain control over w...
Episode 208: Attestation and Internal Audits (Domain 5)
Attestation and internal audits are two of the most powerful tools for ensuring your security program is functioning as intended. In this episode, we start by explorin...
Episode 209: Internal Audit Structures (Domain 5)
The effectiveness of internal audits depends not just on what’s reviewed, but on how the audit function is structured within the organization. In this episode, we exam...
Episode 210: External Audits and Assessments (Domain 5)
External audits provide an independent review of an organization’s security and compliance posture, often driven by regulatory mandates, certification requirements, or...
Episode 211: Fundamentals of Penetration Testing (Domain 5)
Penetration testing goes beyond identifying vulnerabilities—it simulates real-world attacks to see how systems, defenses, and teams hold up under pressure. In this epi...
Episode 212: Penetration Testing Environments (Domain 5)
The value of a penetration test is closely tied to how realistic the environment is—and in this episode, we examine the types of environments in which pen tests are co...
Episode 213: Reconnaissance Techniques (Domain 5)
Reconnaissance is the first phase of any attack—and the first opportunity for defenders to detect malicious intent. In this episode, we break down both passive and act...
Episode 214: Effective Phishing Awareness (Domain 5)
Phishing remains one of the most effective—and dangerous—forms of cyberattack because it targets people, not systems. In this episode, we explore how to build an effec...
Episode 215: Anomalous Behavior Recognition (Domain 5)
Cyber threats often hide in plain sight, masquerading as normal user activity until they trigger something unexpected—and that’s why recognizing anomalous behavior is ...
Episode 216: User Guidance and Training (Part 1) (Domain 5)
Users are often the first and last line of defense in cybersecurity, and their success depends on clear guidance and ongoing training. In this episode, we focus on pol...
Episode 217: User Guidance and Training (Part 2) (Domain 5)
Beyond basic policy understanding, users need targeted training in key risk areas that attackers frequently exploit—especially insiders, passwords, and privileged acce...
Episode 218: User Guidance and Training (Part 3) (Domain 5)
Security training must evolve with the threat landscape—and that means addressing common but high-risk topics like removable media, social engineering, and operational...
Episode 219: Hybrid and Remote Work Security Awareness (Domain 5)
Remote and hybrid work models create new layers of security complexity—blending corporate environments with home networks, personal devices, and cloud-first workflows....
Episode 220: Security Reporting and Monitoring (Domain 5)
A well-informed workforce should be empowered not just to avoid risk—but to report it. In this episode, we explore how organizations build clear, accessible reporting ...