Daily stories from the world of information security. To delve into any daily story, head to CISOseries.com.
…
continue reading
Management Security Podcasts
Deception, influence, and social engineering in the world of cyber crime.
…
continue reading
The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
…
continue reading
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Defense in Depth promises clear talk on cybersecurity’s most controversial and confusing debates. Once a week we choose one controversial and popular cybersecurity debate and use the InfoSec community’s insights to lead our discussion.
…
continue reading
Security Management Highlights brings the security professional expert interviews and information on the most critical industry topics. Join host Brendan Howard as he interviews thought leaders and industry professionals, as well as editors from the magazine.
…
continue reading
Security Confidential provides weekly interviews and insights into the world of cybersecurity. Produced entirely in-house by MSSP & global risk management firm Dark Rhiino Security.
…
continue reading
Explore the life of a security leader with NetSPI Field Chief Information Security Officer (CISO) Nabil Hannan. Hear how CISOs with diverse expertise tackle the challenges and opportunities that come with life on the frontlines of cybersecurity.
…
continue reading
An IFPOD production for IFPO the very first security podcast called Security Circle. IFPO is the International Foundation for Protection Officers, and is an international security membership body that supports front line security professionals with learning and development, mental Health and wellbeing initiatives.
…
continue reading
Security DNA is a podcast brought to you by SecurityInfoWatch.com, covering subjects of interest to security stakeholders in the industry. Topics range from security industry news, trends and analysis to technology solutions, policy risk analysis and management, and more. Our editorial team, along with industry experts and consultants, fill each podcast episode with information that is of value to security professionals.
…
continue reading
For the latest in computer security news, hacking, and research! We sit around, drink beer, and talk security. Our show will feature technical segments that show you how to use the latest tools and techniques. Special guests appear on the show to enlighten us and change your perspective on information security. Note: This is only Paul's Security Weekly, a 2-hour show recorded once per week.
…
continue reading
Welcome to The Lockdown. Privacy doesn’t have to be all-or-nothing. The inability to attain extreme levels of privacy shouldn’t deter one from taking any protective measures at all. The show is hosted by Ray Heffer, an expert in the field of privacy and cybersecurity, with each episode touching on a range of topics such as data privacy, password management, and secure browsing habits. Tin-foil hats are optional!
…
continue reading
How today’s top organizations navigate the complex world of governance, risk, and compliance (GRC).Security & GRC Decoded brings you actionable strategies, expert insights, and real-world stories that help professionals elevate their security and compliance programs. Hosted by Raj Krishnamurthy.It’s for security professionals, compliance teams, and business leaders responsible security GRC and ensuring their organizations’ are safe, secure and adhere to regulatory mandates.Security & GRC Dec ...
…
continue reading
Welcome to Church Security Talk – your go-to resource for church safety and security. Join host Simon Osamoh, an ex-UK detective, former head of counterterrorism at Mall of America, Minnesota and church security expert. As he shares tips and tool to help your church stay safe and secure! Stay protected and informed with our online training courses visit worshipsecurity.org.
…
continue reading
A podcast for information security defenders (blue team) on best practices, tools, and implementation for enterprise security.
…
continue reading
Federal News Network Executive Editor Jason Miller talks to federal chief information officers about the latest technology trends and issues facing their agencies.
…
continue reading
About all things AppSec, DevOps, and DevSecOps. Hosted by Mike Shema and John Kinsella, the podcast focuses on helping its audience find and fix software flaws effectively.
…
continue reading
The mnemonic security podcast is a place where IT Security professionals can go to obtain insight into what their peers are working with and thinking about.
…
continue reading
The BUILDINGS Podcast presents the latest developments and practices in facility management from energy management, lowering operating costs, maintenance of commercial buildings, life and safety, sustainability, green issues, project management, security, building performance and much more. Find more facility management news at www.buildings.com Send any comments or questions to [email protected] Support this podcast: https://podcasters.spotify.com/pod/show/buildings-podcast/support
…
continue reading
Where security veterans unpack the latest IT security news, vulnerabilities, and research through a historical and technical lens that can cut through even the thickest cigar smoke. Hosted by Paul Asadoorian and Larry Pesce. Co-hosts: Josh Marpet, Jeff Man, Mandy Logan, Tyler Robinson.
…
continue reading
The Virtual CISO Moment dives into the stories of information security, information technology, and risk management pros; what drives them and what makes them successful while helping small and midsized business (SMB) security needs. No frills, no glamour, no transparent whiteboard text, no complex graphics, and no script - just honest discussion of SMB information security risk issues. Brought to you by vCISO Services, LLC, a leading provider of vCISO and information security risk managemen ...
…
continue reading
1
Security Insights - Cybersecurity for Real-World Workplaces
Ivanti: Cybersecurity and Information Technology Solutions
7
52
Welcome to Security Insights, where best-practice cybersecurity meets the real-world risks facing workplaces every day. Ivanti's VP of Product Management, Chris Goettl, brings in a rotating cast of guests to discuss the strategies and tactics that truly matter to the security teams protecting organizations, agencies and businesses like yours.
…
continue reading
Thuis aan de keukentafel praat Roel Rens met Microsoft- en IT-experts over actuele IT-topics.
…
continue reading
Jake Voll brings security industry professionals together to discuss best practices, challenges, and opportunities.
…
continue reading
Stay ahead of cyberthreats with expert insights and practical security . Led by an ensemble cast of industry thought leaderss offering in-depth analysis and practical advice to fortify your organization's defenses.
…
continue reading
In a world where cyberattacks are becoming more commonplace, we all need to be vigilant about protecting our digital lives, whether at home or at work. Byte Sized Security is the podcast that provides snackable advice on cybersecurity best practices tailored for professionals on the go. Hosted by information security expert, Marc David, each 15-20 minute episode provides actionable guidance to help listeners safeguard their devices, data, and organizations against online threats. With new ep ...
…
continue reading
1
Your Time Management Revolution - productivity tips from The Inefficiency Assassin, Helene Segura
Helene Segura, MA Ed, CPO
238177
Time management consultant Helene Segura brings you a variety of recommendations on the mindset, strategies and tactics successful people implement for effective time management and productivity. Some episodes are solo musings, only 2-5 minutes in length. Other episodes are interviews that can last 30 minutes to an hour. Note to podcast aficionados: This is not a templated show, so there’s no set format. These are recordings of thoughts, recommendations and interviews – all designed to help ...
…
continue reading
Join County National Bank's Senior Wealth Management Officers Christopher Phillips and Holleigh Baker as they explore the true meaning behind the question "What is Wealth?" From discussions with various guests, they delve into how wealth is not just about financial abundance but also about security, flexibility, and values discovered through personal stories and insights. Join them as they uncover the diverse perspectives on what wealth truly means in today's world and how these insights sha ...
…
continue reading
CyberSound™ is a podcast built by and for business owners and professionals. Tune in as our cybersecurity experts cover the latest news regarding IT security, the most recent and relevant threats organizations are facing today, and provide tips to keep your business safe.
…
continue reading
1
Cybersecurity, Privacy, Risk Management, Cryptocurrencies, Fintech, Information Technology
Shahid Sharif
638
Career guidance & consulting services in Information Technology, Cybersecurity, Privacy, Risk Management, Cryptocurrencies, & Fintech #self improvement # productivity #cybersecurity #security #privacy #risk #fintech #blockchain #cryptocurrencies
…
continue reading
Welcome to the Ontic Connected Intelligence Podcast, the show for corporate security professionals who are elevating the practice and perception of security. Whether you’re a seasoned professional or new to the field, our podcast offers valuable insights and practical advice to help you navigate the complexities of modern corporate security. Hosted by Fred Burton and Manish Mehta, our episodes are packed with real-world examples and forward-thinking solutions to help you secure your organiza ...
…
continue reading
The LP Magazine podcast keeps loss prevention professionals, security staff, and retail management up-to-date on important information and best practices for your business and career. Each episode features insights from retail loss protection, asset protection, law enforcement and more.
…
continue reading
News, views, and insights into the cybersecurity realm produced by Greg Johnson, CEO of Webcheck Security. www.webchecksecurity.com
…
continue reading
CDW Canada Tech Talks: Discussing the Latest Technology Innovations Experts from CDW and our partners tackle hot topics including generative AI, FinOps, the new cybersecurity landscape and more.
…
continue reading
The United States is in the midst of a dramatic political realignment with shifting views on national security, economics, technology, and the role of government in our lives. Saagar Enjeti and Marshall Kosloff explore this with thinkers, policymakers, and more.
…
continue reading
Shamus McGillicuddy, VP of Research, Network Infrastructure and Operations, at Enterprise Management Associates (EMA) discusses the latest trends in network management.
…
continue reading
The Enterprise Mobility Roundup takes a look at mobility in the enterprise, focusing on workforce devices, business applications and the technology behind them.
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Listen to Tech Law Talks for practical observations on technology and data legal trends, from product and technology development to operational and compliance issues that practitioners encounter every day. On this channel, we host regular discussions about the legal and business issues around data protection, privacy and security; data risk management; intellectual property; social media; and other types of information technology.
…
continue reading
The Bare Metal Cyber CISM Prepcast is your comprehensive, exam-focused audio companion for mastering the Certified Information Security Manager (CISM) certification. Designed to guide aspiring security leaders through all four domains of the CISM exam, this prepcast translates complex risk, governance, and incident response concepts into clear, structured, and easy-to-follow episodes. Whether you're transitioning from a technical role or already managing security programs, the series offers ...
…
continue reading
Do It Fuh Grantley is a life and finance podcast produced by Fortress Fund Managers, where we speak with women and men in Barbados about their Grantleys and other money matters.
…
continue reading
Helping people build practical emergency preparedness, situational awareness, and survival skills—so they can confidently protect their families and thrive in any crisis.
…
continue reading
Brian Duff, host of the Mind 4 Survival prepping podcast, helps preparedness minded people be more safe, confident and prepared so they can better protect themselves, their families, and loved ones when it matters most.
…
continue reading
Join us on Distilled Security as we delve into the fascinating world of cybersecurity. Each episode, we break down intriguing topics, analyze the latest news, and engage in in-depth conversations with our hosts and invited guests. Whether you're a seasoned professional or just curious about cybersecurity, our podcast offers valuable insights and thought-provoking discussions to keep you informed and entertained. Tune in and stay ahead of the curve in the ever-evolving landscape of cybersecurity.
…
continue reading
Secure Money Advisors is a licensed fiduciary in Pittsburgh, PA that develops holistic approaches to retirement planning. From annuities to wealth management and basic retirement planning, we offer a broad array of financial products and services clients need to succeed.
…
continue reading
1
Episode 68: Managing and Monitoring Security Compliance with External Parties
10:42
10:42
Play later
Play later
Lists
Like
Liked
10:42
Vendors, suppliers, and partners all affect your risk posture. This episode explores how to define, enforce, and monitor external security requirements. You’ll learn how to handle audits, compliance failures, and communication with third parties—real-world skills with high relevance on the CISM exam. Ready to start your journey with confidence? Lea…
…
continue reading
1
Google issues Chrome security update, ICC targeted by new attack, Microsoft nixes Authenticator password management
7:23
7:23
Play later
Play later
Lists
Like
Liked
7:23
Chrome Zero-Day CVE-2025-6554 under active attack — Google issues security update International Criminal Court targeted by new ‘sophisticated’ attack Kelly Benefits says 2024 data breach impacts 550,000 customers, Esse Health says recent data breach affects over 263,000 patients Huge thanks to our sponsor, Palo Alto Networks You’re moving fast in t…
…
continue reading
1
Executive Protection Evolves in Challenging Times
33:06
33:06
Play later
Play later
Lists
Like
Liked
33:06
Does your EP program account for cultural sensitivities, legal shortcomings, and evolving conditions? In this episode of the SM Highlights podcast, Jessica Ansley explains how cultural awareness can make all the difference in harmonious low-profile travel security and executive protection. Then, lawyer Timothy Sini outlines the limitations across U…
…
continue reading
1
Secure Your Future: Essential Legal Documents You Need NOW!
3:47
3:47
Play later
Play later
Lists
Like
Liked
3:47
http://www.TimeManagementRevolution.com - Whether you're planning for the unexpected or simply getting your life organized, having the right legal documents in place is essential. In this video, Helene Segura, Time Management Fixer breaks down the must-have documents everyone should consider—no legal jargon, just clear explanations. Get your FREE P…
…
continue reading
1
Vibe Coding vs Low-Code/No-Code: Security Risks and CI/CD Pipeline Impacts for Citizen Developers
9:42
9:42
Play later
Play later
Lists
Like
Liked
9:42
Explore the evolution from traditional coding to vibe coding and its relationship with low-code/no-code (LCNC) platforms. This comprehensive analysis examines how AI-assisted development and visual programming tools are creating a new generation of citizen developers, transforming enterprise software development. We dive deep into the security impl…
…
continue reading
1
The 5 Paradigm Shifts of Exposure Management
34:58
34:58
Play later
Play later
Lists
Like
Liked
34:58
Exposure management is fundamentally changing the way we view cybersecurity. Ivanti's Chris Goettl and Robert Waters introduce five paradigm shifts brought on by this emerging technology and how your organization's security strategy might shift as a result. For more, check out our Exposure Management Strategy Guide: (https://ivanti.com/resources/ex…
…
continue reading
1
Is Vuln Management Dead? - HD Moore - PSW #880
2:16:08
2:16:08
Play later
Play later
Lists
Like
Liked
2:16:08
This conversation explores the intersection of cybersecurity and emerging technologies, focusing on innovative hacking techniques, the evolution of vulnerability management, and the critical importance of asset discovery. The discussion also delves into the implications of cyber warfare, the persistent threat of default passwords, and the integrati…
…
continue reading
1
Checking in on the State of Appsec in 2025 - Janet Worthington, Sandy Carielli - ASW #338
1:07:15
1:07:15
Play later
Play later
Lists
Like
Liked
1:07:15
Appsec still deals with ancient vulns like SQL injection and XSS. And now LLMs are generating code along side humans. Sandy Carielli and Janet Worthington join us once again to discuss what all this new code means for appsec practices. On a positive note, the prevalence of those ancient vulns seems to be diminishing, but the rising use of LLMs is e…
…
continue reading
1
Call of Duty game pulled, U.S. military gets cybersecurity boost, Bank employee helped hackers
8:33
8:33
Play later
Play later
Lists
Like
Liked
8:33
Call of Duty game pulled from PC store after reported exploit U.S. military gets cybersecurity boost Bank employee helped hackers steal $100M Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC progr…
…
continue reading
1
adversary group naming (noun) [Word Notes]
10:17
10:17
Play later
Play later
Lists
Like
Liked
10:17
Please enjoy this encore of Word Notes. A cyber threat intelligence best practice of assigning arbitrary labels to collections of hacker activity across the intrusion kill chain.By N2K Networks
…
continue reading
Ingram Micro suffers a ransomware attack by the SafePay gang. Spanish police dismantle a large-scale investment fraud ring. The SatanLock ransomware group says it is shutting down. Brazilian police arrest a man accused of stealing over $100 million from the country’s banking system. Qantas confirms contact from a “potential cybercriminal” following…
…
continue reading
1
Tech Trends Changing Property Services with Lessen’s Carson Berish
14:08
14:08
Play later
Play later
Lists
Like
Liked
14:08
What are the biggest technology trends impacting facilities today—and where is tech going in the next decade? Lessen’s Carson Berish joins the Buildings Podcast to offer technology takeaways and practical ways to use AI in operations.By Endeavor Business Media
…
continue reading
1
Tariff-related considerations when planning a data center project
28:12
28:12
Play later
Play later
Lists
Like
Liked
28:12
High tariffs would significantly impact data center projects, through increased costs, supply chain disruptions and other problems. Reed Smith’s Matthew Houghton, John Simonis and James Doerfler explain how owners and developers can attenuate tariff risks throughout the planning, contract drafting, negotiation, procurement and construction phases. …
…
continue reading
Stefanie Hoover and Tony D'Onfrio chat about his induction into the NRF Ring of Excellence and his continued passion for helping the retail LP industry at Sensormatic. Their new Shrink Analyzer software is helping investigators piece together theft cases and generate ORC cases with ease.By Loss Prevention Magazine
…
continue reading
1
From Prompt Injection to Agentic AI: The New Frontier of Cyber Threats
28:30
28:30
Play later
Play later
Lists
Like
Liked
28:30
Artificial intelligence (AI) is on everyone’s mind, and its impact doesn't escape the cybersecurity industry. The industry experts acknowledge not just the benefits but also the cybersecurity threats of AI integrations. As Pascal Geenens, Director of Threat Intelligence at Radware, puts it, "It's AI, so everything is changing weekly. What I talked …
…
continue reading
1
029 - Minimize not Militarize and Avoiding Surveillance with GrapheneOS
54:26
54:26
Play later
Play later
Lists
Like
Liked
54:26
In this episode, I explore the difference between the military mindset and the more stealth approach of minimization in cybersecurity. I share the results from the Ghost in the Source Capture the Flag (CTF) challenge, revealing how the winners cracked the AES encryption using dictionary attacks, keyword harvesting and the cipher tool hidden in robo…
…
continue reading
1
Identity, AI & Access: Highlights from Identiverse 2025 - Sagi Rodin, Ajay Amlani, Treb Ryan, Ajay Gupta, Artyom Poghosyan, Amir Ofek - ESW #414
1:49:38
1:49:38
Play later
Play later
Lists
Like
Liked
1:49:38
Single Sign On (SSO) and Multi Factor Authentication (MFA) is critical to secure operations for companies of all sizes. Why is the foundation of cybersecurity still locked behind enterprise licensing? Single Sign-On (SSO) and Multi-Factor Authentication (MFA) are essential—not optional—for protecting modern businesses. But today, these critical too…
…
continue reading
1
Ingram Micro cyberattack, Telefonica possible breach, LLM URL recommendation problem
8:08
8:08
Play later
Play later
Lists
Like
Liked
8:08
Ingram Micro suffers ransomware attack Hacker leaks Telefónica data allegedly from new breach ChatGPT prone to recommending wrong URLs, creating a new phishing opportunity Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but …
…
continue reading
1
SANS Stormcast Monday, July 7th, 2025: interesting usernames; More sudo issues; CitrixBleed2 PoC; Short Lived Certs
5:48
5:48
Play later
Play later
Lists
Like
Liked
5:48
Interesting ssh/telnet usernames Some interesting usernames observed in our honeypots https://isc.sans.edu/diary/A%20few%20interesting%20and%20notable%20ssh%20telnet%20usernames/32080 More sudo trouble The host option in Sudo can be exploited to execute commands on unauthorized hosts. https://www.stratascale.com/vulnerability-alert-CVE-2025-32462-s…
…
continue reading
1
Best IDEs and AI Coding Assistants in 2025: Complete Guide to VSCode, Cursor, GitHub Copilot & More
9:50
9:50
Play later
Play later
Lists
Like
Liked
9:50
Are you ready for the future of software development? The world of IDEs and AI coding assistants is changing daily, and staying ahead means understanding the tools that are reshaping how we code. In this comprehensive 2025 guide, we dive deep into the most influential development platforms available today. From the versatile foundation of Visual St…
…
continue reading
1
Swati Shekhar: Challenges increase your risk appetite. [Engineering] [Career Notes]
11:04
11:04
Play later
Play later
Lists
Like
Liked
11:04
Please enjoy this encore of Career Notes. Ground Labs' Head of Engineering, Swati Shekhar, shares her circuitous route from and back to engineering. Always being interested in leveraging the tools available to solve problems, Swati talks about how she found her place in engineering. She mentions how she had her first real experience with a computer…
…
continue reading
1
Episode 71: Continuous Improvement through Post-Incident Reviews and Risk Reassessment
11:27
11:27
Play later
Play later
Lists
Like
Liked
11:27
Mature security programs improve over time. In this final episode, we explain how to lead post-incident reviews, implement lessons learned, and reassess risk in light of new data. This is where governance, program management, and incident handling come full circle—just as ISACA intends for CISM-certified leaders. Ready to start your journey with co…
…
continue reading
1
Episode 70: Supervising Risk Treatment and Continuous Monitoring
11:23
11:23
Play later
Play later
Lists
Like
Liked
11:23
Managing risk doesn’t stop with one decision. In this episode, we explore how to supervise treatment activities (mitigation, transfer, acceptance) and establish ongoing monitoring to ensure sustained performance. These continuous oversight tasks are key to mastering Domain 2 and real-world risk leadership. Ready to start your journey with confidenc…
…
continue reading
1
Episode 69: Supervising Risk Identification and Assessment
10:57
10:57
Play later
Play later
Lists
Like
Liked
10:57
CISM-certified professionals must oversee—not just conduct—risk assessments. This episode covers how to supervise the process, validate results, and ensure assessments align with business priorities. ISACA expects you to understand both tactical execution and leadership-level oversight. Ready to start your journey with confidence? Learn more at Bar…
…
continue reading
1
Episode 67: Integrating Security Requirements into Organizational Processes
11:42
11:42
Play later
Play later
Lists
Like
Liked
11:42
In this episode, we cover how to embed security into core business workflows—from procurement to development and beyond. You’ll learn how to ensure that security requirements become part of how the organization works, not just what it reacts to. Expect exam questions on integration in Domains 1, 3, and 4. Ready to start your journey with confidence…
…
continue reading
1
Episode 66: Aligning Security Programs with Operational Business Objectives
10:59
10:59
Play later
Play later
Lists
Like
Liked
10:59
Security must support the mission. This episode teaches you how to align your security initiatives with day-to-day business operations, process priorities, and performance expectations. This strategic alignment is central to Domain 3 and may appear in scenario questions about resource conflicts or program goals. Ready to start your journey with con…
…
continue reading
1
Episode 65: Evaluating and Reporting Information Security Metrics
11:37
11:37
Play later
Play later
Lists
Like
Liked
11:37
Metrics turn performance into visibility. This episode shows you how to define, collect, and report information security metrics that support governance, justify decisions, and improve outcomes. You’ll also learn how ISACA expects you to evaluate effectiveness—a frequent target in Domain 3 and 4 questions. Ready to start your journey with confidenc…
…
continue reading
1
Episode 64: Compiling and Presenting Effective Security Reports
10:56
10:56
Play later
Play later
Lists
Like
Liked
10:56
CISM candidates must know how to report program results and risk insights to both executives and operational teams. This episode explains how to compile relevant data, translate it into actionable insights, and tailor the message to your audience. Exam questions will test your ability to do all three well. Ready to start your journey with confidenc…
…
continue reading
1
Episode 63: Defining and Communicating Security Roles and Responsibilities
11:39
11:39
Play later
Play later
Lists
Like
Liked
11:39
Effective governance depends on clear roles and responsibilities. In this episode, we walk through how to assign, document, and communicate who owns what in your security program. From the board to front-line staff, clarity reduces risk and improves accountability—both on the exam and in real practice. Ready to start your journey with confidence? L…
…
continue reading
1
Episode 62: Gaining Senior Leadership Commitment and Stakeholder Support
11:02
11:02
Play later
Play later
Lists
Like
Liked
11:02
Security programs rise or fall on leadership support. This episode teaches you how to earn and sustain executive commitment, communicate risk in business terms, and align your initiatives with organizational strategy. These skills show up in both Domain 1 and complex CISM scenario questions. Ready to start your journey with confidence? Learn more a…
…
continue reading
1
Episode 61: Communicating the Business Case and Gaining Stakeholder Buy-In
10:09
10:09
Play later
Play later
Lists
Like
Liked
10:09
CISM leaders must champion security through influence, not just authority. In this episode, we cover how to build and communicate compelling business cases for security investments. Learn how to present risk, value, and outcomes in language stakeholders understand—an essential Domain 1 and 3 skill for exam day. Ready to start your journey with conf…
…
continue reading
1
Episode 60: Building Effective Security Budgets and ROI Analysis
12:08
12:08
Play later
Play later
Lists
Like
Liked
12:08
Budgeting is about more than asking for money—it’s about justifying value. This episode explains how to estimate costs, present return on investment, and align security spending with business priorities. Expect questions on budgeting tradeoffs, prioritization, and executive persuasion on the CISM exam. Ready to start your journey with confidence? L…
…
continue reading
1
Episode 59: Integrating Information Security into Corporate Governance
12:19
12:19
Play later
Play later
Lists
Like
Liked
12:19
Security can’t operate in a silo. This episode covers how to embed information security into broader corporate governance, ensuring risk, compliance, and audit processes align with your program. Learn how to advocate for security at the board level—just as ISACA expects of successful CISM candidates. Ready to start your journey with confidence? Lea…
…
continue reading
1
Episode 58: Implementing Information Security Governance Frameworks
12:20
12:20
Play later
Play later
Lists
Like
Liked
12:20
Frameworks turn strategy into structure. In this episode, we explain how to implement security governance frameworks like COBIT and ISO in ways that support accountability, transparency, and control. If the exam asks you how to operationalize governance, this episode gives you the language to answer it. Ready to start your journey with confidence? …
…
continue reading
1
Episode 57: Establishing Information Security Strategy Aligned with Organizational Goals
12:06
12:06
Play later
Play later
Lists
Like
Liked
12:06
Security strategy must serve the business. This episode walks you through aligning your security vision, priorities, and investment with what the organization truly values—its mission, objectives, and risk tolerance. This alignment is a core competency for CISM holders and appears frequently in Domain 1 questions. Ready to start your journey with c…
…
continue reading
1
Episode 56: Identifying Internal and External Influences on Security Strategy
11:29
11:29
Play later
Play later
Lists
Like
Liked
11:29
Domain 1 isn’t just about governance—it’s about understanding what shapes strategy. This episode teaches you how to identify organizational drivers, market forces, regulatory shifts, and threat evolution, and how to reflect these in your security planning. These insights often form the basis of scenario questions. Ready to start your journey with c…
…
continue reading
1
Episode 55: Conducting Meaningful Post-Incident Reviews
11:45
11:45
Play later
Play later
Lists
Like
Liked
11:45
CISM professionals must know how to lead structured post-incident reviews. This episode explains how to capture lessons learned, evaluate what went wrong (and right), and recommend improvements. You’ll also learn how to document findings in a way that supports governance and future risk mitigation. Ready to start your journey with confidence? Learn…
…
continue reading
1
Episode 54: Techniques for Secure Recovery and Restoration
12:10
12:10
Play later
Play later
Lists
Like
Liked
12:10
After eradication comes recovery—and it must be secure. This episode shows you how to safely bring systems back online, validate their integrity, and ensure that no backdoors or residual threats remain. These post-incident steps are essential in both the real world and your CISM Domain 4 study strategy. Ready to start your journey with confidence? …
…
continue reading
1
Episode 53: Techniques for Incident Eradication
12:22
12:22
Play later
Play later
Lists
Like
Liked
12:22
Eradication is where you eliminate the root cause of an incident. This episode walks you through how to fully remove malware, close exploited vulnerabilities, and validate that threats are no longer active. You’ll also learn how to document these efforts—something ISACA expects you to be able to do on the exam. Ready to start your journey with conf…
…
continue reading
1
Episode 52: Incident Response Communications: Reporting, Notification, and Escalation
11:54
11:54
Play later
Play later
Lists
Like
Liked
11:54
Incident response is only effective if the right people are informed at the right time. In this episode, we explore how to build a communication plan that includes internal reporting, external notifications, and stakeholder escalation. CISM candidates must understand how to handle communication flow under pressure. Ready to start your journey with …
…
continue reading
1
Episode 51: Effective Incident Containment Methods
11:40
11:40
Play later
Play later
Lists
Like
Liked
11:40
Containment is a critical phase in incident response—and a highly tested concept in Domain 4. This episode covers the strategies and decision points for containing incidents, from isolating affected systems to segmenting networks and communicating quickly. Learn how to apply containment while minimizing operational disruption. Ready to start your j…
…
continue reading
1
Episode 50: Digital Forensics and Evidence Collection Basics
11:46
11:46
Play later
Play later
Lists
Like
Liked
11:46
You don’t have to be a forensic analyst—but you do need to understand the basics. This episode explains how evidence is collected, preserved, and documented during an incident. We also explore the chain of custody, admissibility, and the role of forensic data in investigations—high-value knowledge for the exam. Ready to start your journey with conf…
…
continue reading
1
Episode 49: Incident Investigation Methodologies
12:11
12:11
Play later
Play later
Lists
Like
Liked
12:11
CISM candidates must understand how to manage an incident investigation. This episode covers how to gather evidence, document timelines, identify root causes, and follow structured investigative methods. You’ll learn how to support legal compliance and continuous improvement—all key areas of Domain 4. Ready to start your journey with confidence? Le…
…
continue reading
1
Episode 48: Incident Management Tools and Techniques
12:50
12:50
Play later
Play later
Lists
Like
Liked
12:50
Tools can streamline detection, coordination, and resolution during incidents. In this episode, we explore common technologies used in incident management, from SIEM platforms to communication systems. Learn what ISACA wants you to know about selecting, deploying, and using these tools strategically. Ready to start your journey with confidence? Lea…
…
continue reading
1
Episode 47: Training, Testing, and Evaluating Your Incident Management Capabilities
11:56
11:56
Play later
Play later
Lists
Like
Liked
11:56
Your incident response plan is only as strong as your ability to execute it. This episode covers how to train staff, conduct simulations, and evaluate performance to ensure your organization is prepared for real-world incidents. These lifecycle elements are important for both the exam and maturing your security function. Ready to start your journey…
…
continue reading
1
Episode 46: Incident Classification and Categorization Methods
12:13
12:13
Play later
Play later
Lists
Like
Liked
12:13
Classifying incidents accurately enables proper response. In this episode, we discuss how to build an incident classification system based on impact, type, and severity—key for escalation and prioritization. These concepts are frequently tested in Domain 4 and appear in both technical and business-aligned scenarios. Ready to start your journey with…
…
continue reading
1
Episode 45: Testing, Maintenance, and Improvement of Your DRP
11:55
11:55
Play later
Play later
Lists
Like
Liked
11:55
A DRP must be tested, maintained, and improved over time to remain effective. This episode explains how to schedule recovery tests, evaluate outcomes, and implement improvements based on performance data. These lifecycle management concepts show up across multiple CISM domains and often appear in scenario-based questions. Ready to start your journe…
…
continue reading
1
Episode 44: Designing Your Disaster Recovery Plan (DRP)
12:21
12:21
Play later
Play later
Lists
Like
Liked
12:21
Disaster recovery planning ensures technology and data availability during a crisis. In this episode, we break down how to design and document a DRP that complements your BCP and incident response plan. You'll learn key recovery metrics, backup strategies, and restoration procedures—vital for the exam and real-world execution. Ready to start your j…
…
continue reading
1
Episode 43: Building Your Business Continuity Plan (BCP)
8:52
8:52
Play later
Play later
Lists
Like
Liked
8:52
Business continuity is broader than disaster recovery—and the CISM exam knows it. This episode explains how to build a BCP that supports organizational resilience, continuity of operations, and stakeholder assurance. Learn the difference between continuity and crisis management and how ISACA frames these within Domain 4. Ready to start your journey…
…
continue reading
