CISSP Cyber Training Podcast - CISSP Training Program

Send us a textReady to elevate your cybersecurity acumen and conquer the CISSP exam? Tune in to our latest episode, where we unravel the intricacies of a significant ransomware attack that exploited a supply chain vulnerability, impacting 60 US credit unions via the Citrix bleed vulnerability. This real-world scenario stresses the necessity of securing third-party relationships and maintaining a robust security posture. We shift gears to dissect Domain 7.5 of the CISSP, offering insights into...

Send us a textCan cheaply made smart devices compromise your security? Uncover the hidden risks of AI and hardware hacking as we explore the vulnerabilities in these devices that make them prime targets for cybercriminals. Learn how secure coding practices and proper device isolation can serve as critical defenses, and consider the implications of AI misconfigurations that could lead to remote code execution. Through engaging discussions, we shed light on the growing threat landscape and the ...

Send us a textUnlock the secrets to enhancing your organization's security posture by mastering the art of security audits. Tune in to discover how security audits play a pivotal role in both the CISSP exam and real-world scenarios. Through personal anecdotes and expert insights, we explore how conducting effective audits with departments like finance can transform your approach to cybersecurity. We also introduce Vuln Hunter, an innovative open-source tool showcased at the No Hat Security Co...

Send us a textUnlock the secrets to mastering access control models essential for conquering the CISSP exam and advancing your cybersecurity expertise. Imagine having a comprehensive understanding of how discretionary, mandatory, role-based, risk-based, rule-based, attribute-based, and hybrid models function in various scenarios. This episode features Sean Gerber as he navigates the complex world of access control frameworks, offering insightful questions and real-world applications. Whether ...

Send us a textUnlock the secrets of cybersecurity in our latest episode where we promise to transform your understanding of access control mechanisms. We kick things off by dissecting the discretionary access controls (DAC) and the power dynamics behind resource ownership. Discover why assigning ownership is crucial to sidestep security pitfalls and how to tackle the double-edged sword of permission propagation and creep. We also unveil strategies for seamless security management, including t...

Send us a textUnlock the secrets of the OSI and TCP/IP models with Sean Gerber as your guide on the CISSP Cyber Training Podcast. Ever wondered how the presentation layer manages to format and translate data seamlessly for the application layer? Or how the network layer deftly routes packets across networks? Prepare to gain a comprehensive understanding of these essential concepts, crucial for acing the CISSP exam. Plus, dive into the intriguing details of the TCP/IP model's transport layer, ...

Send us a textUnlock the secrets of cybersecurity mastery with Sean Gerber as we embark on a journey through Domain 4 of the CISSP exam. Ever wondered how AI could transform the chaotic world of Security Operations Centers (SOCs)? Discover the potential of artificial intelligence to streamline alert management and enhance detection efficiency, a much-needed solution for the 60% of SOC professionals swamped by alert overload. Stay ahead of the curve by understanding the rapid rise of AI startu...

Send us a textCrack the code of security architecture and engineering with this episode of the CISSP Cyber Training Podcast! Ever wondered how different security models apply to real-world scenarios? We'll give you the insights and knowledge you need to discuss these models confidently with senior leaders and implement robust security controls. We promise you'll walk away with a mastery of foundational models like Bell-LaPadula and Biba, essential for any cybersecurity professional.Join us as...

Send us a textWhat if your organization's security posture could withstand any cyber threat? This episode of the CISSP Cyber Training Podcast promises to equip you with actionable insights from CISSP Domain 3, emphasizing the critical principle of failing securely. We tackle the intricacies of separation of duties, zero trust, and the benefits of maintaining simplicity in your systems. Plus, I share my firsthand experience with virtual CISO roles, providing a roadmap for hiring a security pro...

Send us a textEver wondered about the real difference between a data leak and a data breach? Join me, Sean Gerber, on the latest episode of the CISSP Cyber Training Podcast as we unpack the nuances between these two critical cybersecurity concepts. Learn how data leaks often result from human mistakes like weak passwords, while data breaches involve deliberate cyber attacks. We'll walk through different types of sensitive data—including PII, financial information, PHI, and intellectual proper...

Send us a textEver wondered how a TI-84 calculator can be transformed into a powerful tool for ChatGPT? Join me, Sean Gerber, on this thrilling episode of the CISSP Cyber Training Podcast as we uncover this fascinating tale and explore the evolving landscape of data security. We'll dissect the crucial elements of Domain 2.6 of the CISSP exam, from protecting data-at-rest to data-in-motion, and delve into the significance of Digital Rights Management (DRM) and Data Loss Prevention (DLP). This ...

Send us a textHow can we effectively bridge the cybersecurity skills gap and protect sensitive data in the cloud? In this action-packed episode of the CISSP Cyber Training Podcast, we kick things off by analyzing insights from a recent UK international cyber skills conference. We discuss the UK's innovative initiatives to enhance cybersecurity education and talent, including support schemes and competitions, and emphasize the importance of gaining practical experience, even through pro bono w...

Send us a textAre you ready to uncover the secrets behind successful candidate screening and robust employment agreements in cybersecurity? Join us on this episode of the CISSP Cyber Training Podcast, where we promise to equip you with essential techniques to vet the right candidates for sensitive security roles. From structured interviews to behavioral questions and technical assessments, we cover the full spectrum of best practices. Plus, we'll discuss the critical importance of maintaining...

Send us a textCan API gateways really be the ultimate shield against cyber threats? Prepare to uncover the secrets of API security as we dissect CISSP Domain 8.5 in this episode of the CISSP Cyber Training Podcast. We'll walk you through practice questions that decode the most common API vulnerabilities and why denial of service isn't always the primary threat. Discover how an API gateway centralizes security and learn about essential authentication mechanisms like OAuth for secure token-base...

Send us a textWant to stay ahead in the rapidly evolving world of IT? Join Sean Gerber on the CISSP Cyber Training Podcast as he discusses the essential skills you need to thrive in this dynamic field. You'll get a personal peek into Sean's consulting career and his family business ventures before diving into the nuts and bolts of Domain 8.5 with a focus on Application Programming Interfaces (APIs). Learn how APIs serve as the backbone of modern software applications, facilitating seamless da...

Send us a textUnlock the secrets to safeguarding your organization's most sensitive data and enhance your cybersecurity acumen. Join us on the CISSP Cyber Training Podcast as I, Sean Gerber, break down the critical importance of managing secrets within popular collaboration tools like Slack, Jira, and Confluence. Discover practical methods such as real-time monitoring and swift remediation to secure API keys and encryption tokens. Learn how fostering a culture of security awareness through ed...

Send us a textWhat if AI could be your company's best asset—and its biggest risk? Join me, Sean Gerber, on this enlightening episode of the CISSP Cyber Training Podcast, where we journey through the essentials of cybersecurity with a particular focus on media protection techniques from Domain 7.5 of the CISSP ISC² training manual. We’ll also navigate the secure-by-design principles crucial in the age of artificial intelligence. With AI transforming large enterprises, I’ll share eye-opening st...

Send us a textUnlock the secrets to mastering the CISSP exam and bolster your cybersecurity prowess with Sean Gerber in this action-packed episode of the CISSP Cyber Training Podcast! Ever wondered which assessment type is crucial for ensuring ISO 27001 compliance? Discover why internal audits are the gold standard. We'll also cover the key considerations for selecting the right security assessment for your organization, focusing on the pivotal role of aligning with your risk profile and avai...

Send us a textEver wondered how to ensure your organization's cybersecurity measures meet international standards? Join us for an action-packed episode as we unpack Domain 6.5 of the CISSP exam, exploring crucial assessments, tests, and audit strategies every cybersecurity professional should master. Learn the importance of choosing a consistent framework like ISO 27001 or the NIST Cybersecurity Framework to steer your audit processes. We'll dive into internal and external audits and the pivo...

Send us a textCan quantum computing break your encryption overnight? Discover the profound impact of this emerging technology on cybersecurity as we decode the recently introduced FIPS 203, 204, and 205 standards. Join me, Sean Gerber, on this week's electrifying episode of the CISSP Cyber Training Podcast to understand how the US government is preemptively tackling "harvest now, decrypt later" threats. Learn why these standards are crucial for federal entities and contractors and why mandato...

Send us a textWhat would you do if your social security number was compromised in a massive data breach affecting billions? In our latest episode of the CISSP Cyber Training Podcast, we unpack the alarming reality of a recent breach that exposed the personal records of 3 billion people. We provide critical advice on how to protect yourself using tools like "Have I Been Pwned," setting up credit freezes, and enabling multi-factor authentication. It's not just about safeguarding your data; it's...

Send us a textHow would a massive data breach at a major corporation like Boeing affect the global cybersecurity landscape? Join us on this episode of the CISSP Cyber Training Podcast, where we dissect this alarming 50GB ransomware attack and its profound implications on the industry. Additionally, we unpack the serious data compromise in Maine due to the MoveIt file transfer tool hack, which impacted 1.3 million people, and explore Google's bold move to delete old, inactive account data to m...

Send us a textEver wondered why your SOC team spends so much time on routine tasks rather than addressing critical threats? Discover the 80-20 rule in security operations and see how automating 80% of routine tasks can free up your team to focus on the complex incidents that truly matter. In our latest episode, host Sean Gerber shares his firsthand experiences leading a SOC and provides actionable insights on how to balance automation and customization for an efficient and responsive security...

Send us a textEver wondered how CPUs juggle multiple tasks seamlessly? On this week's CISSP Cyber Training Podcast, we decode the art of CPU processes and multi-threaded environments. I'm Sean Gerber, and together, we'll navigate the maze of system architectures, from the running state of a CPU process to the marvels of symmetric multiprocessing. Dive in as we unravel the complexities of computing, making even the most intricate concepts accessible and engaging. Whether you're prepping for yo...

Send us a textEver wondered how mastering process states and system architecture can be as straightforward as organizing your child's toy box? Join me, Sean Gerber, on the CISSP Cyber Training Podcast as we unpack the complexities of these crucial concepts to help you ace the CISSP exam. Drawing from my personal journey and the hurdles I faced, I'll share practical tips and relatable analogies that make even the most daunting topics accessible. We start by breaking down the initiation of proc...

Send us a textAre you ready to ace your CISSP exam and propel your cybersecurity career to new heights? This episode of the CISSP Cyber Training Podcast promises to equip you with critical insights on data roles and regulations. From demystifying the responsibilities of data processors under GDPR to unpacking the PCI DSS framework essential for the financial sector, we leave no stone unturned. We'll also clarify the distinctions between asset owners and data owners, and explain who holds acco...

Send us a textUnlock the secrets to mastering Domain 2 of the CISSP exam and navigate the paradox of the booming yet financially strained cybersecurity field. Despite the staggering 4 million global job openings, recent budget cuts and layoffs are reshaping the landscape. Learn how economic challenges are clashing with the rising demand for cybersecurity skills, the increasing pressures of governmental regulations, especially in AI security, and combatting the burgeoning threat of insider att...

Send us a textEver wondered what the GDPR and the Economic Espionage Act of 1996 have in common? On this episode of CISSP Cyber Training Podcast, I break down the complexities of essential cybersecurity legislation, both in the U.S. and Europe. We'll uncover what you need to know about the Identity Theft and Assumption Deterrence Act, the Wiretap Act, and the UK Computer Misuse Act. Additionally, we'll discuss the intricacies of civil law, HIPAA, and the critical role of administrative law. F...

Send us a textHow does understanding the legal landscape in cybersecurity elevate your professional game? Join us on this episode of the CISSP Cyber Training Podcast as we unpack the complexities of civil, criminal, administrative, and contractual law. Learn how each legal category influences risk assessments, organizational policies, and legal prosecutions. We'll guide you through the nuances of civil law's role in resolving non-criminal disputes, the severe implications of criminal law, and...

Send us a textReady to fortify your software development practices against security risks? Join us as we unearth critical strategies for mitigating vulnerabilities in your code. From the seamless integration of Static Application Security Testing (SAST) into your CI/CD pipelines to refactoring code to eliminate buffer overflow issues, this episode is packed with essential insights. Discover the must-have security controls for cloud-based SaaS platforms, such as robust access controls and code...

Send us a textEver wondered how a data breach could impact cloud security, or what measures you need to take to secure sensitive information? Join us in this episode of the CISSP Cyber Training Podcast as we break down the recent AT&T data breach and its implications on cloud environments like AWS and Snowflake. Discover how attackers gained access to critical phone records and network topology, and why staying up-to-date with cloud security is more critical than ever.We also cover the in...

Send us a textCan AI revolutionize your cybersecurity career? Join me, Sean Gerber, on today's thrilling episode of the CISSP Cyber Training Podcast as we uncover the transformative impact of artificial intelligence on cybersecurity jobs, based on a revealing article by Joe McKendrick from ZDNet. With 88% of cybersecurity professionals predicting AI will change their roles and 82% believing it will enhance efficiency, it's clear that adaptation is key. We'll also discuss the alarming report o...

Send us a textIs a four-year college degree necessary to break into the world of cybersecurity? Discover why practical experience and industry certifications might just be your golden ticket to a thriving career in IT. In this episode of the CISSP Cyber Training Podcast, host Sean Gerber unpacks Domain 7.3 of the CISSP exam, emphasizing the significant shift in the job market. With over 7,500 new IT roles added in June alone, Sean discusses how transitioning from general IT to specialized cyb...

Send us a textEver wondered how to secure your SaaS environment while mastering essential security testing techniques? Join me, Sean Gerber, on the CISSP Cyber Training Podcast as we navigate the complexities of cybersecurity, starting off with some personal July 4th reflections and an insightful Forbes article on the pressing threats and strategies in the SaaS landscape. With a staggering 96.7% of organizations relying on SaaS applications, the stakes have never been higher. You'll learn abo...

Send us a textEver wondered how to fortify your organization against cyber threats? Join Sean Gerber as we uncover the essentials of Domain 6.3 of the CISSP exam, from security assessments to account management and backup verification. Learn about tools like Nessus and Qualys and the role of ethical hacking in identifying vulnerabilities. Discover the critical differences between authenticated and unauthenticated scanning, and how red teams elevate your security measures to the next level.Wha...

Send us a textCould a seemingly minor breach at a smaller bank signal bigger vulnerabilities in our financial system? On this episode of the CISSP Cyber Training Podcast, we deliver eye-opening insights on a recent cybersecurity incident involving the notorious ransomware group LockBit. While the U.S. Federal Reserve remained untouched, Evolve Bank and Trust became their latest target. We'll break down what happened, why it matters, and what it means for the cybersecurity landscape. But that'...

Send us a textWant to ensure your organization's sensitive data remains secure in today's mobile-centric world? Tune in to our latest CISSP Cyber Training Podcast episode, where we unravel the complexities of federated identities and robust credential management. Learn from the high-profile data breach involving Change Healthcare and discover how multi-factor authentication could have prevented such a disaster. We promise you'll gain essential insights into how federated identities streamline...

Send us a textReady to conquer the CISSP exam? This episode promises to arm you with crucial insights into the OSI model and its real-world applications. We kick things off by unraveling the intricacies of VPN tunnels and the pivotal role the data link layer plays in encapsulating data packets for secure internet travel. Next, you'll grasp how a significant Border Gateway Protocol (BGP) security breach zeroes in on the network layer. We then dissect the limitations of firewalls at the transpo...

Send us a textAre multi-layer protocols the key to safeguarding our digital world amidst the rising tide of cyberattacks? Join me, Sean Gerber, as I unravel the complexities of these protocols and their vital role in cybersecurity, drawing from the CISSP ISC² domains 4.1.4 and 4.1.5. By sharing my firsthand experiences and highlighting the alarming $22 million ransomware payout by Change Healthcare, I underscore the urgent need for redundancy in critical systems, especially within vulnerable ...

Send us a textReady to conquer the CISSP exam? Unlock the secrets of threat modeling with our latest episode! Join me, Sean Gerber, as we break down the STRIDE methodology—Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege. Learn how to decode these critical security concepts and master the art of eliminating wrong answers in multiple-choice questions. This episode is your ticket to not only understanding but excelling in one of the most vi...

Send us a textWhat if you could transform your cybersecurity skills and become an expert in threat modeling? Join me, Sean Gerber, on the CISSP Cyber Training Podcast as I guide you through the critical elements of threat modeling, a key topic for any cybersecurity professional gearing up for the CISSP exam. We'll discuss why grasping the nuances of threats is essential to safeguarding your organization's data and systems. From system and threat identification to vulnerability assessments and...

Send us a textWhat if your organization's data could be breached through an exposed API in your modem? Join me, Sean Gerber, in this week's CISSP Cyber Training Podcast as we unravel the hidden dangers of API connections and dive into the latest security flaws found in Cox modems. We'll also kick off our thrilling CISSP Question Thursday, tackling complex queries from domains 3.1.2 and 3.1.3. Plus, discover why AES-256 stands as the gold standard for cloud data encryption and how implementing...

Send us a textCurious about how to implement robust cybersecurity measures and avoid costly breaches? In our latest episode of the CISSP Cyber Training Podcast, we unravel the intricacies of defense in depth and secure defaults as outlined in domains 3.1.2 and 3.1.3 of the CISSP exam. Starting with a weather update from Kansas, we shift gears to dissect a critical incident at UnitedHealthcare, revealing the repercussions of appointing a CISO lacking specific security expertise. We emphasize t...

Send us a textEver wondered how to navigate the complexities of data classification within your organization? Get ready to sharpen your cybersecurity skills and elevate your knowledge as we dissect CISSP Question Thursday, focusing on domain 2.1.1. This week, we also bring you an intriguing piece of news about ARPA-H, a groundbreaking new agency inspired by DARPA but aimed at revolutionizing healthcare through cutting-edge technology. With a starting fund of $50 million, ARPA-H is set to tack...

Send us a textAs we honor the memory of those who have served and sacrificed, we also acknowledge the ever-present battlefield of cybersecurity. Today, we dissect the essentials of data classification, an integral aspect of Domain 2 in the CISSP exam, while paying tribute to Memorial Day. Join me, Sean Gerber, for a candid conversation where we unwrap the layers of Microsoft Copilot's recall feature and its privacy concerns, and we address how these advanced AI technologies intersect with the...

Send us a textUnlock the doors to a fortified cybersecurity career with me, Sean Gerber, as we navigate the complex landscape of CISSP concepts tailored for those aspiring to conquer the CISSP exam. We're not just scratching the surface; we're burrowing into the depths of what it takes to understand and tackle real-world security challenges. From the perils of unprotected customer data on cloud servers to the intricacies of managing employees who sidestep DRM for convenience, this podcast equ...

Send us a textDive deep into the legal intricacies of cybersecurity with me, Sean Gerber, as I guide you through the maze of laws and scams impacting our digital world. Prepare to arm yourself with knowledge that stretches far beyond the CISSP exam, as we tackle the multi-million-dollar repercussions of cybercrimes and the collaborative global efforts to combat them. This episode lays down the framework of civil, criminal, administrative, and contractual law, providing a comprehensive underst...

Send us a textFend off cyber extortionists with cutting-edge insights from our latest cyber training podcast, where Sean Gerber and I dissect the sophisticated methods to recover data from ransomware's icy grip. Inspired by a Sophos News article, we navigate through six data retrieval strategies that could save your business in a pinch, emphasizing that while there's no magic bullet, prioritizing certain file types could make all the difference in your recovery efforts. And because we know yo...

Send us a textUnlock the mysteries of cybersecurity and business continuity with me, Sean Gerber, as we navigate the treacherous waters of cyber threats, including the dark reality of ransomware's impact on our critical infrastructure. Tune in for an intricate look at the geopolitical cyber chessboard, where nations could be gearing up for digital warfare. We'll assess the fine line between cyber vandalism and an act of war, and explore how to arm yourself with knowledge and strategies to pro...

Send us a textCybersecurity isn't just about the tech; it's about making tough calls under pressure, and this episode is your field guide to navigating those high-stakes scenarios. I'm Sean Gerber, and today we dissect not only the ins and outs of crucial security measures like multi-factor authentication—underscored by the UnitedHealthcare ransomware fiasco—but also the contentious debate surrounding ransom payments during cyber-attacks. Get ready to gain managerial insight that could be the...

Send us a textEmbark on a transformative journey into the world of cybersecurity with me, Sean Gerber, as your guide. Discover how to fortify your career foundations and traverse the evolving landscape of digital protection. Our latest episode delves into the crucial timelines for mastering cybersecurity, with a special look at Dragos' role in safeguarding operational technology—think electricity and water, the lifeblood of our community.Navigating the educational routes towards a cybersecuri...

Send us a textUnlock the vault of cybersecurity wisdom and ace the CISSP exam with the guidance of Sean Gerber on the CISSP Cyber Training Podcast. Prepare to transform your approach to cyber studies as we emphasize understanding over rote memorization, with a treasure trove of 3,000 to 5,000 practice questions to arm you for battle. We'll tackle the complexities of integrating Multi-Factor Authentication seamlessly into current systems, and when facing the specter of data exfiltration, we'll...

Send us a textEmbark on a journey through the intricate world of cybersecurity certifications with me, Sean Gerber, and discover how to transition from tech enthusiast to CISSP-ready specialist. If you're looking to solidify your place in the cybersecurity realm, this episode is the map you need to navigate the terrain of essential certifications. We begin with the cornerstone certifications like CompTIA's A+ and Network+, examining their price tags, the time commitment for study, and the exp...

Send us a textReady to conquer the CISSP exam with flying colors? This week, we've zeroed in on Domain 8 – the soul of software development security! I'm Sean Gerber, your cybersecurity compatriot, and I'm here to guide you through the labyrinth of securing software right from its architectural blueprint to its final lines of code. We kick things off with a bang, dissecting the crucial role of design and architecture in embedding security into your SDLC. It's not just about building software;...

Send us a textUnlock the secrets of weaving impenetrable security into the fabric of software development, as we dissect the Software Development Life Cycle and its crucial role in cybersecurity. We're not just coding; we're crafting digital fortresses that stand resilient against the onslaught of cyber threats. From the strategic implementation of least privilege to the complexity of secure code repositories, this episode is your masterclass in transforming functional software into fortified...

Send us a textUnlock the secrets of cutting-edge cybersecurity as we navigate the revolutionary impact of drone technology in the insurance industry and delve into the critical components of network security essential for CISSP certification. Sean Gerber here, and I'm eager to guide you through the complex landscape of firewalls, from the fundamentals to next-generation marvels. We'll dissect packet filtering and the indispensable roles these digital gatekeepers play in safeguarding our netwo...

Send us a textDive into the digital trenches with me, Sean Gerber, and ward off cyber threats as we dissect the intricate design of firewalls. Cybersecurity isn't just tech jargon; it's a barricade guarding our financial fortresses from trillion-dollar breaches. In this comprehensive session, we don't just skim through firewall types and setups; we equip you for the frontlines of data protection and cybersecurity leadership. Whether you're a CISSP candidate or a seasoned pro looking to sharpe...

Send us a textCybersecurity's battleground is evolving with AI and quantum computing at the forefront. Are you prepared for the oncoming digital storm? Join me, Shon Gerber, as we reinforce crucial skills for vulnerability assessments and network scanning, and delve into the promising yet perilous world where artificial intelligence meets digital defense. With insights gleaned from a recent Google survey, we discuss the bright future of AI in enhancing security protocols and its darker potent...

Send us a textJoin me, Shon Gerber, on a journey that cuts through the complex undergrowth of cybersecurity's vulnerability assessments. This week's episode is a treasure trove for CISSP exam candidates and professionals alike, as we unpack the intricate details of CVEs, CVSS scores, and the acronyms that are the bread and butter of our industry. Discover how the technical handshake of a TCP connection can reveal your system's soft spots and why a recent ransomware attack in Missouri is a sta...

Send us a textCybersecurity isn't just a buzzword—it's the fortress between your data and a barrage of cyber threats. I'm Sean Gerber, and in this deep-dive session, we confront the stark reality of a world where ransomware attacks have soared, as per a Scottish non-profit's alarming statistics. Doubling down on the urgency for cyber resilience, we underscore the critical need for skilled professionals in this high-stakes domain. Prepare to navigate through the gritty nuances of user account ...

Send us a textCould your company's board benefit from cybersecurity expertise? Discover the untold impact security professionals can make in risk mitigation and financial stability. This week on the CISSP Cyber Training Podcast, I, Sean Gerber, navigate the critical intersection of cybersecurity and corporate governance, underscoring a need for expertise that's often overlooked. We dissect the lifecycle of role management, from the precise art of onboarding to the essential processes of depro...

Send us a textEmbark on an exciting foray into the ever-evolving world of cybersecurity with me, Sean Gerber, as I chart a new course into independent consultancy. The waters are rough, with the UK's critical infrastructure facing an unprecedented OT threat landscape, exacerbated by global geopolitical unrest. Uncover how seemingly secure supply chains and legacy OT systems can become a playground for cyber adversaries, and why protecting energy and utilities has never been more vital. Gain i...

Send us a textEmbark on a cybersecurity odyssey with Sean Gerber as he reveals his leap into the consultancy realm, navigating the precarious balance between the thrill of independence and the stark realities of forging a new path. This episode offers an insider's perspective on secure communication protocols, a fundamental aspect of the CISSP exam, and a critical component of any robust cybersecurity defense. As we dissect the repercussions of the United Health Care hack and its jaw-dropping...

Send us a textEmbark on a transformative journey with me, Sean Gerber, as I share the pivotal moment of venturing into full-time cybersecurity consulting after a significant chapter of my career. It's a time of change and opportunity, not just for me but for the entire cybersecurity landscape, as we witness the shockwaves of a ransomware attack on Change Healthcare and its repercussions on entities like UnitedHealthcare. In this episode, we peel back the layers of this incident to reveal the ...

Send us a textCould your passwords withstand a cyber siege by expert Russian hackers? My latest podcast episode serves as a wakeup call to the cyber threats looming over us, showcasing the recent breach of Microsoft's test environment. As Sean Gerber, I dissect the pivotal missteps in password management and underscore the lifesaving grace of multi-factor authentication. We then shift gears to the bedrock of cyber training, examining message authenticity and integrity controls. By unpacking t...

Send us a textConfront the cyber siege that has the healthcare industry on high alert; this episode sees me, Sean Gerber, dissecting the harrowing United Healthcare ransomware crisis that's rocked our nation. We're not just crunching numbers here—$22 million in ransom to Black Cat hackers signifies more than a hefty payout, it's a stark reminder of our critical infrastructure's fragility in the face of cyber threats. The recent episodes have armed us with knowledge, and now, it's time to put ...

Send us a textEmbarking on a new chapter in my cybersecurity journey, I can't wait to share the depth of insights that come with stepping into the consulting realm. The world of cybersecurity is ever-evolving, and I'm here to navigate this complex landscape with you, offering the expertise you need to protect your data in today's digital battleground. From deciphering the states of data to unveiling the encryption methods that keep your information safe, this episode is a goldmine for anyone ...

Send us a textImagine your Ubiquiti router as an open treasure chest amidst cyber pirates—how long before it's plundered? This episode throws you a lifeline, urging IoT and critical infrastructure pros to safeguard their digital booty by updating those default credentials, stat! But it's not all about fending off Russian cyber threats; we also turn the tables with CISSP Question Thursday, sharpening your cybersecurity smarts. We dissect the anatomy of a bulletproof security policy, navigate t...

Send us a textGet ready to fortify your cybersecurity knowledge base, as I, Sean Gerber, guide you through the labyrinth of security policies and the pivotal Business Impact Analysis (BIA). Our latest CISSP Cyber Training Podcast episode is a treasure trove of insights, where we unravel how security policies aren't just documentation—they're the shields guarding your organization's data. With the revolution of AI, crafting these crucial policies has become more intuitive, ensuring that roles,...

Send us a textUnlock the secrets to crafting impenetrable software as we delve into Domain 8 of the CISSP exam, where design and architecture reign supreme in the security integration battle. Prepare to have your coding paradigms shifted and your architectural blueprints fortified in this episode, which is nothing short of a cyber-fortification masterclass. We tackle the most critical phase of the SDLC and reveal how a well-laid foundation can make or break your software's defensive capabilit...

Send us a textAre you prepared to navigate the intricate maze of software development and cybersecurity? This week's episode guarantees to arm you with the expertise to conquer the CISSP exam and apply these vital skills in the real world. We delve into the structures and strategies that define successful software projects, comparing the precision of the waterfall model to the flexibility of agile, scrum, and the hybrid vigor of the spiral approach. Our foray into recent cyberattacks on US ph...

Send us a textUnlock the secrets to expert incident response with me, Sean Gerber, in this week’s CISSP Cyber Training Podcast. We're crunching down on the essential steps to effectively detect, respond to, mitigate, and recover from cybersecurity incidents. If you're serious about acing the CISSP exam and expanding your cybersecurity acumen, this episode is your study hall. We'll sift through real-world scenarios, dissecting the types of technologies that keep a vigilant eye on your network'...

Send us a textPrepare to elevate your cybersecurity savvy to new heights! Join Sean Gerber as we dissect the nuts and bolts of the incident response process, an indispensable asset for acing the CISSP exam and bolstering your organization's digital defense. This episode is a treasure trove of strategies, focusing on crafting top-notch incident response plans and fostering a security culture that can withstand the toughest cyber challenges. Whether you're a part of a burgeoning small business ...

Send us a textEmbark on a journey to cybersecurity mastery as I, Sean Gerber, unveil the intricacies of security assessments and testing in the realm of CISSP. Guaranteeing a deeper comprehension of domain six, this episode meticulously dissects the objectives of evaluations, zeroing in on vulnerability detection and the verification of security measures. Imagine possessing the acumen to craft test data with utmost confidentiality, navigating the nuances of the audit process, and understandin...

Send us a textAre your organization's cybersecurity measures battle-tested against real threats? Let's unravel the complex tapestry of security assessments and audits together. As your host, Sean Gerber, I bring my red team experience to the forefront, dissecting the various layers of security evaluations that go far beyond simple box-ticking exercises. In this week's CISSP Cyber Training Podcast, we focus on the importance of rigorous, unbiased evaluations, not only to adhere to industry sta...

Send us a textUnlock the secrets of effective account provisioning and maintenance with us, as we ensure you're equipped to face the cyber battleground head-on. This episode, tailored for aspiring CISSP aces and cybersecurity aficionados alike, promises a treasure trove of actionable insights on user authorization, a cornerstone of securing your digital realm. Sean Gerber leads the charge in this week's CISSP Cyber Training Podcast, dissecting the intricacies of account provisioning—because w...

Send us a textPrepare to be armed with the knowledge to secure your digital fortress as we confront the ATLASEN Confluence Data Center and Server Template injection bug, a critical vulnerability that could undermine your cybersecurity defenses. With a severity level that's maxed out the scale, I'm here, Sean Gerber, to ensure you're not left exposed to CVE 2023 22527. Transitioning from defense to offense, we'll unpack CISSP's domain 5.5.1, delivering best practices for onboarding systems and...

Send us a textGet ready to fortify your cyber defenses and unwrap the complexities of internet protocols with me, Sean Gerber, in a week charged with cybersecurity insights. We’re dissecting the digital fabric of IPv4 and IPv6, from the nuances of subnetting to the stealthy signals of ICMP, ensuring you walk away with a fortified understanding of the cyber terrain. Don't miss the pivotal segment where I unravel the CIDR notation—a cornerstone concept for network professionals—and how recogniz...

Send us a textEver wondered how the invisible threads of the internet hold together the vast tapestry of global communication? Join me, Sean Gerber, as we unravel the mystique behind internet protocols, where the transition from IPv4's limited landscape to IPv6's boundless horizons marks a revolution in digital connectivity. Illuminating the depths of IP classes, address schemes, and the critical importance of understanding these concepts, we equip you with the essential know-how to navigate ...

Send us a textUnlock the mysteries of modern cryptography and quantum computing's future impact on security protocols with your guide, Sean Gerber. Our CISSP Cyber Training Podcast takes you through an intricate journey, ensuring you're armed with the expertise needed to conquer the CISSP exam and remain ahead in the ever-evolving landscape of cybersecurity. We promise to transform your understanding of cryptographic concepts, from the supremacy of AES in symmetric encryption to the vulnerabi...

Send us a textUnlock the latest CISSP exam insights and elevate your grasp on the cryptographic landscape with your host, Sean Gerber. Wichita's thawing frost mirrors the CISSP exam's refreshing changes, and we've got the scoop you need to stay on track. Rob Witcher joins in to dissect domain weight adjustments and new focal points in risk management and security architecture. With an eye towards the updated exam format, we assure you that these shifts are no cause for alarm but rather an opp...

Send us a textIs your organization's cybersecurity teetering on the edge with outdated technology? Find out how to fortify your defenses as I, Sean Gerber, navigate the treacherous landscape of end-of-life (EOL) and end-of-service (EOS) assets in the latest CISSP Cyber Training Podcast episode. We explore the harsh realities of increased vulnerabilities and compliance challenges that come with clinging to aging systems. Say goodbye to the misplaced hope of squeezing performance from obsolete ...

Send us a textReady to bulletproof your business against cyber threats that never take a day off? This week, Sean Gerber steers you through the murky waters of cybersecurity for small and medium-sized businesses, with a treasure trove of wisdom on asset management and the art of gracefully retiring your tech relics. We're not just talking about keeping the digital lights on—we're talking full-fledged, fail-proof fortresses.Ever wondered what happens when the 'Billy Bobs' maintaining our legac...

Send us a textAre cyber attacks and data breaches keeping you up at night? You're not alone, and today's episode is your ally in conquering the CISSP exam and upping your cybersecurity game. Sean Gerber is here to dissect the looming shortage of cybersecurity professionals and the power of soft skills that go beyond the technical expertise. With an anticipated gap of 5.5 million roles by 2024, Sean discusses the necessity of growing our cybersecurity workforce and the critical role certificat...

Send us a textCybersecurity isn't just about technology; it's a battleground where legal expertise and international laws become as crucial as firewalls and encryption. Brace yourself as we navigate the tumultuous waters of cyber attacks, from the shocking breaches in Kansas and Australia to the alarming targeting of US infrastructure by Iranian hackers. Our conversation isn't just a rundown of threats; it's an essential guide through the labyrinth of legal consequences for those at the keybo...

Send us a textUnlock the secrets to conquering the CISSP exam as I, Sean Gerber, take you by the hand in our powerhouse 102nd episode, guiding you through the labyrinth of cybersecurity knowledge. Imagine stepping into the exam room equipped with the ultimate blueprint, the same one that has become the hallmark of success for our students. It’s holiday season and we’re serving up a festive feast of CISSP insights, sprinkled with a preview of the upcoming changes to the CISSP exam slated for A...

Send us a textEver wondered if those hefty CISSP certification costs could actually catapult your cybersecurity career to new financial heights? We crack the code on how balancing certification with real-world experience and the right job role can significantly impact your earning potential. Our latest conversation takes a deep dive into the geographical salary differences for security professionals, shedding light on the variance between regions like the Asia Pacific and North America. But d...

Send us a textAre you prepared to level up your cybersecurity expertise and ace the CISSP exam? That's exactly what we're here for! I'm Sean Gerber, and this episode of the CISSP Cyber Training Podcast is a treasure trove of knowledge, from unraveling the intricacies of the STRIDE methodology to understanding the subtleties of 'repudiation' versus 'replication'. Get ready to delve into the depths of the Mandatory Access Control model and discover why 'Top Secret' isn't just a phrase out of a ...

Send us a textUnlock the true potential of your cybersecurity career with insights on how CISSP certification can amplify your earning power—beyond just a fancy title. As your guide, Sean Gerber, I'm taking you through a deep dive into the world of cybersecurity salaries, where your locale plays as big a role as your skills. From the bustling markets of Asia Pacific to the economic hubs in North America, we're mapping out the financial landscape and the real impact of cost of living on what y...

Send us a textAre you prepared to crack the code on API security and sail through your CISSP exam? If yes, then embark on this enlightening journey with me, Sean Gerber, as we decipher the intricacies of API and REST API security. We’ll tackle questions about securing API keys, delve into the pivotal function of an API gateway, and demystify common API security threats. You’ll also get a grip on the role of OAuth 2.0 and input validation in protecting APIs. Hold on to your seats as we tr...

Send us a textAre you ready to unlock the secrets of API security? Prepare to be enlightened, as we tackle the burning issue of cybersecurity, with a special focus on recent hacker attacks targeting US water treatment facilities. Join us in a critical dialogue on fortifying our defenses and the role of cybersecurity education in our communities. Learn how to navigate the complexities of API security, from managing authentication to role-based access and the handling of tokens and API keys.&nb...

Send us a textReady to become a CISSP expert? With this episode, we're going to decode the complex subject of CISSP domain 7.5 - protection of media types, as we sail through its tricky waters. A special highlight of this week's episode is the CISSP Question Thursday segment, featuring targeted questions designed to sharpen your skills and make your CISSP exam prep a walk in the park. You'll also get an insider's view of how a study blueprint can be your compass, guiding you towards your CISS...

Send us a textYou know how critical resource management is to protect your organization's media, but do you fully understand how to implement it effectively? We're here to ensure you do. In our latest CISSP Cyber Training Podcast episode, we shine a light on the recent ransomware attack that hit 60 US credit unions, exposing severe vulnerabilities in the supply chain. We discuss the significance of physical security measures, especially during investigations, and various forms of physical med...

Send us a textReady to unlock the secrets of cybersecurity and ace that CISSP exam? Strap in as we delve into the intriguing realm of ISO 27001 standards, exploring their critical role in safeguarding key infrastructure such as our municipal water facilities. Learn how to assess, comply with, and improve upon these standards, and get a sneak peak at potential exam questions you'll find on our website.But it doesn't stop there. We're pushing the envelope further by integrating cloud security a...

Send us a textEver wonder how safe your data really is in the cloud? Or what steps are necessary to ensure your organization's compliance with critical cybersecurity standards? You won't want to miss our latest episode where we tackle these tough questions head-on, promising to leave you more informed and prepared to safeguard your organization's valuable digital assets. We dive into the complexities of compliance assessments and audit strategies, exemplified by Japan's Space Agency's recent ...

Send us a textEver wondered how to build a fortress around your digital estate? Well, you're about to add a host of techniques to your arsenal. I, Sean Gerber, will take you through an enlightening exploration of access control models, examining prominent types including discretionary, mandatory, role-based, and risk-based models. We'll unlock the secret behind hybrid access controls and their role in reinforcing security layers. Plus, we won't skip the practical side of things, we’ll dive de...

Send us a textWhat happens when ransomware strikes a big corporation like Clorox? Imagine the chaos and the panic that ensues - not to mention, the significant impact on revenue and leadership. That’s where we kick off our conversation with Sean Gerber, who delves deep into the Clorox ransomware attack and why having a strong resiliency plan is imperative. We also shed light on the importance of authorization and discretionary access controls in maintaining organizational security.We navigate...

Send us a textAre you armed with the right strategies to handle a business-altering ransomware attack? How would you navigate the evolving landscape of cyber threats like the recent Boeing lock bit ransomware incident or the Maine move it debacle? Prepare to sink your teeth into these juicy cybersecurity happenings while also getting a breakdown of Google's new strategy on deleting files from inactive accounts. Join us as we shift gears, focusing on CISSP exam questions, particularly the...

Send us a textReady to elevate your cybersecurity knowledge? Buckle up as we, your hosts, dig deep into the realm of security operations, focusing on the time-saving 80-20 rule. We're discussing how automation can handle 80% of benign events, leaving your SOC teams to tackle the crucial 20%. We also delve into the intriguing concept of detection as a code and the role of scalable business context in data ingestion.How about understanding the essence of penetration testing and vulnerability sc...