In episode 132 of Cybersecurity Where You Are, Sean Atkinson is joined by Valecia Stocchetti, Sr. Cybersecurity Engineer of the CIS Critical Security Controls (CIS Controls) at the Center for Internet Security® (CIS®). Together, they discuss what the first day, step, and dollar of implementing a controls framework look like for organizations stepping into their cybersecurity journey. Here are some highlights from our episode:01:54. Building and improving a cybersecurity program through the power of consensus04:55. The use of an assessment to determine where you are and where you're going09:15. How cross-mapping to multiple frameworks simplifies regulatory compliance efforts12:00. The use of governance to secure leadership buy-in for your cybersecurity program13:33. Continuous auditing and monitoring as tools for adapting to change15:10. How Controls prioritization flows through the Implementation Groups (IGs)19:39. Leadership as the backbone for getting any business program off the ground22:59. Calculating the cost of cyber defense as a preventative action24:55. Tradeoffs with security tools to keep in mind so that you can budget efficiently30:00. Qualifications when using security offerings of MSPs and CSPsResourcesCIS Community Defense Model 2.0How Risk Quantification Tests Your Reasonable Cyber DefenseCIS Controls Self Assessment Tool (CIS CSAT)Guide to Implementation Groups (IG): CIS Critical Security Controls v8.1How to Plan a Cybersecurity Roadmap in 4 StepsThe Cost of Cyber Defense: CIS Controls IG1If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].

Ver todos los episodios