All Episodes
Displaying 21 - 40 of 83 in total
Episode 21 — Safeguard 4.2 – Automated configuration management
Safeguard 4.2 builds upon the secure baseline concept by emphasizing automation as the means to enforce and maintain configurations consistently. Manual configuration ...
Episode 22 — Remaining safeguards summary (Control 4)
The remaining safeguards under Control 4 extend the secure configuration principle into everyday system operation, ensuring that protections remain active and measurab...
Episode 23 — Overview – Managing identity and accounts
Control 5, Account Management, addresses one of cybersecurity’s most exploited weaknesses—mismanaged credentials. Attackers often gain entry not through advanced explo...
Episode 24 — Safeguard 5.1 – Inventory of accounts
Safeguard 5.1 requires organizations to maintain a comprehensive, accurate inventory of all accounts managed within the enterprise, covering user, administrator, and s...
Episode 25 — Safeguard 5.2 – Centralized account management
Safeguard 5.2 emphasizes consolidating account administration through centralized identity services rather than isolated, system-specific credentials. Fragmented accou...
Episode 26 — Safeguard 5.3 – Disable dormant accounts
Safeguard 5.3 requires organizations to detect and disable dormant accounts—user identities that have not been used for an extended period, typically forty-five days o...
Episode 27 — Remaining safeguards summary (Control 5)
The remaining safeguards in Control 5 complete the account management lifecycle by focusing on administrative segregation, service account oversight, and centralized c...
Episode 28 — Overview – Principles of least privilege
Control 6 introduces the principle of least privilege, a core tenet of cybersecurity that restricts user and system access to only the permissions necessary for perfor...
Episode 29 — Safeguard 6.1 – Access authorization processes
Safeguard 6.1 requires organizations to establish standardized, auditable processes for granting access to enterprise assets. Each new user, contractor, or service acc...
Episode 30 — Safeguard 6.2 – Role-based access control (RBAC)
Safeguard 6.2 formalizes the implementation of Role-Based Access Control, or RBAC, which assigns permissions to predefined roles rather than individual users. This mod...
Episode 31 — Remaining safeguards summary (Control 6)
The remaining safeguards under Control 6 complete the access control lifecycle by ensuring that privileges are continuously monitored, validated, and revoked when no l...
Episode 32 — Overview – Why vulnerability management is continuous
Control 7—Continuous Vulnerability Management—recognizes that no system remains secure indefinitely. Software evolves, new exploits emerge, and configurations drift ov...
Episode 33 — Safeguard 7.1 – Vulnerability scanning tools
Safeguard 7.1 calls for organizations to establish and maintain a documented vulnerability management process supported by automated scanning tools. These tools form t...
Episode 34 — Safeguard 7.2 – Remediation timelines and SLAs
Safeguard 7.2 establishes the requirement for formal remediation timelines, often codified as Service Level Agreements (SLAs), to ensure that identified vulnerabilitie...
Episode 35 — Safeguard 7.3 – Integration with patch management
Safeguard 7.3 connects vulnerability management directly to patch management, ensuring that identified issues lead to timely, verifiable fixes. Vulnerability scanning ...
Episode 36 — Remaining safeguards summary (Control 7)
The remaining safeguards under Control 7 complete the vulnerability management cycle by ensuring that discovery, remediation, and verification operate as an ongoing, m...
Episode 37 — Overview – Logs as the backbone of detection
Control 8—Audit Log Management—focuses on one of the most essential yet underutilized capabilities in cybersecurity: the power of audit logs. Logs are the digital foot...
Episode 38 — Safeguard 8.1 – Enable audit logging
Safeguard 8.1 requires organizations to establish and maintain a documented process for audit log management, defining the collection, review, and retention of event d...
Episode 39 — Safeguard 8.2 – Centralized log collection and SIEM
Safeguard 8.2 builds upon basic log activation by requiring centralized log collection and correlation through Security Information and Event Management (SIEM) or equi...
Episode 40 — Remaining safeguards summary (Control 8)
The remaining safeguards under Control 8 expand audit logging into a fully mature detection capability that supports real-time defense, forensic analysis, and complian...