All Episodes
Displaying 41 - 60 of 83 in total
Episode 41 — Overview – Email and browser as attack vectors
Control 9—Email and Web Browser Protections—targets the entry points most frequently exploited by attackers: users’ inboxes and browsers. These applications are gatewa...
Episode 42 — Safeguard 9.1 – Spam and phishing defenses
Safeguard 9.1 requires organizations to ensure that only fully supported and up-to-date email clients are used and that layered spam and phishing defenses are in place...
Episode 43 — Safeguard 9.2 – Browser configuration and isolation
Safeguard 9.2 focuses on securing web browsers—the most widely used and simultaneously most exposed application within any organization. Because browsers connect direc...
Episode 44 — Remaining safeguards summary (Control 9)
The remaining safeguards under Control 9 expand email and web browser protection into a comprehensive strategy against social engineering and content-based attacks. Th...
Episode 45 — Overview – Malware threats and defenses
Control 10—Malware Defenses—addresses the ongoing challenge of detecting, preventing, and mitigating malicious code across the enterprise. Malware encompasses a broad ...
Episode 46 — Safeguard 10.1 – Anti-malware solutions
Safeguard 10.1 directs organizations to deploy and maintain anti-malware software on all enterprise assets to provide a frontline defense against malicious code. This ...
Episode 47 — Safeguard 10.2 – Endpoint detection and response (EDR)
Safeguard 10.2 expands traditional anti-malware defenses by introducing Endpoint Detection and Response (EDR)—a technology designed to detect, analyze, and contain thr...
Episode 48 — Remaining safeguards summary (Control 10)
The remaining safeguards under Control 10 reinforce malware defense through layered, automated protection and proactive monitoring. These include automatic signature u...
Episode 49 — Overview – Planning for inevitable failures
Control 11—Data Recovery—acknowledges an unavoidable truth in cybersecurity: failures, whether caused by attacks, accidents, or system errors, are inevitable. The focu...
Episode 50 — Safeguard 11.1 – Backup process design
Safeguard 11.1 directs organizations to establish and maintain a documented data recovery process that defines how, where, and when critical information is backed up. ...
Episode 51 — Safeguard 11.2 – Testing data recovery
Safeguard 11.2 requires organizations to test their data recovery capabilities on a regular basis, validating that backup systems and restoration procedures function a...
Episode 52 — Remaining safeguards summary (Control 11)
The remaining safeguards within Control 11 establish a comprehensive framework for secure, reliable data recovery. They include protecting recovery data with equivalen...
Episode 53 — Overview – Network devices and hygiene
Control 12—Network Infrastructure Management—ensures that the systems responsible for connecting, routing, and protecting enterprise communications are securely config...
Episode 54 — Safeguard 12.1 – Maintain network diagrams
Safeguard 12.1 requires organizations to establish and maintain accurate network architecture diagrams, ensuring complete visibility of how assets and data connect acr...
Episode 55 — Safeguard 12.2 – Secure and configure devices
Safeguard 12.2 focuses on the secure configuration and segmentation of network infrastructure, ensuring that devices operate within controlled, least-privilege boundar...
Episode 56 — Safeguard 12.3 – Remove legacy and unused devices
Safeguard 12.3 requires organizations to identify, isolate, and remove legacy or unused network devices that no longer serve operational or security purposes. Outdated...
Episode 57 — Remaining safeguards summary (Control 12)
The remaining safeguards under Control 12 reinforce disciplined management of network infrastructure by combining secure management, centralized authentication, and de...
Episode 58 — Overview – Monitoring as the nervous system
Control 13—Network Monitoring and Defense—represents the organization’s sensory system for detecting, analyzing, and responding to cyber threats. Even the best prevent...
Episode 59 — Safeguard 13.1 – Intrusion detection and prevention
Safeguard 13.1 requires organizations to centralize security event alerting and deploy systems that can detect and, when appropriate, block malicious activity across e...
Episode 60 — Safeguard 13.2 – Segmentation and filtering
Safeguard 13.2 extends the principle of defense in depth by enforcing traffic segmentation and filtering between network zones. The goal is to limit unnecessary commun...