To give you the best possible experience, this site uses cookies. Review our Privacy Policy and Terms of Service to learn more. Got it!
Search a title or topic

Over 20 million podcasts, powered by 

Player FM logo
Artwork

Tech Non-Profit Business Danielle Koonce Center For Internet Security®
Content provided by David Bisson and Center for Internet Security. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by David Bisson and Center for Internet Security or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.

Similar to Cybersecurity Where You Are (video)

Player FM - Podcast App
Go offline with the Player FM app!
Get it on App Store Get it on Google Play

Cybersecurity Where You Are (video) « »
Episode 156: How CIS Uses CIS Products and Services

37:02
 
Play
Playing
Share
 

MP4Episode home
Manage episode 512259532 series 3382533
Content provided by David Bisson and Center for Internet Security. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by David Bisson and Center for Internet Security or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.

In episode 156 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Stephanie Gass, Sr. Director of Information Security at Center for Internet Security® (CIS®), and Angelo Marcotullio, Chief Information Officer at CIS. Together, they explore how CIS practices what it preaches by using CIS products and services internally, which includes implementation of the CIS Critical Security Controls® (CIS Controls®) and CIS Benchmarks®, automation, and alignment to compliance frameworks. Their discussion highlights how CIS builds a strong cybersecurity foundation while adapting to evolving threats and regulatory requirements.

The conversation dives into practical applications, cultural alignment, and the importance of repeatable processes for scaling security across new products and services. It also touches on the role of privacy regulations, cyber risk quantification, and the community-driven approach that underpins CIS best practices. Here are some highlights from our episode:

  • 01:12. Why CIS “drinks its own champagne” when it comes to cybersecurity
  • 02:56. Three ways the CIS Controls help modern enterprises defend against threat actors
  • 04:02. The importance of pulling together security lessons learned in a way that's translatable
  • 10:03. Our use of the CIS Controls to align to SOC 2, ISO 27001, and other frameworks
  • 12:01. How governance, risk, and compliance (GRC) engineering works with automation to help build repeatable processes
  • 22:43. The role of collaboration and communication in building a cybersecurity program
  • 27:17. Privacy regulations as a catalyst for security innovation
  • 30:24. The CIS Community Defense Model and evidence-based practices
  • 32:40. How CIS leverages lessons learned to improve our security best practices

Resources

If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].

  continue reading

162 episodes

#Tech #Non-Profit #Business #Danielle Koonce #Center For Internet Security®
Artwork

Episode 156: How CIS Uses CIS Products and Services

Cybersecurity Where You Are (video)

published

Play Playing
iconShare
 
MP4Episode home
Manage episode 512259532 series 3382533
Content provided by David Bisson and Center for Internet Security. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by David Bisson and Center for Internet Security or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.

In episode 156 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Stephanie Gass, Sr. Director of Information Security at Center for Internet Security® (CIS®), and Angelo Marcotullio, Chief Information Officer at CIS. Together, they explore how CIS practices what it preaches by using CIS products and services internally, which includes implementation of the CIS Critical Security Controls® (CIS Controls®) and CIS Benchmarks®, automation, and alignment to compliance frameworks. Their discussion highlights how CIS builds a strong cybersecurity foundation while adapting to evolving threats and regulatory requirements.

The conversation dives into practical applications, cultural alignment, and the importance of repeatable processes for scaling security across new products and services. It also touches on the role of privacy regulations, cyber risk quantification, and the community-driven approach that underpins CIS best practices. Here are some highlights from our episode:

  • 01:12. Why CIS “drinks its own champagne” when it comes to cybersecurity
  • 02:56. Three ways the CIS Controls help modern enterprises defend against threat actors
  • 04:02. The importance of pulling together security lessons learned in a way that's translatable
  • 10:03. Our use of the CIS Controls to align to SOC 2, ISO 27001, and other frameworks
  • 12:01. How governance, risk, and compliance (GRC) engineering works with automation to help build repeatable processes
  • 22:43. The role of collaboration and communication in building a cybersecurity program
  • 27:17. Privacy regulations as a catalyst for security innovation
  • 30:24. The CIS Community Defense Model and evidence-based practices
  • 32:40. How CIS leverages lessons learned to improve our security best practices

Resources

If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].

  continue reading

162 episodes

#Tech #Non-Profit #Business #Danielle Koonce #Center For Internet Security®

All episodes

×
 
Loading …

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Similar to Cybersecurity Where You Are (video)

Listen to 500+ topics
Player FM - Podcast App
Go offline with the Player FM app!
Get it on App Store Get it on Google Play
icon
Help/FAQ | Advertise with Us
Arts|Business|Comedy|Economics|Entertainment|News|Politics|Religion
Science|Soccer|Sports|Storytelling|Technology|True Crime
Copyright 2025 | Privacy Policy | Terms of Service | | Copyright
Episode being played series thumbnail
icon icon
Speed
Series settings
1x
1x
Volume
100%
icon
icon icon
/

View Player FM in...
Player FM
Browser
Chrome
Safari
Firefox
Listen to this show while you explore
Play