SlideShare a Scribd company logo

SEI CERT Podcast Series

James W. De Rienzo
James W. De Rienzo

This document contains a list of 46 podcasts from the CERT organization covering various topics in cybersecurity. The podcasts are grouped into 10 categories: Forensics, Governing for Enterprise Security, Measuring Security, Privacy, Risk Management and Resilience, Security Education and Training, Software Security, Threat, Tips from the Trenches: Areas of Practice, and Trends and Lessons Learned. Each entry includes the podcast title, category, and brief description of topics covered in the podcast. The podcasts address a wide range of issues organizations may face such as malware analysis, security metrics, software development practices, and more.

Technology
1 of 5
Download to read offline
CERT Podcast Series.xlsx Rec Seq Category        Title             Description 1 1 Forensics Characterizing and Prioritizing Malicious Code In this podcast, Jose Morales discusses how to prioritize malware samples, helping analysts to identify the most  destructive malware to examine first. 2 Forensics TJX, Heartland, and CERT's Forensics Analysis Capabilities In this podcast, participants recount complex, distributed, multi‐year investigations of computer crimes using  sophisticated methods, techniques, and tools. 3 Forensics Computer and Network Forensics: A Master's Level Curriculum In this podcast, Kris Rush describes how students learn to combine multiple facets of digital forensics and draw  conclusions to support investigations. 4 Forensics Computer Forensics for Business Leaders: Building Robust Policies and Processes In this podcast, participants discuss how business leaders can play a key role in computer forensics by establishing  and testing strong policies. 5 Forensics Computer Forensics for Business Leaders: A Primer In this podcast, participants discuss how computer forensics is often overlooked when planning an incident  response strategy. 2 6 Governing for Enterprise Security Why Use Maturity Models to Improve Cybersecurity: Key Concepts, Principles, and Definitions In this podcast, Rich Caralli explains how maturity models provide measurable value in improving an organization's  cybersecurity capabilities. 7 Governing for Enterprise Security NIST Catalog of Security and Privacy Controls, Including Insider Threat In this podcast, participants discuss why security controls, including those for insider threat, are necessary to  protect information and information systems. 8 Governing for Enterprise Security Public‐Private Partnerships: Essential for National Cyber Security In this podcast, participants explain that knowledge of software assurance is essential to ensure that complex  systems function as intended. 9 Governing for Enterprise Security Establishing a National Computer Security Incident Response Team (CSIRT) In this podcast, participants discuss how essential a national CSIRT is for protecting national and economic security  and continuity. 10 Governing for Enterprise Security Leveraging Security Policies and Procedures for Electronic Evidence Discovery In this podcast, John Christiansen explains that effectively responding to e‐discovery requests depends on well‐ defined policies, procedures, and processes. 3 11 Measuring Security Measuring Operational Resilience In this podcast, Julia Allen explains that measures of operational resilience should answer key questions, inform  decisions, and affect behavior. http://www.cert.org/podcasts/index.cfm#securityeducation Page 1 of 5
CERT Podcast Series.xlsx Rec Seq Category        Title             Description 3 11 12 Measuring Security Getting to a Useful Set of Security Metrics Well‐defined metrics are essential to determine which security practices are worth the investment. 13 Measuring Security Using Benchmarks to Make Better Security Decisions In this podcast, Betsy Nichols describes how benchmark results can be used to help determine how much security  is enough. 14 Measuring Security Initiating a Security Metrics Program: Key Points to Consider In this podcast, Samuel Merrell explains that a sound security metrics program should select data relevant to  consumers from repeatable processes. 15 Measuring Security Building a Security Metrics Program In this podcast, Betsy Nichols explains that reporting meaningful security metrics depends on topic selection,  context definition, and data access. 4 16 Privacy Considering Security and Privacy in the Move to Electronic Health Records In this podcast, participants discuss how using electronic health records bring many benefits along with security  and privacy challenges. 17 Privacy Integrating Privacy Practices into the Software Development Life Cycle In this podcast, participants explain that addressing privacy during software development is just as important as  addressing security. 18 Privacy Electronic Health Records: Challenges for Patient Privacy and Security In this podcast, Robert Charette explains why electronic health records (EHRs) are possibly the most complicated  area of IT today. 19 Privacy Protecting Information Privacy ‐ How To and Lessons Learned In this podcast, Kim Hargraves describes three keys to ensuring information privacy in an organization. 20 Privacy The Value of De‐Identified Personal Data In this podcast, participants discuss the complex legal compliance landscape and how de‐identification can help  organizations share data more securely. 5 21 Risk Management and Resilience Comparing IT Risk Assessment and Analysis Methods In this podcast, the presenters discuss IT risk assessment and analysis, and comparison factors for selecting  methods that are a good fit for your organization. 22 Risk Management and Resilience The Electricity Subsector Cybersecurity Capability Maturity Model (ES‐C2M2) ES‐C2M2 helps improve the operational resilience of the U.S. power grid. 23 Risk Management and Resilience http://www.cert.org/podcasts/index.cfm#securityeducation Page 2 of 5
CERT Podcast Series.xlsx Rec Seq Category        Title             Description 5 23 Using the Cyber Resilience Review to Help Critical Infrastructures Better Manage Operational Resilience In this podcast, the presenters explain how CRRs allow critical infrastructure owners to compare their  cybersecurity performance with their peers. 24 Risk Management and Resilience Managing Disruptive Events ‐ CERT‐RMM Experience Reports In this podcast, the participants describe four experience reports that demonstrate how the CERT‐RMM can be  applied to manage operational risks. 25 Risk Management and Resilience Managing Disruptive Events: Demand for an Integrated Approach to Better Manage Risk In this podcast, Nader Mehravari describes how governments and markets are calling for the integration of plans  for and responses to disruptive events. 6 26 Security Education and Training How to Become a Cyber Warrior In this podcast, Dennis Allen explains that protecting the internet and its users against cyber attacks requires more  skilled cyber warriors. 27 Security Education and Training Software Assurance: A Master's Level Curriculum In this podcast, participants explain how knowledge about software assurance is essential to ensure that complex  systems function as intended. 28 Security Education and Training Better Incident Response Through Scenario Based Training In this podcast, Christopher May explains how teams are better prepared to respond to incidents if realistic, hands‐ on training is part of their normal routine. 29 Security Education and Training Using High Fidelity, Online Training to Stay Sharp In this podcast, Jim Wrubel explains how virtual training environments can deliver high quality content to security  professionals on‐demand, anywhere, anytime. 30 Security Education and Training What Business Leaders Can Expect from Security Degree Programs In this podcast, participants discuss whether information security degree programs meet the needs of business  leaders seeking knowledgeable employees. 7 31 Software Security Raising the Bar ‐ Mainstreaming CERT C Secure Coding Rules In this podcast, Robert Seacord describes the CERT‐led effort to publish an ISO/IEC technical specification for  secure coding rules for compilers and analyzers. 32 Software Security Cisco's Adoption of CERT Secure Coding Standards In this podcast, Martin Sebor explains how implementing secure coding standards is a sound business decision. 33 Software Security How to Develop More Secure Software ‐ Practices from Thirty Organizations In this podcast, participants discuss how organizations can benchmark their software security practices against 109  observed activities from 30 organizations. http://www.cert.org/podcasts/index.cfm#securityeducation Page 3 of 5
CERT Podcast Series.xlsx Rec Seq Category        Title             Description 7 34 Software Security The Power of Fuzz Testing to Reduce Security Vulnerabilities In this podcast, Will Dormann urges listeners to subject their software to fuzz testing to help identify and eliminate  security vulnerabilities. 35 Software Security The Role of the CISO in Developing More Secure Software In this podcast, Pravir Chandra warns that CISOs must leave no room for doubt that they understand what is  expected of them when developing secure software. 8 36 Threat Using a Malware Ontology to Make Progress Towards a Science of Cybersecurity In this podcast, Dave Mundie explains why a common language is essential to developing a shared understanding  to better analyze malicious code. 37 Threat Mitigating Insider Threat ‐ New and Improved Practices Fourth Edition In this podcast, participants explain how 371 cases of insider attacks led to 4 new and 15 updated best practices  for mitigating insider threats. 38 Threat Building a Malware Analysis Capability In this podcast, Jeff Gennari explains that analyzing malware is essential to assessing the damage and reducing the  impact associated with ongoing infection. 39 Threat Indicators and Controls for Mitigating Insider Threat In this podcast, Michael Hanley explains how technical controls can be effective in helping to prevent, detect, and  respond to insider crimes. 40 Threat Protect Your Business from Money Mules Organized criminals recruit unsuspecting intermediaries to help steal funds from small businesses. 9 41 Tips from the Trenches: Areas of Practice  DevOps ‐ Transform Development and Operations for Fast, Secure Deployments In this podcast, Gene Kim explains how the "release early, release often" approach significantly improves software  performance, stability, and security. 42 Tips from the Trenches: Areas of Practice  Securing Mobile Devices aka BYOD In this podcast, Joe Mayes discusses how to ensure the security of personal mobile devices that have access to  enterprise networks. 43 Tips from the Trenches: Areas of Practice  Using Network Flow Data to Profile Your Network and Reduce Vulnerabilities In this podcast, participants discuss how a network profile can help identify unintended points of entry,  misconfigurations, and other weaknesses. 44 Tips from the Trenches: Areas of Practice  How to More Effectively Manage Vulnerabilities and the Attacks that Exploit Them In this podcast, Greg Crabb explains how CERT‐RMM can be used to establish and meet resilience requirements for  a wide range of business objectives. http://www.cert.org/podcasts/index.cfm#securityeducation Page 4 of 5
CERT Podcast Series.xlsx Rec Seq Category        Title             Description 9 45 Tips from the Trenches: Areas of Practice  Why Organizations Need a Secure Domain Name System Use of Domain Name System security extensions can help prevent website hijacking attacks. 10 46 Trends and Lessons Learned Cyber Security, Safety, and Ethics for the Net Generation In this podcast, Rodney Peterson explains why capitalizing on the cultural norms of the Net Generation is essential  when developing security awareness programs. 47 Trends and Lessons Learned Tackling Tough Challenges: Insights from CERT’s Director Rich Pethia In this podcast, Rich Pethia reflects on the CERT Division's 20‐year history and discusses its future IT and security  challenges. 48 Trends and Lessons Learned Climate Change: Implications for Information Technology and Security In this podcast, Richard Power explains how climate change requires new strategies for dealing with traditional IT  and information security risks. 49 Trends and Lessons Learned Integrating Security Incident Response and e‐Discovery In this podcast, Julia Allen explains how responding to an e‐discovery request involves many of the same steps and  roles as responding to a security incident. 50 Trends and Lessons Learned Virtual Communities: Risks and Opportunities In this podcast, Jan Wolynski advises business leaders to evaluate risks and opportunities when considering  conducting business in online, virtual communities. http://www.cert.org/podcasts/index.cfm#securityeducation Page 5 of 5

Recommended

Information Assurance, A DISA CCRI Conceptual Framework
Information Assurance, A DISA CCRI Conceptual FrameworkInformation Assurance, A DISA CCRI Conceptual Framework
Information Assurance, A DISA CCRI Conceptual Framework
James W. De Rienzo
 
NIST CSD Cybersecurity Publications 20160417
NIST CSD Cybersecurity Publications 20160417NIST CSD Cybersecurity Publications 20160417
NIST CSD Cybersecurity Publications 20160417James W. De Rienzo
 
The NIST Cybersecurity Framework
The NIST Cybersecurity FrameworkThe NIST Cybersecurity Framework
The NIST Cybersecurity Framework
EMMAIntl
 
AKS IT Corporate Presentation
AKS IT Corporate PresentationAKS IT Corporate Presentation
AKS IT Corporate Presentationaksit_services
 
Aksit profile final
Aksit profile finalAksit profile final
Aksit profile finalSaurabh Kumar
 
Practical Enterprise Security Architecture
Practical Enterprise Security Architecture Practical Enterprise Security Architecture
Practical Enterprise Security Architecture
Priyanka Aash
 
NISTs Cybersecurity Framework -- Comparison with Best Practice
NISTs Cybersecurity Framework -- Comparison with Best PracticeNISTs Cybersecurity Framework -- Comparison with Best Practice
NISTs Cybersecurity Framework -- Comparison with Best Practice
David Ochel
 
Nist.sp.800 53r4 (1)
Nist.sp.800 53r4 (1)Nist.sp.800 53r4 (1)
Nist.sp.800 53r4 (1)
Aravamuthan Chockalingam
 

Recommended

Information Assurance, A DISA CCRI Conceptual Framework
Information Assurance, A DISA CCRI Conceptual FrameworkInformation Assurance, A DISA CCRI Conceptual Framework
Information Assurance, A DISA CCRI Conceptual Framework
James W. De Rienzo
 
NIST CSD Cybersecurity Publications 20160417
NIST CSD Cybersecurity Publications 20160417NIST CSD Cybersecurity Publications 20160417
NIST CSD Cybersecurity Publications 20160417James W. De Rienzo
 
The NIST Cybersecurity Framework
The NIST Cybersecurity FrameworkThe NIST Cybersecurity Framework
The NIST Cybersecurity Framework
EMMAIntl
 
AKS IT Corporate Presentation
AKS IT Corporate PresentationAKS IT Corporate Presentation
AKS IT Corporate Presentationaksit_services
 
Aksit profile final
Aksit profile finalAksit profile final
Aksit profile finalSaurabh Kumar
 
Practical Enterprise Security Architecture
Practical Enterprise Security Architecture Practical Enterprise Security Architecture
Practical Enterprise Security Architecture
Priyanka Aash
 
NISTs Cybersecurity Framework -- Comparison with Best Practice
NISTs Cybersecurity Framework -- Comparison with Best PracticeNISTs Cybersecurity Framework -- Comparison with Best Practice
NISTs Cybersecurity Framework -- Comparison with Best Practice
David Ochel
 
Nist.sp.800 53r4 (1)
Nist.sp.800 53r4 (1)Nist.sp.800 53r4 (1)
Nist.sp.800 53r4 (1)
Aravamuthan Chockalingam
 
Software Development Life Cycle – Managing Risk and Measuring Security
Software Development Life Cycle – Managing Risk and Measuring SecuritySoftware Development Life Cycle – Managing Risk and Measuring Security
Software Development Life Cycle – Managing Risk and Measuring Security
Thomas Malmberg
 
File1
File1File1
File1
ivanmagalhaes__
 
Supplier security assessment questionnaire
Supplier security assessment questionnaireSupplier security assessment questionnaire
Supplier security assessment questionnaire
Priyanka Aash
 
Fundamentals of-information-security
Fundamentals of-information-security Fundamentals of-information-security
Fundamentals of-information-security
madunix
 
Ciss previsionnotes
Ciss previsionnotesCiss previsionnotes
Ciss previsionnotes
madunix
 
Certified Information Systems Security Professional (cissp) Domain “access co...
Certified Information Systems Security Professional (cissp) Domain “access co...Certified Information Systems Security Professional (cissp) Domain “access co...
Certified Information Systems Security Professional (cissp) Domain “access co...master student
 
NIST presentation on RMF 2.0 / SP 800-37 rev. 2
NIST presentation on RMF 2.0 / SP 800-37 rev. 2NIST presentation on RMF 2.0 / SP 800-37 rev. 2
NIST presentation on RMF 2.0 / SP 800-37 rev. 2
NetLockSmith
 
Nist
NistNist
Nist
penetration Tester
 
Ssdf nist
Ssdf nistSsdf nist
Ssdf nist
Naveen Koyi
 
Job aid framework-for-improving-critical-infrastructure-cybersecurity-core-jwd
Job aid framework-for-improving-critical-infrastructure-cybersecurity-core-jwdJob aid framework-for-improving-critical-infrastructure-cybersecurity-core-jwd
Job aid framework-for-improving-critical-infrastructure-cybersecurity-core-jwd
James W. De Rienzo
 
NIST Framework for Information System
NIST Framework for Information SystemNIST Framework for Information System
NIST Framework for Information System
newbie2019
 
Security assessment with a hint of CISSP Prep
Security assessment with a hint of CISSP PrepSecurity assessment with a hint of CISSP Prep
Security assessment with a hint of CISSP Prep
EnterpriseGRC Solutions, Inc.
 
Cst 630 Motivated Minds/newtonhelp.com
Cst 630 Motivated Minds/newtonhelp.comCst 630 Motivated Minds/newtonhelp.com
Cst 630 Motivated Minds/newtonhelp.com
amaranthbeg53
 
Tripwire enterprise 87_datasheet
Tripwire enterprise 87_datasheetTripwire enterprise 87_datasheet
Tripwire enterprise 87_datasheet
Devaraj Sl
 
Building a Product Security Practice in a DevOps World
Building a Product Security Practice in a DevOps WorldBuilding a Product Security Practice in a DevOps World
Building a Product Security Practice in a DevOps World
Arun Prabhakar
 
Standards based security for energy utilities
Standards based security for energy utilitiesStandards based security for energy utilities
Standards based security for energy utilities
Nirmal Thaliyil
 
Content Strategy and Developer Engagement for DevPortals
Content Strategy and Developer Engagement for DevPortalsContent Strategy and Developer Engagement for DevPortals
Content Strategy and Developer Engagement for DevPortals
Axway
 
READ ON HOW FUTURE PROOFING TODAY’S SECURE SYSTEMS
READ ON HOW FUTURE PROOFING TODAY’S SECURE SYSTEMSREAD ON HOW FUTURE PROOFING TODAY’S SECURE SYSTEMS
READ ON HOW FUTURE PROOFING TODAY’S SECURE SYSTEMS
Gregory McNulty
 
Emanuel rebollo velis/Definiciones basicas
Emanuel rebollo velis/Definiciones basicasEmanuel rebollo velis/Definiciones basicas
Emanuel rebollo velis/Definiciones basicasEmanuel Rebollo
 
Masterthesis Ismail Shoukry Final
Masterthesis Ismail Shoukry FinalMasterthesis Ismail Shoukry Final
Masterthesis Ismail Shoukry FinalIsmail Shoukry
 
Rassegna Stampa - Artdate 2013
Rassegna Stampa - Artdate 2013Rassegna Stampa - Artdate 2013
Rassegna Stampa - Artdate 2013The Blank Contemporary Art
 
Ordenanza Junta Municipal de Filadelfia
Ordenanza Junta Municipal de Filadelfia Ordenanza Junta Municipal de Filadelfia
Ordenanza Junta Municipal de Filadelfia
Eddie Ramirez Osorio
 

More Related Content

What's hot

Software Development Life Cycle – Managing Risk and Measuring Security
Software Development Life Cycle – Managing Risk and Measuring SecuritySoftware Development Life Cycle – Managing Risk and Measuring Security
Software Development Life Cycle – Managing Risk and Measuring Security
Thomas Malmberg
 
File1
File1File1
File1
ivanmagalhaes__
 
Supplier security assessment questionnaire
Supplier security assessment questionnaireSupplier security assessment questionnaire
Supplier security assessment questionnaire
Priyanka Aash
 
Fundamentals of-information-security
Fundamentals of-information-security Fundamentals of-information-security
Fundamentals of-information-security
madunix
 
Ciss previsionnotes
Ciss previsionnotesCiss previsionnotes
Ciss previsionnotes
madunix
 
Certified Information Systems Security Professional (cissp) Domain “access co...
Certified Information Systems Security Professional (cissp) Domain “access co...Certified Information Systems Security Professional (cissp) Domain “access co...
Certified Information Systems Security Professional (cissp) Domain “access co...master student
 
NIST presentation on RMF 2.0 / SP 800-37 rev. 2
NIST presentation on RMF 2.0 / SP 800-37 rev. 2NIST presentation on RMF 2.0 / SP 800-37 rev. 2
NIST presentation on RMF 2.0 / SP 800-37 rev. 2
NetLockSmith
 
Nist
NistNist
Nist
penetration Tester
 
Ssdf nist
Ssdf nistSsdf nist
Ssdf nist
Naveen Koyi
 
Job aid framework-for-improving-critical-infrastructure-cybersecurity-core-jwd
Job aid framework-for-improving-critical-infrastructure-cybersecurity-core-jwdJob aid framework-for-improving-critical-infrastructure-cybersecurity-core-jwd
Job aid framework-for-improving-critical-infrastructure-cybersecurity-core-jwd
James W. De Rienzo
 
NIST Framework for Information System
NIST Framework for Information SystemNIST Framework for Information System
NIST Framework for Information System
newbie2019
 
Security assessment with a hint of CISSP Prep
Security assessment with a hint of CISSP PrepSecurity assessment with a hint of CISSP Prep
Security assessment with a hint of CISSP Prep
EnterpriseGRC Solutions, Inc.
 
Cst 630 Motivated Minds/newtonhelp.com
Cst 630 Motivated Minds/newtonhelp.comCst 630 Motivated Minds/newtonhelp.com
Cst 630 Motivated Minds/newtonhelp.com
amaranthbeg53
 
Tripwire enterprise 87_datasheet
Tripwire enterprise 87_datasheetTripwire enterprise 87_datasheet
Tripwire enterprise 87_datasheet
Devaraj Sl
 
Building a Product Security Practice in a DevOps World
Building a Product Security Practice in a DevOps WorldBuilding a Product Security Practice in a DevOps World
Building a Product Security Practice in a DevOps World
Arun Prabhakar
 
Standards based security for energy utilities
Standards based security for energy utilitiesStandards based security for energy utilities
Standards based security for energy utilities
Nirmal Thaliyil
 
Content Strategy and Developer Engagement for DevPortals
Content Strategy and Developer Engagement for DevPortalsContent Strategy and Developer Engagement for DevPortals
Content Strategy and Developer Engagement for DevPortals
Axway
 
READ ON HOW FUTURE PROOFING TODAY’S SECURE SYSTEMS
READ ON HOW FUTURE PROOFING TODAY’S SECURE SYSTEMSREAD ON HOW FUTURE PROOFING TODAY’S SECURE SYSTEMS
READ ON HOW FUTURE PROOFING TODAY’S SECURE SYSTEMS
Gregory McNulty
 

What's hot (18)

Software Development Life Cycle – Managing Risk and Measuring Security
Software Development Life Cycle – Managing Risk and Measuring SecuritySoftware Development Life Cycle – Managing Risk and Measuring Security
Software Development Life Cycle – Managing Risk and Measuring Security
 
File1
File1File1
File1
 
Supplier security assessment questionnaire
Supplier security assessment questionnaireSupplier security assessment questionnaire
Supplier security assessment questionnaire
 
Fundamentals of-information-security
Fundamentals of-information-security Fundamentals of-information-security
Fundamentals of-information-security
 
Ciss previsionnotes
Ciss previsionnotesCiss previsionnotes
Ciss previsionnotes
 
Certified Information Systems Security Professional (cissp) Domain “access co...
Certified Information Systems Security Professional (cissp) Domain “access co...Certified Information Systems Security Professional (cissp) Domain “access co...
Certified Information Systems Security Professional (cissp) Domain “access co...
 
NIST presentation on RMF 2.0 / SP 800-37 rev. 2
NIST presentation on RMF 2.0 / SP 800-37 rev. 2NIST presentation on RMF 2.0 / SP 800-37 rev. 2
NIST presentation on RMF 2.0 / SP 800-37 rev. 2
 
Nist
NistNist
Nist
 
Ssdf nist
Ssdf nistSsdf nist
Ssdf nist
 
Job aid framework-for-improving-critical-infrastructure-cybersecurity-core-jwd
Job aid framework-for-improving-critical-infrastructure-cybersecurity-core-jwdJob aid framework-for-improving-critical-infrastructure-cybersecurity-core-jwd
Job aid framework-for-improving-critical-infrastructure-cybersecurity-core-jwd
 
NIST Framework for Information System
NIST Framework for Information SystemNIST Framework for Information System
NIST Framework for Information System
 
Security assessment with a hint of CISSP Prep
Security assessment with a hint of CISSP PrepSecurity assessment with a hint of CISSP Prep
Security assessment with a hint of CISSP Prep
 
Cst 630 Motivated Minds/newtonhelp.com
Cst 630 Motivated Minds/newtonhelp.comCst 630 Motivated Minds/newtonhelp.com
Cst 630 Motivated Minds/newtonhelp.com
 
Tripwire enterprise 87_datasheet
Tripwire enterprise 87_datasheetTripwire enterprise 87_datasheet
Tripwire enterprise 87_datasheet
 
Building a Product Security Practice in a DevOps World
Building a Product Security Practice in a DevOps WorldBuilding a Product Security Practice in a DevOps World
Building a Product Security Practice in a DevOps World
 
Standards based security for energy utilities
Standards based security for energy utilitiesStandards based security for energy utilities
Standards based security for energy utilities
 
Content Strategy and Developer Engagement for DevPortals
Content Strategy and Developer Engagement for DevPortalsContent Strategy and Developer Engagement for DevPortals
Content Strategy and Developer Engagement for DevPortals
 
READ ON HOW FUTURE PROOFING TODAY’S SECURE SYSTEMS
READ ON HOW FUTURE PROOFING TODAY’S SECURE SYSTEMSREAD ON HOW FUTURE PROOFING TODAY’S SECURE SYSTEMS
READ ON HOW FUTURE PROOFING TODAY’S SECURE SYSTEMS
 

Viewers also liked

Emanuel rebollo velis/Definiciones basicas
Emanuel rebollo velis/Definiciones basicasEmanuel rebollo velis/Definiciones basicas
Emanuel rebollo velis/Definiciones basicasEmanuel Rebollo
 
Masterthesis Ismail Shoukry Final
Masterthesis Ismail Shoukry FinalMasterthesis Ismail Shoukry Final
Masterthesis Ismail Shoukry FinalIsmail Shoukry
 
Ordenanza Junta Municipal de Filadelfia
Ordenanza Junta Municipal de Filadelfia Ordenanza Junta Municipal de Filadelfia
Ordenanza Junta Municipal de Filadelfia
Eddie Ramirez Osorio
 
Revista antabamba 2016
Revista antabamba 2016 Revista antabamba 2016
Revista antabamba 2016
Climaco Achulli
 
The Technology Entrepreneur Guidebook
The Technology Entrepreneur GuidebookThe Technology Entrepreneur Guidebook
The Technology Entrepreneur Guidebooksyawal
 
Asenz Presentation Full(Craig McDowell)
Asenz Presentation Full(Craig McDowell)Asenz Presentation Full(Craig McDowell)
Asenz Presentation Full(Craig McDowell)Craig McDowell
 
Practica tu español las expresiones coloquiales
Practica tu español las expresiones coloquialesPractica tu español las expresiones coloquiales
Practica tu español las expresiones coloquialesDanielly Tomaz Parreira
 
Bolsalia Redes Sociales Financieras Unience
Bolsalia Redes Sociales Financieras UnienceBolsalia Redes Sociales Financieras Unience
Bolsalia Redes Sociales Financieras UnienceFinect
 
NetAccess L-Series Payment Routers, Network transaction concentrator plug-and...
NetAccess L-Series Payment Routers, Network transaction concentrator plug-and...NetAccess L-Series Payment Routers, Network transaction concentrator plug-and...
NetAccess L-Series Payment Routers, Network transaction concentrator plug-and...
Alex Tan
 
Seguridad vial para niños
Seguridad vial para niñosSeguridad vial para niños
Seguridad vial para niñosClaudia Angies
 
Revista resumen
Revista resumenRevista resumen
Revista resumen
Federico Vargas Lehner
 
Habitos de estudio
Habitos de estudioHabitos de estudio
Habitos de estudioMaria Blanco
 
J.H. Newman
J.H. NewmanJ.H. Newman
J.H. NewmanDH FS
 
La gran Señal realizada en Betania
La gran Señal realizada en BetaniaLa gran Señal realizada en Betania
La gran Señal realizada en BetaniaLuis Kun
 
Importance of foursquare
Importance of foursquareImportance of foursquare
Importance of foursquare
Paridhi Infotech
 
2011 travel industry benchmarking
2011 travel industry benchmarking2011 travel industry benchmarking
2011 travel industry benchmarking
Marinet Ltd
 
Individual obesidad.
Individual obesidad. Individual obesidad.
Individual obesidad.
magdaedithbedoyamelo
 

Viewers also liked (20)

Emanuel rebollo velis/Definiciones basicas
Emanuel rebollo velis/Definiciones basicasEmanuel rebollo velis/Definiciones basicas
Emanuel rebollo velis/Definiciones basicas
 
Masterthesis Ismail Shoukry Final
Masterthesis Ismail Shoukry FinalMasterthesis Ismail Shoukry Final
Masterthesis Ismail Shoukry Final
 
Rassegna Stampa - Artdate 2013
Rassegna Stampa - Artdate 2013Rassegna Stampa - Artdate 2013
Rassegna Stampa - Artdate 2013
 
Ordenanza Junta Municipal de Filadelfia
Ordenanza Junta Municipal de Filadelfia Ordenanza Junta Municipal de Filadelfia
Ordenanza Junta Municipal de Filadelfia
 
Revista antabamba 2016
Revista antabamba 2016 Revista antabamba 2016
Revista antabamba 2016
 
The Technology Entrepreneur Guidebook
The Technology Entrepreneur GuidebookThe Technology Entrepreneur Guidebook
The Technology Entrepreneur Guidebook
 
Asenz Presentation Full(Craig McDowell)
Asenz Presentation Full(Craig McDowell)Asenz Presentation Full(Craig McDowell)
Asenz Presentation Full(Craig McDowell)
 
Practica tu español las expresiones coloquiales
Practica tu español las expresiones coloquialesPractica tu español las expresiones coloquiales
Practica tu español las expresiones coloquiales
 
Bolsalia Redes Sociales Financieras Unience
Bolsalia Redes Sociales Financieras UnienceBolsalia Redes Sociales Financieras Unience
Bolsalia Redes Sociales Financieras Unience
 
NetAccess L-Series Payment Routers, Network transaction concentrator plug-and...
NetAccess L-Series Payment Routers, Network transaction concentrator plug-and...NetAccess L-Series Payment Routers, Network transaction concentrator plug-and...
NetAccess L-Series Payment Routers, Network transaction concentrator plug-and...
 
Seguridad vial para niños
Seguridad vial para niñosSeguridad vial para niños
Seguridad vial para niños
 
experienced_phone_customer_service_rep
experienced_phone_customer_service_repexperienced_phone_customer_service_rep
experienced_phone_customer_service_rep
 
Revista resumen
Revista resumenRevista resumen
Revista resumen
 
Habitos de estudio
Habitos de estudioHabitos de estudio
Habitos de estudio
 
J.H. Newman
J.H. NewmanJ.H. Newman
J.H. Newman
 
La gran Señal realizada en Betania
La gran Señal realizada en BetaniaLa gran Señal realizada en Betania
La gran Señal realizada en Betania
 
Importance of foursquare
Importance of foursquareImportance of foursquare
Importance of foursquare
 
2011 travel industry benchmarking
2011 travel industry benchmarking2011 travel industry benchmarking
2011 travel industry benchmarking
 
Individual obesidad.
Individual obesidad. Individual obesidad.
Individual obesidad.
 
E 2p t2 exams
E 2p t2 examsE 2p t2 exams
E 2p t2 exams
 

Similar to SEI CERT Podcast Series

WEEK 3 ESSAY QUESTIONS Instructions Answer all questions .docx
WEEK 3 ESSAY QUESTIONS Instructions Answer all questions .docxWEEK 3 ESSAY QUESTIONS Instructions Answer all questions .docx
WEEK 3 ESSAY QUESTIONS Instructions Answer all questions .docx
cockekeshia
 
Hacking - CEH Cheat Sheet Exercises.pdf
Hacking - CEH Cheat Sheet Exercises.pdfHacking - CEH Cheat Sheet Exercises.pdf
Hacking - CEH Cheat Sheet Exercises.pdf
john485745
 
Ctia course outline
Ctia course outlineCtia course outline
Ctia course outline
ShivamSharma909
 
4MANUAL OVERVIEW5SECTION 1Introduction Welcome.docx
4MANUAL OVERVIEW5SECTION 1Introduction Welcome.docx4MANUAL OVERVIEW5SECTION 1Introduction Welcome.docx
4MANUAL OVERVIEW5SECTION 1Introduction Welcome.docx
alinainglis
 
Essay QuestionsAnswer all questions below in a single document, pr.docx
Essay QuestionsAnswer all questions below in a single document, pr.docxEssay QuestionsAnswer all questions below in a single document, pr.docx
Essay QuestionsAnswer all questions below in a single document, pr.docx
jenkinsmandie
 
Hacking CEH cheat sheet
Hacking CEH cheat sheetHacking CEH cheat sheet
Hacking CEH cheat sheet
International College of Security Studies
 
Mi0040 technology management
Mi0040 technology managementMi0040 technology management
Mi0040 technology managementsmumbahelp
 
Mi0040 technology management
Mi0040 technology managementMi0040 technology management
Mi0040 technology management
smumbahelp
 
Mi0040 technology management
Mi0040 technology managementMi0040 technology management
Mi0040 technology managementsmumbahelp
 
Bowling Green State University Digital Forensics Challenges Project.docx
Bowling Green State University Digital Forensics Challenges Project.docxBowling Green State University Digital Forensics Challenges Project.docx
Bowling Green State University Digital Forensics Challenges Project.docx
sdfghj21
 
Taiwan’s Information Security Policy Enhancement: An Analysis of Patent Indic...
Taiwan’s Information Security Policy Enhancement: An Analysis of Patent Indic...Taiwan’s Information Security Policy Enhancement: An Analysis of Patent Indic...
Taiwan’s Information Security Policy Enhancement: An Analysis of Patent Indic...sosorry
 
Overcoming Hidden Risks in a Shared Security Model
Overcoming Hidden Risks in a Shared Security ModelOvercoming Hidden Risks in a Shared Security Model
Overcoming Hidden Risks in a Shared Security Model
OnRamp
 
NIST Privacy Engineering Working Group -- Risk Models
NIST Privacy Engineering Working Group -- Risk Models NIST Privacy Engineering Working Group -- Risk Models
NIST Privacy Engineering Working Group -- Risk Models
David Sweigert
 
XP2018 presentation for Phoenix Scrum User Group 2018
XP2018 presentation for Phoenix Scrum User Group 2018XP2018 presentation for Phoenix Scrum User Group 2018
XP2018 presentation for Phoenix Scrum User Group 2018
Thene Sheehy
 
Managed Detection and Response (MDR) Whitepaper
Managed Detection and Response (MDR) WhitepaperManaged Detection and Response (MDR) Whitepaper
Managed Detection and Response (MDR) Whitepaper
Marc St-Pierre
 
NTXISSACSC2 - Top Ten Trends in TRM by Jon Murphy
NTXISSACSC2 - Top Ten Trends in TRM by Jon MurphyNTXISSACSC2 - Top Ten Trends in TRM by Jon Murphy
NTXISSACSC2 - Top Ten Trends in TRM by Jon Murphy
North Texas Chapter of the ISSA
 
Harry Davis just finished interviewing a candidate to fill another.docx
Harry Davis just finished interviewing a candidate to fill another.docxHarry Davis just finished interviewing a candidate to fill another.docx
Harry Davis just finished interviewing a candidate to fill another.docx
shericehewat
 
Securing Citizen Facing Applications
Securing Citizen Facing ApplicationsSecuring Citizen Facing Applications
Securing Citizen Facing Applications
edwinlorenzana
 
Key Expert Systems Concepts
Key Expert Systems ConceptsKey Expert Systems Concepts
Key Expert Systems Concepts
Harmony Kwawu
 
Lessons Learned from Teaching Intrusion Detection and Intrusion Prevention wi...
Lessons Learned from Teaching Intrusion Detection and Intrusion Prevention wi...Lessons Learned from Teaching Intrusion Detection and Intrusion Prevention wi...
Lessons Learned from Teaching Intrusion Detection and Intrusion Prevention wi...
amiable_indian
 

Similar to SEI CERT Podcast Series (20)

WEEK 3 ESSAY QUESTIONS Instructions Answer all questions .docx
WEEK 3 ESSAY QUESTIONS Instructions Answer all questions .docxWEEK 3 ESSAY QUESTIONS Instructions Answer all questions .docx
WEEK 3 ESSAY QUESTIONS Instructions Answer all questions .docx
 
Hacking - CEH Cheat Sheet Exercises.pdf
Hacking - CEH Cheat Sheet Exercises.pdfHacking - CEH Cheat Sheet Exercises.pdf
Hacking - CEH Cheat Sheet Exercises.pdf
 
Ctia course outline
Ctia course outlineCtia course outline
Ctia course outline
 
4MANUAL OVERVIEW5SECTION 1Introduction Welcome.docx
4MANUAL OVERVIEW5SECTION 1Introduction Welcome.docx4MANUAL OVERVIEW5SECTION 1Introduction Welcome.docx
4MANUAL OVERVIEW5SECTION 1Introduction Welcome.docx
 
Essay QuestionsAnswer all questions below in a single document, pr.docx
Essay QuestionsAnswer all questions below in a single document, pr.docxEssay QuestionsAnswer all questions below in a single document, pr.docx
Essay QuestionsAnswer all questions below in a single document, pr.docx
 
Hacking CEH cheat sheet
Hacking CEH cheat sheetHacking CEH cheat sheet
Hacking CEH cheat sheet
 
Mi0040 technology management
Mi0040 technology managementMi0040 technology management
Mi0040 technology management
 
Mi0040 technology management
Mi0040 technology managementMi0040 technology management
Mi0040 technology management
 
Mi0040 technology management
Mi0040 technology managementMi0040 technology management
Mi0040 technology management
 
Bowling Green State University Digital Forensics Challenges Project.docx
Bowling Green State University Digital Forensics Challenges Project.docxBowling Green State University Digital Forensics Challenges Project.docx
Bowling Green State University Digital Forensics Challenges Project.docx
 
Taiwan’s Information Security Policy Enhancement: An Analysis of Patent Indic...
Taiwan’s Information Security Policy Enhancement: An Analysis of Patent Indic...Taiwan’s Information Security Policy Enhancement: An Analysis of Patent Indic...
Taiwan’s Information Security Policy Enhancement: An Analysis of Patent Indic...
 
Overcoming Hidden Risks in a Shared Security Model
Overcoming Hidden Risks in a Shared Security ModelOvercoming Hidden Risks in a Shared Security Model
Overcoming Hidden Risks in a Shared Security Model
 
NIST Privacy Engineering Working Group -- Risk Models
NIST Privacy Engineering Working Group -- Risk Models NIST Privacy Engineering Working Group -- Risk Models
NIST Privacy Engineering Working Group -- Risk Models
 
XP2018 presentation for Phoenix Scrum User Group 2018
XP2018 presentation for Phoenix Scrum User Group 2018XP2018 presentation for Phoenix Scrum User Group 2018
XP2018 presentation for Phoenix Scrum User Group 2018
 
Managed Detection and Response (MDR) Whitepaper
Managed Detection and Response (MDR) WhitepaperManaged Detection and Response (MDR) Whitepaper
Managed Detection and Response (MDR) Whitepaper
 
NTXISSACSC2 - Top Ten Trends in TRM by Jon Murphy
NTXISSACSC2 - Top Ten Trends in TRM by Jon MurphyNTXISSACSC2 - Top Ten Trends in TRM by Jon Murphy
NTXISSACSC2 - Top Ten Trends in TRM by Jon Murphy
 
Harry Davis just finished interviewing a candidate to fill another.docx
Harry Davis just finished interviewing a candidate to fill another.docxHarry Davis just finished interviewing a candidate to fill another.docx
Harry Davis just finished interviewing a candidate to fill another.docx
 
Securing Citizen Facing Applications
Securing Citizen Facing ApplicationsSecuring Citizen Facing Applications
Securing Citizen Facing Applications
 
Key Expert Systems Concepts
Key Expert Systems ConceptsKey Expert Systems Concepts
Key Expert Systems Concepts
 
Lessons Learned from Teaching Intrusion Detection and Intrusion Prevention wi...
Lessons Learned from Teaching Intrusion Detection and Intrusion Prevention wi...Lessons Learned from Teaching Intrusion Detection and Intrusion Prevention wi...
Lessons Learned from Teaching Intrusion Detection and Intrusion Prevention wi...
 

More from James W. De Rienzo

Nist sp 800_r5_baselines_&_attributes
Nist sp 800_r5_baselines_&_attributesNist sp 800_r5_baselines_&_attributes
Nist sp 800_r5_baselines_&_attributes
James W. De Rienzo
 
NIST Policy Mapped to 800-53-800-53A-controls-and-objectives (Legal Size)
NIST Policy Mapped to 800-53-800-53A-controls-and-objectives (Legal Size)NIST Policy Mapped to 800-53-800-53A-controls-and-objectives (Legal Size)
NIST Policy Mapped to 800-53-800-53A-controls-and-objectives (Legal Size)James W. De Rienzo
 
FedRAMP 2.0 Control-Implementation-Summary (CIS) v2 1 cross-matrixed with Fed...
FedRAMP 2.0 Control-Implementation-Summary (CIS) v2 1 cross-matrixed with Fed...FedRAMP 2.0 Control-Implementation-Summary (CIS) v2 1 cross-matrixed with Fed...
FedRAMP 2.0 Control-Implementation-Summary (CIS) v2 1 cross-matrixed with Fed...
James W. De Rienzo
 
Risk Management Framework (RMF) STEP 4- Access Security Controls - NIST SP 80...
Risk Management Framework (RMF) STEP 4- Access Security Controls - NIST SP 80...Risk Management Framework (RMF) STEP 4- Access Security Controls - NIST SP 80...
Risk Management Framework (RMF) STEP 4- Access Security Controls - NIST SP 80...
James W. De Rienzo
 
NIST NVD REV 4 Security Controls Online Database Analysis
NIST NVD REV 4 Security Controls Online Database AnalysisNIST NVD REV 4 Security Controls Online Database Analysis
NIST NVD REV 4 Security Controls Online Database Analysis
James W. De Rienzo
 
CNDSP Assessment Template
CNDSP Assessment TemplateCNDSP Assessment Template
CNDSP Assessment Template
James W. De Rienzo
 
Map Critical Security Controls (CSC) v5.0 to NIST SP 800-53 Revision 4 (Summa...
Map Critical Security Controls (CSC) v5.0 to NIST SP 800-53 Revision 4 (Summa...Map Critical Security Controls (CSC) v5.0 to NIST SP 800-53 Revision 4 (Summa...
Map Critical Security Controls (CSC) v5.0 to NIST SP 800-53 Revision 4 (Summa...
James W. De Rienzo
 
(4) NIST SP 800-53 Revision 4 (security control enhancements omitted) 20140804
(4) NIST SP 800-53 Revision 4 (security control enhancements omitted) 20140804(4) NIST SP 800-53 Revision 4 (security control enhancements omitted) 20140804
(4) NIST SP 800-53 Revision 4 (security control enhancements omitted) 20140804
James W. De Rienzo
 
(3) Map Council on CyberSecurity's Critical Security Controls (CSC) Version 5...
(3) Map Council on CyberSecurity's Critical Security Controls (CSC) Version 5...(3) Map Council on CyberSecurity's Critical Security Controls (CSC) Version 5...
(3) Map Council on CyberSecurity's Critical Security Controls (CSC) Version 5...
James W. De Rienzo
 
(1a) map csc 5 to nist sp 800 53 rev 4 (security control table portrait) 2014...
(1a) map csc 5 to nist sp 800 53 rev 4 (security control table portrait) 2014...(1a) map csc 5 to nist sp 800 53 rev 4 (security control table portrait) 2014...
(1a) map csc 5 to nist sp 800 53 rev 4 (security control table portrait) 2014...
James W. De Rienzo
 
(2) map csc 5 to nist sp 800 53 rev 4 (controls & enhancements) 20140804
(2) map csc 5 to nist sp 800 53 rev 4 (controls & enhancements) 20140804(2) map csc 5 to nist sp 800 53 rev 4 (controls & enhancements) 20140804
(2) map csc 5 to nist sp 800 53 rev 4 (controls & enhancements) 20140804
James W. De Rienzo
 
(1b) Map CSC v5.0 to NIST SP 800 53 Revision 4 (security control table landsc...
(1b) Map CSC v5.0 to NIST SP 800 53 Revision 4 (security control table landsc...(1b) Map CSC v5.0 to NIST SP 800 53 Revision 4 (security control table landsc...
(1b) Map CSC v5.0 to NIST SP 800 53 Revision 4 (security control table landsc...
James W. De Rienzo
 
RMF Step 4: ASSESS (NIST SP 800-53A Rev.1)
RMF Step 4: ASSESS (NIST SP 800-53A Rev.1)RMF Step 4: ASSESS (NIST SP 800-53A Rev.1)
RMF Step 4: ASSESS (NIST SP 800-53A Rev.1)
James W. De Rienzo
 
Policy. FedRAMP Security Assessment Plan (SAP) Template, Policy and Procedure...
Policy. FedRAMP Security Assessment Plan (SAP) Template, Policy and Procedure...Policy. FedRAMP Security Assessment Plan (SAP) Template, Policy and Procedure...
Policy. FedRAMP Security Assessment Plan (SAP) Template, Policy and Procedure...
James W. De Rienzo
 
Rmf step-3-control-selection-nist-sp-800-53r4
Rmf step-3-control-selection-nist-sp-800-53r4Rmf step-3-control-selection-nist-sp-800-53r4
Rmf step-3-control-selection-nist-sp-800-53r4
James W. De Rienzo
 
Critical Security Controls v4 1 Mapped to NIST SP 800-53 Rev.4-final r6a
Critical Security Controls v4 1 Mapped to NIST SP 800-53 Rev.4-final r6aCritical Security Controls v4 1 Mapped to NIST SP 800-53 Rev.4-final r6a
Critical Security Controls v4 1 Mapped to NIST SP 800-53 Rev.4-final r6a
James W. De Rienzo
 
Information Security Fundamentals
Information Security FundamentalsInformation Security Fundamentals
Information Security Fundamentals
James W. De Rienzo
 
Information System Sensitivity Level Impact Assessment (NIST SP 800-60v2r1)
Information System Sensitivity Level Impact Assessment (NIST SP 800-60v2r1)Information System Sensitivity Level Impact Assessment (NIST SP 800-60v2r1)
Information System Sensitivity Level Impact Assessment (NIST SP 800-60v2r1)
James W. De Rienzo
 
NIST SP 800 30 Flow Chart
NIST SP 800 30 Flow ChartNIST SP 800 30 Flow Chart
NIST SP 800 30 Flow Chart
James W. De Rienzo
 
RMF STEP 2: SELECT (NIST 800-53 Rev. 3 Controls, Enhancements and Supplementa...
RMF STEP 2: SELECT (NIST 800-53 Rev. 3 Controls, Enhancements and Supplementa...RMF STEP 2: SELECT (NIST 800-53 Rev. 3 Controls, Enhancements and Supplementa...
RMF STEP 2: SELECT (NIST 800-53 Rev. 3 Controls, Enhancements and Supplementa...
James W. De Rienzo
 

More from James W. De Rienzo (20)

Nist sp 800_r5_baselines_&_attributes
Nist sp 800_r5_baselines_&_attributesNist sp 800_r5_baselines_&_attributes
Nist sp 800_r5_baselines_&_attributes
 
NIST Policy Mapped to 800-53-800-53A-controls-and-objectives (Legal Size)
NIST Policy Mapped to 800-53-800-53A-controls-and-objectives (Legal Size)NIST Policy Mapped to 800-53-800-53A-controls-and-objectives (Legal Size)
NIST Policy Mapped to 800-53-800-53A-controls-and-objectives (Legal Size)
 
FedRAMP 2.0 Control-Implementation-Summary (CIS) v2 1 cross-matrixed with Fed...
FedRAMP 2.0 Control-Implementation-Summary (CIS) v2 1 cross-matrixed with Fed...FedRAMP 2.0 Control-Implementation-Summary (CIS) v2 1 cross-matrixed with Fed...
FedRAMP 2.0 Control-Implementation-Summary (CIS) v2 1 cross-matrixed with Fed...
 
Risk Management Framework (RMF) STEP 4- Access Security Controls - NIST SP 80...
Risk Management Framework (RMF) STEP 4- Access Security Controls - NIST SP 80...Risk Management Framework (RMF) STEP 4- Access Security Controls - NIST SP 80...
Risk Management Framework (RMF) STEP 4- Access Security Controls - NIST SP 80...
 
NIST NVD REV 4 Security Controls Online Database Analysis
NIST NVD REV 4 Security Controls Online Database AnalysisNIST NVD REV 4 Security Controls Online Database Analysis
NIST NVD REV 4 Security Controls Online Database Analysis
 
CNDSP Assessment Template
CNDSP Assessment TemplateCNDSP Assessment Template
CNDSP Assessment Template
 
Map Critical Security Controls (CSC) v5.0 to NIST SP 800-53 Revision 4 (Summa...
Map Critical Security Controls (CSC) v5.0 to NIST SP 800-53 Revision 4 (Summa...Map Critical Security Controls (CSC) v5.0 to NIST SP 800-53 Revision 4 (Summa...
Map Critical Security Controls (CSC) v5.0 to NIST SP 800-53 Revision 4 (Summa...
 
(4) NIST SP 800-53 Revision 4 (security control enhancements omitted) 20140804
(4) NIST SP 800-53 Revision 4 (security control enhancements omitted) 20140804(4) NIST SP 800-53 Revision 4 (security control enhancements omitted) 20140804
(4) NIST SP 800-53 Revision 4 (security control enhancements omitted) 20140804
 
(3) Map Council on CyberSecurity's Critical Security Controls (CSC) Version 5...
(3) Map Council on CyberSecurity's Critical Security Controls (CSC) Version 5...(3) Map Council on CyberSecurity's Critical Security Controls (CSC) Version 5...
(3) Map Council on CyberSecurity's Critical Security Controls (CSC) Version 5...
 
(1a) map csc 5 to nist sp 800 53 rev 4 (security control table portrait) 2014...
(1a) map csc 5 to nist sp 800 53 rev 4 (security control table portrait) 2014...(1a) map csc 5 to nist sp 800 53 rev 4 (security control table portrait) 2014...
(1a) map csc 5 to nist sp 800 53 rev 4 (security control table portrait) 2014...
 
(2) map csc 5 to nist sp 800 53 rev 4 (controls & enhancements) 20140804
(2) map csc 5 to nist sp 800 53 rev 4 (controls & enhancements) 20140804(2) map csc 5 to nist sp 800 53 rev 4 (controls & enhancements) 20140804
(2) map csc 5 to nist sp 800 53 rev 4 (controls & enhancements) 20140804
 
(1b) Map CSC v5.0 to NIST SP 800 53 Revision 4 (security control table landsc...
(1b) Map CSC v5.0 to NIST SP 800 53 Revision 4 (security control table landsc...(1b) Map CSC v5.0 to NIST SP 800 53 Revision 4 (security control table landsc...
(1b) Map CSC v5.0 to NIST SP 800 53 Revision 4 (security control table landsc...
 
RMF Step 4: ASSESS (NIST SP 800-53A Rev.1)
RMF Step 4: ASSESS (NIST SP 800-53A Rev.1)RMF Step 4: ASSESS (NIST SP 800-53A Rev.1)
RMF Step 4: ASSESS (NIST SP 800-53A Rev.1)
 
Policy. FedRAMP Security Assessment Plan (SAP) Template, Policy and Procedure...
Policy. FedRAMP Security Assessment Plan (SAP) Template, Policy and Procedure...Policy. FedRAMP Security Assessment Plan (SAP) Template, Policy and Procedure...
Policy. FedRAMP Security Assessment Plan (SAP) Template, Policy and Procedure...
 
Rmf step-3-control-selection-nist-sp-800-53r4
Rmf step-3-control-selection-nist-sp-800-53r4Rmf step-3-control-selection-nist-sp-800-53r4
Rmf step-3-control-selection-nist-sp-800-53r4
 
Critical Security Controls v4 1 Mapped to NIST SP 800-53 Rev.4-final r6a
Critical Security Controls v4 1 Mapped to NIST SP 800-53 Rev.4-final r6aCritical Security Controls v4 1 Mapped to NIST SP 800-53 Rev.4-final r6a
Critical Security Controls v4 1 Mapped to NIST SP 800-53 Rev.4-final r6a
 
Information Security Fundamentals
Information Security FundamentalsInformation Security Fundamentals
Information Security Fundamentals
 
Information System Sensitivity Level Impact Assessment (NIST SP 800-60v2r1)
Information System Sensitivity Level Impact Assessment (NIST SP 800-60v2r1)Information System Sensitivity Level Impact Assessment (NIST SP 800-60v2r1)
Information System Sensitivity Level Impact Assessment (NIST SP 800-60v2r1)
 
NIST SP 800 30 Flow Chart
NIST SP 800 30 Flow ChartNIST SP 800 30 Flow Chart
NIST SP 800 30 Flow Chart
 
RMF STEP 2: SELECT (NIST 800-53 Rev. 3 Controls, Enhancements and Supplementa...
RMF STEP 2: SELECT (NIST 800-53 Rev. 3 Controls, Enhancements and Supplementa...RMF STEP 2: SELECT (NIST 800-53 Rev. 3 Controls, Enhancements and Supplementa...
RMF STEP 2: SELECT (NIST 800-53 Rev. 3 Controls, Enhancements and Supplementa...
 

Recently uploaded

FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
Frank van Harmelen
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Product School
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Tobias Schneck
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
Fwdays
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 

Recently uploaded (20)

FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 

SEI CERT Podcast Series

  • 1. CERT Podcast Series.xlsx Rec Seq Category        Title             Description 1 1 Forensics Characterizing and Prioritizing Malicious Code In this podcast, Jose Morales discusses how to prioritize malware samples, helping analysts to identify the most  destructive malware to examine first. 2 Forensics TJX, Heartland, and CERT's Forensics Analysis Capabilities In this podcast, participants recount complex, distributed, multi‐year investigations of computer crimes using  sophisticated methods, techniques, and tools. 3 Forensics Computer and Network Forensics: A Master's Level Curriculum In this podcast, Kris Rush describes how students learn to combine multiple facets of digital forensics and draw  conclusions to support investigations. 4 Forensics Computer Forensics for Business Leaders: Building Robust Policies and Processes In this podcast, participants discuss how business leaders can play a key role in computer forensics by establishing  and testing strong policies. 5 Forensics Computer Forensics for Business Leaders: A Primer In this podcast, participants discuss how computer forensics is often overlooked when planning an incident  response strategy. 2 6 Governing for Enterprise Security Why Use Maturity Models to Improve Cybersecurity: Key Concepts, Principles, and Definitions In this podcast, Rich Caralli explains how maturity models provide measurable value in improving an organization's  cybersecurity capabilities. 7 Governing for Enterprise Security NIST Catalog of Security and Privacy Controls, Including Insider Threat In this podcast, participants discuss why security controls, including those for insider threat, are necessary to  protect information and information systems. 8 Governing for Enterprise Security Public‐Private Partnerships: Essential for National Cyber Security In this podcast, participants explain that knowledge of software assurance is essential to ensure that complex  systems function as intended. 9 Governing for Enterprise Security Establishing a National Computer Security Incident Response Team (CSIRT) In this podcast, participants discuss how essential a national CSIRT is for protecting national and economic security  and continuity. 10 Governing for Enterprise Security Leveraging Security Policies and Procedures for Electronic Evidence Discovery In this podcast, John Christiansen explains that effectively responding to e‐discovery requests depends on well‐ defined policies, procedures, and processes. 3 11 Measuring Security Measuring Operational Resilience In this podcast, Julia Allen explains that measures of operational resilience should answer key questions, inform  decisions, and affect behavior. http://www.cert.org/podcasts/index.cfm#securityeducation Page 1 of 5
  • 2. CERT Podcast Series.xlsx Rec Seq Category        Title             Description 3 11 12 Measuring Security Getting to a Useful Set of Security Metrics Well‐defined metrics are essential to determine which security practices are worth the investment. 13 Measuring Security Using Benchmarks to Make Better Security Decisions In this podcast, Betsy Nichols describes how benchmark results can be used to help determine how much security  is enough. 14 Measuring Security Initiating a Security Metrics Program: Key Points to Consider In this podcast, Samuel Merrell explains that a sound security metrics program should select data relevant to  consumers from repeatable processes. 15 Measuring Security Building a Security Metrics Program In this podcast, Betsy Nichols explains that reporting meaningful security metrics depends on topic selection,  context definition, and data access. 4 16 Privacy Considering Security and Privacy in the Move to Electronic Health Records In this podcast, participants discuss how using electronic health records bring many benefits along with security  and privacy challenges. 17 Privacy Integrating Privacy Practices into the Software Development Life Cycle In this podcast, participants explain that addressing privacy during software development is just as important as  addressing security. 18 Privacy Electronic Health Records: Challenges for Patient Privacy and Security In this podcast, Robert Charette explains why electronic health records (EHRs) are possibly the most complicated  area of IT today. 19 Privacy Protecting Information Privacy ‐ How To and Lessons Learned In this podcast, Kim Hargraves describes three keys to ensuring information privacy in an organization. 20 Privacy The Value of De‐Identified Personal Data In this podcast, participants discuss the complex legal compliance landscape and how de‐identification can help  organizations share data more securely. 5 21 Risk Management and Resilience Comparing IT Risk Assessment and Analysis Methods In this podcast, the presenters discuss IT risk assessment and analysis, and comparison factors for selecting  methods that are a good fit for your organization. 22 Risk Management and Resilience The Electricity Subsector Cybersecurity Capability Maturity Model (ES‐C2M2) ES‐C2M2 helps improve the operational resilience of the U.S. power grid. 23 Risk Management and Resilience http://www.cert.org/podcasts/index.cfm#securityeducation Page 2 of 5
  • 3. CERT Podcast Series.xlsx Rec Seq Category        Title             Description 5 23 Using the Cyber Resilience Review to Help Critical Infrastructures Better Manage Operational Resilience In this podcast, the presenters explain how CRRs allow critical infrastructure owners to compare their  cybersecurity performance with their peers. 24 Risk Management and Resilience Managing Disruptive Events ‐ CERT‐RMM Experience Reports In this podcast, the participants describe four experience reports that demonstrate how the CERT‐RMM can be  applied to manage operational risks. 25 Risk Management and Resilience Managing Disruptive Events: Demand for an Integrated Approach to Better Manage Risk In this podcast, Nader Mehravari describes how governments and markets are calling for the integration of plans  for and responses to disruptive events. 6 26 Security Education and Training How to Become a Cyber Warrior In this podcast, Dennis Allen explains that protecting the internet and its users against cyber attacks requires more  skilled cyber warriors. 27 Security Education and Training Software Assurance: A Master's Level Curriculum In this podcast, participants explain how knowledge about software assurance is essential to ensure that complex  systems function as intended. 28 Security Education and Training Better Incident Response Through Scenario Based Training In this podcast, Christopher May explains how teams are better prepared to respond to incidents if realistic, hands‐ on training is part of their normal routine. 29 Security Education and Training Using High Fidelity, Online Training to Stay Sharp In this podcast, Jim Wrubel explains how virtual training environments can deliver high quality content to security  professionals on‐demand, anywhere, anytime. 30 Security Education and Training What Business Leaders Can Expect from Security Degree Programs In this podcast, participants discuss whether information security degree programs meet the needs of business  leaders seeking knowledgeable employees. 7 31 Software Security Raising the Bar ‐ Mainstreaming CERT C Secure Coding Rules In this podcast, Robert Seacord describes the CERT‐led effort to publish an ISO/IEC technical specification for  secure coding rules for compilers and analyzers. 32 Software Security Cisco's Adoption of CERT Secure Coding Standards In this podcast, Martin Sebor explains how implementing secure coding standards is a sound business decision. 33 Software Security How to Develop More Secure Software ‐ Practices from Thirty Organizations In this podcast, participants discuss how organizations can benchmark their software security practices against 109  observed activities from 30 organizations. http://www.cert.org/podcasts/index.cfm#securityeducation Page 3 of 5
  • 4. CERT Podcast Series.xlsx Rec Seq Category        Title             Description 7 34 Software Security The Power of Fuzz Testing to Reduce Security Vulnerabilities In this podcast, Will Dormann urges listeners to subject their software to fuzz testing to help identify and eliminate  security vulnerabilities. 35 Software Security The Role of the CISO in Developing More Secure Software In this podcast, Pravir Chandra warns that CISOs must leave no room for doubt that they understand what is  expected of them when developing secure software. 8 36 Threat Using a Malware Ontology to Make Progress Towards a Science of Cybersecurity In this podcast, Dave Mundie explains why a common language is essential to developing a shared understanding  to better analyze malicious code. 37 Threat Mitigating Insider Threat ‐ New and Improved Practices Fourth Edition In this podcast, participants explain how 371 cases of insider attacks led to 4 new and 15 updated best practices  for mitigating insider threats. 38 Threat Building a Malware Analysis Capability In this podcast, Jeff Gennari explains that analyzing malware is essential to assessing the damage and reducing the  impact associated with ongoing infection. 39 Threat Indicators and Controls for Mitigating Insider Threat In this podcast, Michael Hanley explains how technical controls can be effective in helping to prevent, detect, and  respond to insider crimes. 40 Threat Protect Your Business from Money Mules Organized criminals recruit unsuspecting intermediaries to help steal funds from small businesses. 9 41 Tips from the Trenches: Areas of Practice  DevOps ‐ Transform Development and Operations for Fast, Secure Deployments In this podcast, Gene Kim explains how the "release early, release often" approach significantly improves software  performance, stability, and security. 42 Tips from the Trenches: Areas of Practice  Securing Mobile Devices aka BYOD In this podcast, Joe Mayes discusses how to ensure the security of personal mobile devices that have access to  enterprise networks. 43 Tips from the Trenches: Areas of Practice  Using Network Flow Data to Profile Your Network and Reduce Vulnerabilities In this podcast, participants discuss how a network profile can help identify unintended points of entry,  misconfigurations, and other weaknesses. 44 Tips from the Trenches: Areas of Practice  How to More Effectively Manage Vulnerabilities and the Attacks that Exploit Them In this podcast, Greg Crabb explains how CERT‐RMM can be used to establish and meet resilience requirements for  a wide range of business objectives. http://www.cert.org/podcasts/index.cfm#securityeducation Page 4 of 5
  • 5. CERT Podcast Series.xlsx Rec Seq Category        Title             Description 9 45 Tips from the Trenches: Areas of Practice  Why Organizations Need a Secure Domain Name System Use of Domain Name System security extensions can help prevent website hijacking attacks. 10 46 Trends and Lessons Learned Cyber Security, Safety, and Ethics for the Net Generation In this podcast, Rodney Peterson explains why capitalizing on the cultural norms of the Net Generation is essential  when developing security awareness programs. 47 Trends and Lessons Learned Tackling Tough Challenges: Insights from CERT’s Director Rich Pethia In this podcast, Rich Pethia reflects on the CERT Division's 20‐year history and discusses its future IT and security  challenges. 48 Trends and Lessons Learned Climate Change: Implications for Information Technology and Security In this podcast, Richard Power explains how climate change requires new strategies for dealing with traditional IT  and information security risks. 49 Trends and Lessons Learned Integrating Security Incident Response and e‐Discovery In this podcast, Julia Allen explains how responding to an e‐discovery request involves many of the same steps and  roles as responding to a security incident. 50 Trends and Lessons Learned Virtual Communities: Risks and Opportunities In this podcast, Jan Wolynski advises business leaders to evaluate risks and opportunities when considering  conducting business in online, virtual communities. http://www.cert.org/podcasts/index.cfm#securityeducation Page 5 of 5