Practical Cybersecurity with Jen Stone

SecurityMetrics

Practical Cybersecurity, hosted by Jen Stone (MCIS, CISSP, CISA, QSA), is the bridge between complex security frameworks and real-world business implementation. Whether you are a "Jack of all trades" IT manager or a business leader with limited resources, this show provides the roadmap to a defensible security posture. 

  1. "Good Enough" Security for Small Business Budgets

    4일 전

    "Good Enough" Security for Small Business Budgets

    In this episode of Practical Cybersecurity, host Jen Stone talks with Curt Dukes, EVP and GM of Security Best Practices at the Center for Internet Security (CIS). Drawing on his 30-year career at the NSA, Dukes breaks down how small and medium businesses (SMBs) can implement "good enough" security without unlimited resources. The conversation focuses on Implementation Group 1 (IG1)—a prioritized set of safeguards that provide essential "cyber hygiene". Dukes introduces free resources like the CSAT (Controls Self-Assessment Tool) and CIS Workbench to help leaders move past the intimidation of technical jargon and establish a "standard of reasonableness" for their organization's defense. CIS Resources CIS (Center for Internet Security): The nonprofit organization that creates the global standards discussed in this episode.NSA (National Security Agency): The U.S. intelligence agency where Curt Dukes led defensive security efforts for 30+ years.IG1 (Implementation Group 1): The essential "Cyber Hygiene" tier of the CIS Controls designed for small businesses.CSAT (Controls Self-Assessment Tool): A free web-based application to track and measure your security progress.CIS Workbench: A collaborative platform to ask technical questions and get help from the security community.CIS RAM (Risk Assessment Method): A free methodology to identify security gaps and prioritize investments based on risk.CIS Benchmarks: Free, consensus-based configuration recommendations for OS and network devices.MS-ISAC (Multi-State Information Sharing and Analysis Center): The division of CIS providing threat intelligence for state and local governments.EI-ISAC (Elections Infrastructure ISAC): A dedicated team at CIS focused on securing election-related systems.The Community Defense Model (CDM): A data-driven report proving the effectiveness of the Controls against top cyber attacks.The Cost of Cyber Defense: A breakdown of the financial investment needed for various security models.Request a Quote for a PCI Audit ► https://www.securitymetrics.com/pci-audit Request a Quote for a Penetration Test ► https://www.securitymetrics.com/penetration-testing Get the Guide to PCI DSS compliance ► https://www.securitymetrics.com/lp/pci/pci-guide Get FREE security and compliance training ► https://academy.securitymetrics.com/ Get in touch with SecurityMetrics' Sales Team ► https://www.securitymetrics.com/contact/lets-get-you-to-the-right-place

    16분
  2. 2024. 12. 02.

    New to PCI Compliance? Get the Support You Need | SecurityMetrics Podcast 106

    Learn more about cyber risks for small businesses:  Are you a small-medium business owner? Did you just get a message from your bank telling you to call SecurityMetrics? Are you worried about having a bad experience? Do you know what PCI even means? This episode is for you. Learn how SecurityMetrics can help you navigate this regulatory landscape. We'll discuss: Why your processor is making you do PCI compliance: Did you know that nearly half of all cyberattacks target small businesses?What calling into SecurityMetrics looks like. Learn what information you need handy so you can get your compliance done as quickly as possible, and the questions you should ask to get the best service.Support Stories: Discover how other small businesses have successfully leveraged SecurityMetrics to achieve compliance.Tips and Tricks: Get practical advice on how to optimize your PCI compliance efforts and minimize risks, keeping your business and your customers more secure. Whether you're just starting your PCI compliance journey or looking to improve your existing processes, this video will provide valuable insights and actionable advice. Request a Quote for a PCI Audit ► https://www.securitymetrics.com/pci-audit Request a Quote for a Penetration Test ► https://www.securitymetrics.com/penetration-testing Get the Guide to PCI DSS compliance ► https://www.securitymetrics.com/lp/pci/pci-guide Get FREE security and compliance training ► https://academy.securitymetrics.com/ Get in touch with SecurityMetrics' Sales Team ► https://www.securitymetrics.com/contact/lets-get-you-to-the-right-place

    44분
  3. 2024. 10. 23.

    Are you ready for the ecommerce security storm? A buyer’s guide to PCI DSS 11.6.1 and 6.4.3

    Join us on this extra long episode as SecurityMetrics experts Jen Stone, Gary Glover, Aaron Willis and Chad Horton dive deep into the evolving landscape of PCI compliance for e-commerce businesses. With the deadline for PCI 4.0 rapidly approaching, understanding the new requirements for e-commerce is crucial. In this episode, our panelists discuss: Understanding PCI 4.0 for e-commerce: Learn about the key changes and their implications for your business, especially if you're a small or medium-sized enterprise.Combatting e-commerce skimmers: Discover how attackers target online transactions and the measures you can take to protect your customers' data.The power of script analysis: Understand how script scanning can help identify and mitigate vulnerabilities on your e-commerce website.Securing dynamic content: Explore the challenges of protecting websites with constantly changing content.Choosing the right security solution: Weigh the pros and cons of agent-based and agentless solutions, considering the specific needs of your business.Whether you're a seasoned PCI professional or just starting your compliance journey, learn this episode provides valuable insights to help you safeguard your e-commerce business and protect your customers' sensitive information. Request a Quote for a PCI Audit ► https://www.securitymetrics.com/pci-audit Request a Quote for a Penetration Test ► https://www.securitymetrics.com/penetration-testing Get the Guide to PCI DSS compliance ► https://www.securitymetrics.com/lp/pci/pci-guide Get FREE security and compliance training ► https://academy.securitymetrics.com/ Get in touch with SecurityMetrics' Sales Team ► https://www.securitymetrics.com/contact/lets-get-you-to-the-right-place

    1시간 25분
  4. 2024. 09. 25.

    Cybersecurity for Families: A Parent-Child Guide to Online Safety | SecurityMetrics Podcast 104

    Download the guide: https://www.cisecurity.org/insights/white-papers/from-both-sides-a-parental-guide-to-protecting-your-childs-online-activity Are you a parent looking for guidance on how to keep kids safe online? Join us for a candid conversation with Sean Atkinson, CISO at the Center for Internet Security, and his daughter, Emma, as they discuss their journey of creating a guide designed to help families have conversations about online safety. In this episode, you'll learn: Why open communication is key: Discover how Sean and Emma fostered an environment of trust and understanding about online safety.Common online dangers: Understand the risks your child may face, such as sharing personal information, cyberbullying, and meeting strangers online.Practical tips for parents: Get actionable advice on how to set boundaries, have difficult conversations, and create a safe online space for your child.Whether you're a new parent or a seasoned digital native, this podcast will help you start conversations and find resources to help you protect your child in the ever-evolving online world. Request a Quote for a PCI Audit ► https://www.securitymetrics.com/pci-audit Request a Quote for a Penetration Test ► https://www.securitymetrics.com/penetration-testing Get the Guide to PCI DSS compliance ► https://www.securitymetrics.com/lp/pci/pci-guide Get FREE security and compliance training ► https://academy.securitymetrics.com/ Get in touch with SecurityMetrics' Sales Team ► https://www.securitymetrics.com/contact/lets-get-you-to-the-right-place

    27분
  5. 2024. 08. 14.

    Farm to… DevOps?: How anyone can grow into a tech career | SecurityMetrics Podcast Ep 101

    Join Jen Stone as she chats with DevOps engineer and Day Two DevOps podcaster Kyler Middleton about her unique journey from a rural upbringing to becoming a DevOps expert. Discover how Kyler's passion for teaching led her to a career in technology, and learn about the importance of automation and documentation in building secure and efficient cloud environments. This episode dives deep into DevOps practices, the role of Terraform, Azure vs AWS, and the challenges organizations face when adopting cloud technologies. Kyler shares valuable insights on overcoming common hurdles, fostering a blameless culture, and the future of DevOps. Don't miss this engaging conversation! Hosted by Jen Stone, Principal Security Analyst (MCIS, CISSP, CISA, QSA). [Disclaimer] Before implementing any policies or procedures you hear about on this or any other episodes, make sure to talk to your legal department, IT department, and any other department assisting with your data security and compliance efforts. Request a Quote for a PCI Audit ► https://www.securitymetrics.com/pci-audit Request a Quote for a Penetration Test ► https://www.securitymetrics.com/penetration-testing Get the Guide to PCI DSS compliance ► https://www.securitymetrics.com/lp/pci/pci-guide Get FREE security and compliance training ► https://academy.securitymetrics.com/ Get in touch with SecurityMetrics' Sales Team ► https://www.securitymetrics.com/contact/lets-get-you-to-the-right-place

    36분
5
최고 5점
8개의 평가

소개

Practical Cybersecurity, hosted by Jen Stone (MCIS, CISSP, CISA, QSA), is the bridge between complex security frameworks and real-world business implementation. Whether you are a "Jack of all trades" IT manager or a business leader with limited resources, this show provides the roadmap to a defensible security posture.