The CIA of SecurityDuration: 3:50
In this episode, Mike discusses the CIA goals of security: confidentiality, integrity and availability.
What is Risk?Duration: 9:58
In this episode, Mike explains risk and related concepts.
Threat ActorsDuration: 6:44
In this episode, Mike explains the types of man-made threats that can attack a system.
Managing RiskDuration: 12:01
In this episode, Mike explains the terms and processes to manage risk.
Using Guides for Risk AssessmentDuration: 6:28
In this episode, Mike discusses how to use benchmarks and other measurements to implement hardware and software in an environment.
Security ControlsDuration: 7:28
In this episode, Mike explains the three categories of security controls.
Interesting Security ControlsDuration: 3:20
In this episode, Mike discusses other related security controls.
Defense in DepthDuration: 5:01
In this episode, Mike reviews the concepts of defense in depth, as well as combining or fortifying security controls.
IT Security GovernanceDuration: 8:23
In this episode, Mike explains the concept of security governance: policies, standards and procedures.
Security PoliciesDuration: 8:22
In this episode, Mike addresses various examples of security policies.
In this episode, Mike shares the benefits of using frameworks, and how to apply them to a security program.
Quantitative Risk CalculationsDuration: 8:16
In this episode, Mike looks at the impact of risk.
Business Impact AnalysisDuration: 12:03
In this episode, Mike identifies what methods can directly address issues for a company and how to categorize impact types to maintain business continuity.
Organizing DataDuration: 10:04
In this episode, Mike discusses data handling and how data is protected within an organization.
Security TrainingDuration: 10:06
In this episode, Mike goes through the controls and roles that make security training work.
Third-Party AgreementsDuration: 8:47
In this episode, Mike discusses types and the importance third-party agreements and how they affect IT security.