Claim OwnershipCISSP Cyber Training Podcast - CISSP Training Program
Subscribed: 182Played: 3,716
Subscribe
© 2025 CISSP Cyber Training Podcast - CISSP Training Program
Description
Join Shon Gerber on his weekly CISSP Cyber Training podcast, where his extensive 23-year background in cybersecurity shines through. With a rich history spanning corporate sectors, government roles, and academic positions, Shon imparts the essential insights and advice necessary to conquer the CISSP exam. His expertise is not just theoretical; as a CISSP credential holder since 2009, Shon translates his deep understanding into actionable training. Each episode is packed with invaluable security strategies and tips that you can implement right away, giving you an edge in the cybersecurity realm. Tune in and take the reins of your cybersecurity journey—let’s ride into excellence together! 🚀
250 Episodes
Reverse
Send us a text A shocking incident in Spain recently left 60% of the country's power grid dark in less than five seconds. Was it a cyber attack? The jury's still out, but this real-world event perfectly illustrates why understanding access controls and security mechanisms is critical for today's cybersecurity professionals. Sean Gerber, despite battling a cold that affects his voice, delivers a compelling analysis of the Spanish power grid incident before diving into essential CISSP domain f...
Send us a text Cybersecurity professionals need a solid understanding of secure communication protocols, not just for exam success but for real-world implementation. This episode unpacks the essential protocols covered in CISSP Domain 4.1.3, providing clear explanations of how each works and when to use them. We begin with a timely discussion of the recent UnitedHealthcare hack, examining how ransomware crippled Change Healthcare systems nationwide. This case study highlights the critical im...
Send us a text Security regulations are changing dramatically in response to major breaches, and the implications for cybersecurity professionals are profound. Sean Gerber kicks off this episode with a career announcement, sharing his transition to independent consulting after 13 years with his previous employer—a move that highlights the evolving opportunities in the cybersecurity field. The heart of this episode examines the recent UnitedHealthcare breach, where attackers targeted Change H...
Send us a text Ever wondered how your sensitive messages stay secure in an increasingly dangerous digital landscape? The answer lies in message integrity controls, digital signatures, and certificate validation – the core components of modern cybersecurity we tackle in this episode. We begin with a timely breakdown of Microsoft's recent security breach by Russian hackers who stole source code by exploiting a test environment. This real-world example perfectly illustrates why proper security ...
Send us a text What happens when a security professional falls victim to malicious AI? The consequences can be devastating, as demonstrated by our analysis of a recent high-profile breach where a Disney security engineer downloaded AI-generated artwork containing hidden malware. This sophisticated attack led to the theft of 1.1 terabytes of sensitive corporate data and resulted in criminal charges for the attacker and career devastation for the victim. We break down exactly how it happened an...
Send us a text Four million people affected by a single data breach. Let that sink in. This sobering reality frames today's deep dive into Domain 2 of the CISSP exam: Asset Security. As cybersecurity professionals, understanding how to establish proper information and asset handling requirements isn't just academic—it's essential for preventing exactly these types of incidents. The podcast tackles the complete data security lifecycle, beginning with the foundations of asset security and the ...
Send us a text The cybersecurity talent gap is widening at an alarming rate. According to the 2023 ISC² Global Workforce Study, we're facing a shortfall of 5.5 million cybersecurity professionals by 2024, with the workforce needing to grow 12.6% annually just to keep pace with demand. Yet growth is stalling at only 8.7%, creating both challenges and unprecedented opportunities for those pursuing cybersecurity careers. What might surprise aspiring security professionals is that technical skil...
Send us a text The rapid evolution of artificial intelligence and machine learning has created a pivotal moment for financial institutions. As these organizations race to implement AI solutions, they face both transformative opportunities and significant cybersecurity challenges that demand immediate attention. Sean Gerber draws from over 20 years of cybersecurity experience to demystify the complex intersection of AI, machine learning, and financial security. With his straightforward approa...
Send us a text Ever wonder why organizations with robust cybersecurity teams still fall victim to devastating attacks? The answer often lies not in fancy technology but in something far more fundamental: documentation. In this eye-opening episode, Shon Gerber takes listeners into the critical world of cybersecurity documentation hierarchy, revealing how properly structured policies, standards, procedures, and guidelines form an organization's first and most important line of defense against ...
Send us a text Cybersecurity isn't just for enterprises—small and medium businesses face increasingly sophisticated threats with fewer resources to combat them. In this information-packed episode, Shon Gerber explores why cybersecurity matters critically for SMBs while delivering practical CISSP exam questions focused on Domain 8.3. Shon begins by examining how even non-tech businesses rely heavily on digital systems, making them vulnerable to attacks that could devastate operations. A ranso...
Send us a text Software security assessment can make or break your organization's defense posture, yet many professionals struggle with implementing effective evaluation strategies. This deep dive into CISSP Domain 8.3 reveals critical approaches to software security that balance technical requirements with business realities. The recent funding crisis surrounding CVEs (Common Vulnerability Exposures) serves as a perfect case study of how fragile our security infrastructure can be. When the ...
Send us a text Wondering how to tackle incident response questions on the CISSP exam? This episode delivers exactly what you need, walking through fifteen essential incident management scenarios that test your understanding of this critical domain. Sean Gerber breaks down the fundamentals of incident management, exploring how security professionals should approach detection, response, mitigation, and recovery. From distinguishing between legitimate security incidents and routine activities t...
Send us a text Cybersecurity incidents aren't a matter of if, but when. Are you prepared to respond effectively? Sean Gerber takes us through the complete incident response lifecycle, breaking down the seven essential phases every security professional must master. From developing comprehensive response plans to conducting effective post-incident analysis, this episode provides actionable guidance for both CISSP candidates and working cybersecurity practitioners. The stakes couldn't b...
Send us a text The collision of artificial intelligence and cybersecurity takes center stage in this episode as we explore how Agentic AI is revolutionizing Security Operations Centers. Moving beyond simple assistant AI or co-pilots, this new generation of autonomous systems proactively investigates alerts, follows structured playbooks, and performs triage at scale—potentially liberating human analysts from the crushing weight of alert fatigue. For security professionals and organizations st...
Send us a text Digital signatures are coming to AI models as cybersecurity evolves to meet emerging threats. Google's collaboration with NVIDIA and HiddenLayer demonstrates how traditional security controls must adapt to protect machine learning systems vulnerable to new forms of tampering and exploitation. This essential evolution mirrors the broader need for robust security validation across all systems. Security control testing forms the foundation of effective cybersecurity governance. W...
Send us a text Cybersecurity professionals know that mastering identity and access management concepts is essential for CISSP certification success. This deep dive into Domain 5.2 tackles fifteen carefully crafted questions covering everything from just-in-time provisioning to federated identity systems and session security. We begin by examining the accelerating adoption of generative AI in healthcare organizations, where approximately 85% are investigating or implementing these technologie...
Send us a text Identity management sits at the core of effective cybersecurity, yet many organizations still struggle with implementing it correctly. In this comprehensive breakdown of CISSP Domain 5.2, we dive deep into the critical components of managing identification and authentication systems that protect your most valuable assets. Starting with a timely examination of the risks involved in the proposed rapid rewrite of the Social Security Administration's 60-million-line COBOL codebase...
Send us a text Cybersecurity professionals, alert! A dangerous Chrome zero-day vulnerability demands your immediate attention. In this action-packed episode, Sean Gerber breaks down CVE-25-2783, a critical security threat that allows attackers to execute remote code simply by having users click malicious links. Though initially targeting Russian organizations, this exploit threatens Chromium-based browsers worldwide—including Chrome, Edge, Brave, Opera, and Vivaldi. Don't wait—patch immediate...
Send us a text The unexpected convergence of consumer technology and warfare takes center stage as Sean Gruber explores how Chinese e-commerce giants now sell drone accessories that transform $300 toys into semi-autonomous weapons. This eye-opening discussion reveals how modern drones with AI guidance modules and fiber optic tethers mirror strategies from World War I—except today's technology is far more accessible and difficult to defend against. Against this backdrop, Sean delivers a compr...
Send us a text Today's cybersecurity landscape demands vigilance on multiple fronts, something Sean Gerber demonstrates masterfully in this information-packed episode focused on CISSP Domain 3 security principles. The episode opens with a critical security alert regarding Cox modems—a vulnerability potentially affecting millions of American households and businesses. While quickly patched by the company, this real-world example perfectly illustrates one of Gerber's key points: exposed APIs r...
Comments
Download from Google Play
Download from App Store
United States