Ай бұрын
3 ай бұрын
4 ай бұрын
5 ай бұрын
6 ай бұрын
6 ай бұрын
6 ай бұрын
8 ай бұрын
Жыл бұрын
Жыл бұрын
Жыл бұрын
Жыл бұрын
Жыл бұрын
Жыл бұрын
Жыл бұрын
Пікірлер
@okorieemmanuel2662 5 күн бұрын
Thank you do much for this. I also wanted to find out how I can get the excel sheet for downloads
@cybersecuritygrowth 5 күн бұрын
You can get all the downloads at the SCF site. securecontrolsframework.com/scf-download/
@Бородатый-к2н 9 күн бұрын
Yeah, same here! I used to attend town hall meetings but now i just ask AI to make a summary and send it to another AI to read and decide if i need to read it!
@cybersecuritygrowth 5 күн бұрын
That sounds like a great productivity hack.
@SpeedingFirebird 20 күн бұрын
Definitely some real CISO problems highlighted.
@cybersecuritygrowth 19 күн бұрын
The struggle is real.
@imgeorgeofficial 29 күн бұрын
True. It’s like you’re playing chess against one million opponents at the same time. Everyone is trying to find and exploit your weaknesses
@cybersecuritygrowth 29 күн бұрын
Nice analogy. A nearly impossible game to win, but yet, we still go all in with a slim chance of a potential win.
@jesusisGod1434 Ай бұрын
Me too!
@cybersecuritygrowth 5 күн бұрын
Windows 95 or Lotus Notes?
@matthewkeebler2326 Ай бұрын
I've installed fax works before...
@cybersecuritygrowth 21 күн бұрын
That's a classic. 📠
@audiwhite7495 Ай бұрын
How do I send resume?
@cybersecuritygrowth Ай бұрын
You can email it to [email protected]
@audiwhite7495 Ай бұрын
@@cybersecuritygrowth thank you
@chrisaryeh9563 4 ай бұрын
Hi there! 👋 Have you ever written a book?
@cybersecuritygrowth 4 ай бұрын
White papers, blog posts, but no books so far.
@uberpies 5 ай бұрын
Bad idea
@cybersecuritygrowth 5 ай бұрын
Bad indeed
@jahsoul357 6 ай бұрын
Don't know how I slipped up on this but subscribed... And shoutout to Garrett; one of the best people I've worked with once upon a time...
@cybersecuritygrowth 6 ай бұрын
Garrett is great, agreed! Thanks for subscribing.
@SpeedingFirebird 6 ай бұрын
Sixty seconds to click a link. Two hundred twelve days in the environment undetected! 😲 Totally agree on the ISACs. Also agree with "Have a tabletop. Bring tacos." Brilliant!
@cybersecuritygrowth 6 ай бұрын
It’s somewhat amazing to to think how quick people engage with phishing emails, and the 200+ day dwell time of an attacker who’s gains a foothold. Also, tabletop tacos 🌮. Pizza is so 2010’s. 😀
@scottmace837 6 ай бұрын
On premises, y'all!!! Say it with me!!!!
@cybersecuritygrowth 6 ай бұрын
In the current state of SaaS security issues, by some of the biggest companies we have to rely on, it can be hard to argue with your comment.
@ar_rahman_90 7 ай бұрын
Just stumbled across your videos. Love your personal stories, honesty, and sense of humor!
@cybersecuritygrowth 7 ай бұрын
That’s great. Thanks for checking them out. Glad you like them.
@dman9405 8 ай бұрын
You can buy a whole lot of YubiKeys for $1 billion
@cybersecuritygrowth 6 ай бұрын
Yes, something like 20 million or so Yubikeys
@sowelldonetv6475 8 ай бұрын
Great show!!!
@cybersecuritygrowth 8 ай бұрын
Thanks for watching. We really appreciate it. Glad you liked it.
@herbertmejiasable 10 ай бұрын
¡Gracias por compartir esta información sobre SCF! Agardezco el tiempo que has dedicado a proporcionar contenido tan útil. ¡Excelente trabajo!
@cybersecuritygrowth 10 ай бұрын
Gracias por el comentario. Me alegra que lo hayas encontrado útil.
@AndyTurner-y1s Жыл бұрын
Can you provide further justification for why you or your peer wouldn't prescribe phishing campaigns to users?
@cybersecuritygrowth 5 күн бұрын
My peer didn't like that the security team appears to be attempting to trick users. I prefer to educate using other methods, instead of actual phishing emails.
@melsuarez Жыл бұрын
Nice delivery. Great setup. Interesting about leveraging ChatGPT. Glad I found your videos.
@cybersecuritygrowth Жыл бұрын
Hi Mel! Great to see you and thanks for visiting!
@rabbyt Жыл бұрын
does this consider HITRUST?
@cybersecuritygrowth Жыл бұрын
I didn't see anything in SCF that mentions HITRUST. Seems like there is an opportunity for improvement to include controls from NIST's guidance on HITRUST. SCF does specifically call out that includes controls for the following: NIST 800-53 - SA-8 NIST Cybersecurity Framework - PR.IP-2 ISO 27002 - 14.2.5 & 18.1.4 Defense Federal Acquisition Regulations Supplement (DFARS) 252.204-7012 (NIST 800-171) - 3.13.1 & 3.13.2 Federal Acquisition Regulations (FAR) 52.204-21 - 4 National Industrial Security Program Operating Manual (NISPOM) - 8-302 & 8-311 ISACA Trust Services Criteria (TSC) (SOC 2) - CC3.2 Generally Accepted Privacy Principles (GAPP) - 4.2.3, 6.2.2, 7.2.2 & 7.2.3 New York State Department of Financial Service (DFS) - 23 NYCRR 500.08 Payment Card Industry Data Protection Standard (PCI DSS) - 2.2 Center for Internet Security Critical Security Controls (CIS CSC) - 1.2, 5.9, 6.2, 6.3, 6.4, 6.5, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.7, 7.8, 8.6, 9.1, 9.2, 9.3, 9.4, 9.5, 9.6, 11.4, 11.5, 11.6, 11.7, 13.4, 13.5 & 16.5
@teachmecyber Жыл бұрын
Thanks for walking through this!
@cybersecuritygrowth Жыл бұрын
I am happy to share. I've used SCF before, but haven't spent the time to truly learn it until now.