Cybersecurity Where You Are (audio)
In episode 194 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager sit down with Ed Skoudis [https://www.linkedin.com/in/edskoudis], President of SANS Technology Institute. Together, they conduct a mid-year review of 2026 cybersecurity predictions from seven Center for Internet Security® (CIS®) experts, as shared on the CIS website [https://www.cisecurity.org/insights/blog/7-cis-experts-2026-cybersecurity-predictions?utm_source=cwya&utm_medium=audio&utm_campaign=cis&utm_content=26-cis-episode_194-0701_podcast]. Here are some highlights from our episode: * 01:50. Ongoing conversations about improving defense with artificial intelligence (AI) * 05:19. A trap to avoid: Automating things with AI because we can regardless of utility * 06:54. Ed's prediction about a near-term transition for AI-enabled vulnerability discovery * 09:27. How AI agents change the economics around conducting a penetration test * 11:26. Adversary emulation: A blurry proposition when threat actors use AI to look like anybody * 14:02. Ed's prediction about threat actors shifting APT profiles within a single attack campaign * 17:00. The need to systematically rethink cyber defense to support state and local cybersecurity * 23:34. How adversaries are pivoting to the "authorization sprawl" in light of zero trust efforts * 29:20. Industry-specific threat intelligence as a way to keep organizations informed * 32:10. Why a policy isn't the same as security control for operational technology (OT) * 33:55. Social expectations and public policy objectives around holistic OT security * 39:52. Compliance as a floor, not a ceiling, that results as a byproduct of continuous security * 43:43. The need for oversight and confidence in technology as distinct from the "Fog of More" Resources * Episode 169: 2026 Cybersecurity Predictions from CIS — Pt 1 [https://www.cisecurity.org/insights/podcast/episode-169-2026-cybersecurity-predictions-from-cis-pt-1?utm_source=cwya&utm_medium=audio&utm_campaign=cis&utm_content=26-cis-episode_194-0701_podcast] * Episode 174: 2026 Cybersecurity Predictions from CIS — Pt 2 [https://www.cisecurity.org/insights/podcast/episode-174-2026-cybersecurity-predictions-from-cis-pt-2?utm_source=cwya&utm_medium=audio&utm_campaign=cis&utm_content=26-cis-episode_194-0701_podcast] * Episode 179: 2026 Cybersecurity Predictions from CIS — Pt 3 [https://www.cisecurity.org/insights/podcast/episode-179-2026-cybersecurity-predictions-from-cis-pt-3?utm_source=cwya&utm_medium=audio&utm_campaign=cis&utm_content=26-cis-episode_194-0701_podcast] * The Myth of Mythos: What It Means For Information Security [https://www.cisecurity.org/insights/webinar/the-myth-of-mythos-what-it-means-for-information-security?utm_source=cwya&utm_medium=audio&utm_campaign=cis&utm_content=26-cis-episode_194-0701_podcast] * Episode 189: The Present and Future of AI-enabled Pentesting [https://www.cisecurity.org/insights/podcast/episode-189-the-present-and-future-of-ai-enabled-pentesting?utm_source=cwya&utm_medium=audio&utm_campaign=cis&utm_content=26-cis-episode_194-0701_podcast] * Authorization Sprawl: The Vulnerability Reshaping Modern Attacks [https://www.rsaconference.com/library/report/authorization-sprawl] * Episode 188: DBIR 2026 Insights and Collaboration with CIS [https://www.cisecurity.org/insights/podcast/episode-188-dbir-2026-insights-and-collaboration-with-cis?utm_source=cwya&utm_medium=audio&utm_campaign=cis&utm_content=26-cis-episode_194-0701_podcast] * Mapping and Compliance with the CIS Controls [https://www.cisecurity.org/cybersecurity-tools/mapping-compliance/mapping-and-compliance-with-the-cis-controls?utm_source=cwya&utm_medium=audio&utm_campaign=cis&utm_content=26-cis-episode_194-0701_podcast] * Mapping and Compliance with the CIS Benchmarks [https://www.cisecurity.org/cybersecurity-tools/mapping-compliance/mapping-and-compliance-with-the-cis-benchmarks?utm_source=cwya&utm_medium=audio&utm_campaign=cis&utm_content=26-cis-episode_194-0701_podcast] If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org [podcast@cisecurity.org].
194 Episoder
Kommentarer
0Vær den første til å kommentere
Registrer deg nå og bli medlem av Cybersecurity Where You Are (audio) sitt community!