Certified: The CISSP Audio Course
Episodes
Episode 38: Security Models: Bell-LaPadula, Biba, Clark-Wilson
23 Jun 2025
Contributed by Lukas
Security models are theoretical frameworks that help define how systems enforce access control, integrity, and confidentiality. In this episode, we re...
Episode 37: Secure Design Principles: Defense in Depth, Least Privilege
23 Jun 2025
Contributed by Lukas
Designing secure systems isn’t just about applying tools—it’s about embedding principles. This episode introduces two foundational security desi...
Episode 36: Logging, Monitoring, and Metadata Retention for Assets
22 Jun 2025
Contributed by Lukas
Without visibility, security is just guesswork. In this episode, we explore how logging and monitoring give security teams the information they need t...
Episode 35: Handling of Sensitive Systems and High-Value Assets
22 Jun 2025
Contributed by Lukas
Some systems and data are too critical to treat like everything else. This episode focuses on how organizations identify, secure, and manage sensitive...
Episode 34: Backup Controls and Data Recovery
22 Jun 2025
Contributed by Lukas
Backup and recovery plans are your insurance against data loss. In this episode, we explore the critical controls necessary to ensure backups are avai...
Episode 33: Secure Use of Cloud Storage and Shared Resources
22 Jun 2025
Contributed by Lukas
Cloud services offer scalability and convenience, but they also introduce unique security risks—especially when sharing infrastructure with other te...
Episode 32: Data Sovereignty and Jurisdictional Control
22 Jun 2025
Contributed by Lukas
In a global digital economy, where your data resides can determine which laws apply to it. This episode explains data sovereignty—the principle that...
Episode 31: Asset Inventory Management
22 Jun 2025
Contributed by Lukas
You can’t protect what you don’t know you have. In this episode, we focus on the importance of maintaining a comprehensive and accurate inventory ...
Episode 30: Media Storage and Sanitization Methods
22 Jun 2025
Contributed by Lukas
Digital media—whether it’s a hard drive, USB stick, or backup tape—requires special handling to ensure data remains protected throughout its lif...
Episode 29: Secure Data Handling in Transit and at Rest
22 Jun 2025
Contributed by Lukas
Data is constantly on the move—or waiting to be accessed—and must be protected in both states. In this episode, we examine the best practices for ...
Episode 28: Data Remanence and Secure Disposal Techniques
22 Jun 2025
Contributed by Lukas
Even when you delete a file, remnants can linger—posing serious security risks. This episode delves into the concept of data remanence and the techn...
Episode 27: Privacy Protection and PII Handling
22 Jun 2025
Contributed by Lukas
Personally Identifiable Information (PII) is one of the most regulated and targeted types of data in cybersecurity. This episode focuses on how organi...
Episode 26: Data Retention and Archival Strategies
22 Jun 2025
Contributed by Lukas
Keeping data longer than necessary can increase your risk exposure, but disposing of it too early can create legal and operational gaps. This episode ...
Episode 25: Ownership and Stewardship Responsibilities
22 Jun 2025
Contributed by Lukas
Every piece of information in an organization should have an assigned owner and one or more stewards. In this episode, we define what it means to be a...
Episode 24: Data Sensitivity and Labeling Requirements
22 Jun 2025
Contributed by Lukas
Labeling data according to its sensitivity is one of the most overlooked but powerful techniques in cybersecurity. In this episode, we explore what it...
Episode 23: Information Lifecycle and Data Classification
22 Jun 2025
Contributed by Lukas
Understanding how data flows through its lifecycle is essential for protecting it appropriately. This episode walks through the phases of the informat...
Episode 22: Security Documentation and Governance Metrics
22 Jun 2025
Contributed by Lukas
Effective security governance depends on clear documentation and measurable performance. This episode explains the structure and function of security ...
Episode 21: Legal Systems and Cybercrime Laws Globally
22 Jun 2025
Contributed by Lukas
Cybersecurity professionals operate in a legal landscape that spans continents, jurisdictions, and regulatory systems. In this episode, we examine the...
Episode 20: Intellectual Property and Licensing Laws
22 Jun 2025
Contributed by Lukas
Cybersecurity professionals must understand how to protect not only data but also intellectual property. This episode unpacks the key types of intelle...
Episode 19: Privacy Principles and Data Protection (GDPR, CCPA)
22 Jun 2025
Contributed by Lukas
Protecting personal data is not just a compliance requirement—it’s a trust imperative. In this episode, we dive into key privacy principles such a...
Episode 18: Supply Chain Risk and Due Diligence
22 Jun 2025
Contributed by Lukas
Supply chains extend far beyond traditional logistics—they now include digital components, cloud providers, software dependencies, and more. This ep...
Episode 17: Third-Party Risk Management
22 Jun 2025
Contributed by Lukas
Today’s organizations rely heavily on vendors, contractors, and service providers—but each relationship introduces potential risks. In this episod...
Episode 16: Security Awareness and Training Programs
22 Jun 2025
Contributed by Lukas
Even the best technical defenses can fail if employees don’t understand their security responsibilities. This episode focuses on the development and...
Episode 15: Personnel Security: Background Checks, Policies, Termination
22 Jun 2025
Contributed by Lukas
People are often the weakest link in cybersecurity, and managing personnel risk is a critical responsibility. In this episode, we discuss best practic...
Episode 14: Security Policies, Standards, Procedures, and Guidelines
22 Jun 2025
Contributed by Lukas
A strong cybersecurity program is built on clear and well-documented policies. In this episode, we break down the four foundational types of documenta...
Episode 13: Disaster Recovery Planning (DRP) and Continuity of Operations
22 Jun 2025
Contributed by Lukas
Disaster Recovery Planning is a focused component of business continuity that addresses the rapid restoration of IT infrastructure and systems. In thi...
Episode 12: Business Continuity Planning (BCP) Fundamentals
22 Jun 2025
Contributed by Lukas
Business Continuity Planning, or BCP, is essential for maintaining operations during unexpected disruptions. This episode explores the key elements of...
Episode 11: Risk Response and Risk Appetite
22 Jun 2025
Contributed by Lukas
Once a risk is identified and assessed, the next critical step is determining how to respond. In this episode, we examine the four primary risk respon...
Episode 10: Risk Management Concepts: Threats, Vulnerabilities, Risk
22 Jun 2025
Contributed by Lukas
Risk management is a cornerstone of cybersecurity, and this episode introduces the essential vocabulary and concepts you need to know. We define threa...
Episode 9: Professional Ethics and (ISC)² Code of Ethics
22 Jun 2025
Contributed by Lukas
Ethics are the backbone of trust in the cybersecurity profession. This episode explores the professional responsibilities outlined in the ISC² Code o...
Episode 8: Organizational Roles and Responsibilities
22 Jun 2025
Contributed by Lukas
Security is not the job of a single person or department—it’s a shared responsibility across the organization. In this episode, we examine the rol...
Episode 7: Compliance Requirements: Legal, Regulatory, Contractual
22 Jun 2025
Contributed by Lukas
Cybersecurity professionals must navigate a complex landscape of compliance obligations. This episode explains the differences between legal, regulato...
Episode 6: Security Governance Principles: Frameworks and Strategy
22 Jun 2025
Contributed by Lukas
Governance gives structure and direction to an organization’s cybersecurity efforts. In this episode, we explore what it means to build a security s...
Episode 5: The CIA Triad: Confidentiality, Integrity, Availability
22 Jun 2025
Contributed by Lukas
Every cybersecurity professional must understand the CIA triad—confidentiality, integrity, and availability. These three pillars form the core of ne...
Episode 4: How to Study and Pass the CISSP Exam: Resources and Mindset
22 Jun 2025
Contributed by Lukas
Success on the CISSP exam requires more than memorizing facts—it takes a strategy, the right materials, and a focused mindset. In this episode, we w...
Episode 3: Career Impact of the CISSP: Roles, Salaries, Growth
22 Jun 2025
Contributed by Lukas
The CISSP isn’t just a certification—it’s a powerful career accelerator. This episode breaks down how earning your CISSP can open doors to high-...
Episode 2: CISSP vs. Other Certifications: Which One’s Right for You?
22 Jun 2025
Contributed by Lukas
Choosing the right cybersecurity certification can shape your career for years to come. In this episode, we compare the CISSP to other well-known cert...
Episode 1: What Is the CISSP and Why It Matters
22 Jun 2025
Contributed by Lukas
In this foundational episode, we introduce the Certified Information Systems Security Professional—better known as the CISSP. You’ll learn what th...