Episode 161: An Ecosystem-Wide Approach to CNI Resilience

In Episode 161 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Mishal Makshood, Azure Partner Alliance Manager at the Center for Internet Security® (CIS®), and David Kalish, Sr. Cybersecurity Solutions Engineer at CIS. Together, they explore how CIS Hardened Images® help to secure cloud environments and strengthen critical national infrastructure (CNI) resilience through collaboration.Mishal and David explain how these virtual machine images, which are pre-configured to the CIS Benchmarks®, serve as secure, scalable blueprints for cloud deployments. They highlight how CIS Hardened Images reduce human error, accelerate compliance, and foster trust across a global cybersecurity ecosystem that includes hyperscalers, supply chains, and public-private partnerships.Tony shares the origin story of the CIS Hardened Images and reflects on the evolution of cybersecurity from isolated efforts to a cooperative model built on shared standards and integrated tooling. The group also discusses how CIS Hardened Images align to frameworks and how they help organizations navigate multi-cloud environments while maintaining consistent security postures. Here are some highlights from our episode:00:50. Introductions to Mishal and David01:36. What CIS Hardened Images are and why they matter03:14. Why CIS Hardened Images are uniquely suited to strengthening CNI resilience04:24. The cultural shift toward working as an ecosystem to start from secure baselines06:34. The origin story of the CIS Hardened Images10:32. The value of taking guesswork out of secure configuration management in the cloud13:44. How CIS Hardened Images support compliance directly and through the CIS Critical Security Controls® (CIS Controls®)20:39. Building trust through cloud partnerships and collaboration28:50. The foundational role of configuration management in cybersecurity34:35. Getting started with strengthening your cloud security foundationResourcesCIS Hardened Images® ListSecure by Design: A Guide to Assessing Software Security PracticesSoftware Supply Chain Security25 Years of Creating Confidence in the Connected WorldMapping and Compliance with the CIS ControlsGuide to Implementation Groups (IG): CIS Critical Security Controls v8.1Build a Zero Trust Roadmap for FinServ with CIS SecureSuiteEpisode 154: Integration of Incident Response into DevSecOpsHow to Construct a Sustainable GRC Program in 8 StepsIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].

There are no comments yet.

Please log in to write the first comment.