Dr. Z's Podcasts

Cybersecurity Analytics - Module 12 - The Gap Between AI Accuracy & Truth May 1, 2026 1275 This podcast outlines the core components of the NIST AI Risk Management Framework, focusing on the essential functions of governance, mapping, measurement, and management. To ensure responsible AI deployment, the framework highlights the importance of establishing clear policies, identifying stakeholder interests, and evaluating performance metrics like fairness and robustness. It emphasizes orga

Cybersecurity Analytics - Module 11 - How Behavioral Analytics Catches Insider Threats May 1, 2026 1311 This podcast details the use of User and Entity Behavior Analytics (UEBA) to identify and mitigate insider threats within a digital environment. By establishing behavioral baselines for login times, file access, and network norms, organizations can detect anomalies such as sudden data hoarding or impossible travel. The system aggregates various data sources, including authentication logs and cloud

Cybersecurity Analytics - Module 10 - Why Perfect Security Is Mathematically Impossible May 1, 2026 1125 This podcast examines cybersecurity from both an economic and technological standpoint, focusing on how organizations can efficiently manage digital risks. One source introduces the Gordon-Loeb Model, which uses mathematical frameworks to help executives determine the optimal level of investment by balancing potential losses against the productivity of security spending. This model suggests that f

Cybersecurity Analytics - Module 09 - Taming The Security Data Hurricane May 1, 2026 1486 This podcast explains how data engineering serves as the vital foundation for converting messy, disorganized security logs into actionable intelligence. Because machine learning models require high-quality inputs, the source outlines a log ingestion pipeline that focuses on parsing, normalization, and feature extraction to ensure accurate analysis. It compares the roles of SIEMs and data lakes, hi

Cybersecurity Analytics - Module 08 - Tricking AI With Invisible Noise May 1, 2026 1220 This podcast examines the foundational concepts of adversarial machine learning, focusing on how vulnerabilities emerge from imperfect learning and blind spots within a model’s logic. Exploratory attacks exploit these weaknesses after a system is deployed, requiring no direct access to the original training data to cause errors. These threats are categorized by their specificity, ranging from targ

Cybersecurity Analytics - Module 07 - Why Machine Learning Models Degrade In Production May 1, 2026 1224 This podcast outlines critical strategies for maintaining high-quality machine learning (ML) lifecycles, with a specific focus on feedback loops and data integrity. One source details the AWS Well-Architected Framework, which promotes systematic monitoring and automated retraining to combat model performance degradation over time. Another emphasizes that the presence of missing data is a primary c

Cybersecurity Analytics - Module 06 - Stopping Account Takeovers In A Glass Vault May 1, 2026 1310 This podcast offers a comprehensive look at the economic impact, technical mechanisms, and prevention strategies associated with modern digital fraud, specifically focusing on account takeover (ATO) and payment systems. The texts detail how criminals exploit vulnerabilities in credit cards, mobile payments, and telecommunications through methods like phishing, credential stuffing, and hardware ski

Cybersecurity Analytics - Module 05 - Hunting Cyber Threats In Encrypted Traffic Apr 29, 2026 1214 This podcast provides a comprehensive network traffic data analysis using real-world traces. The research utilizes various open-source tools like tcpdump, tcptrace, and CoralReef alongside Matlab to examine traffic at the packet, flow, and connection levels. Key areas of investigation include protocol distribution, packet lengths, TCP retransmissions, and round-trip times. The author identifies si

Cybersecurity Analytics - Module 04 - Malware Analysis From Assembly To AI Apr 28, 2026 1144 This podcast provides a comprehensive overview of malware analysis and reverse engineering, moving from foundational theory to advanced defensive technologies. It categorizes malicious software into types like droppers, info-stealers, and fileless variants, while outlining a standard attack lifecycle that includes reconnaissance and privilege escalation. To safely study these threats, the material

Cybersecurity Analytics - Module 03 - How Machines Find Anomalies Without Labels Apr 28, 2026 1295 Anomaly detection is the process of identifying data points or behaviors that deviate significantly from established normal patterns. This podcast explains that while anomalies are not always faults, they serve as vital indicators for fraud detection, cybersecurity, and predictive maintenance. Various methodologies are employed to flag these irregularities, ranging from simple thresholds to advanc

Cybersecurity Analytics - Module 02 - The Difference Between Classification & Clustering Apr 25, 2026 1177 Machine learning operates by identifying trends in past information to forecast future events, though these results are based on likelihoods rather than certainties. These systems address various challenges, including classification, regression, clustering, and anomaly detection, with each method designed to answer specific types of questions. For example, classification is a vital tool in cyberse

Cybersecurity Analytics - Module 01 - The Machine Learning Arms Race In Cybersecurity Apr 25, 2026 1347 The provided podcast serves as the official Candidate Handbook for the Certified Ethical Hacker (C|EH) credential, issued by the EC-Council. It establishes the eligibility requirements for applicants, including mandated professional experience or the completion of authorized training programs. The document details the exam structure, which consists of 125 questions over a four-hour duration, and o

How Secret Deals Carved The Middle East May 10, 2026 1416 This podcast explores the historical roots of the modern Middle Eastern conflict, specifically examining how British and French diplomacy during World War I reshaped the region. It details the contradictory promises made by Britain, which simultaneously pledged independence to the Arabs for their military revolt while secretly planning a colonial partition through the Sykes-Picot Agreement. The ac

Machiavelli & The Sovereign Self May 9, 2026 2635 This podcast provides a comprehensive look at the life and philosophy of Niccolò Machiavelli, blending historical biography with modern interpretations of his strategic principles. The texts detail his upbringing in Renaissance Florence and his career as a diplomat, while explaining how his observations of power led to the writing of The Prince. A significant portion of the material adapts his pol

Why Explaining Yourself Is Submission May 9, 2026 2474 In Machiavellian strategy, silence is never a sign of submission, avoidance, or an inability to speak; rather, it is a deliberate, sharp, and unnerving weapon. It is a calculated maneuver that shifts the balance of power by turning the absence of noise into a tool of psychological dominance.Silence functions as a strategic weapon in several distinct ways:Unsettling Opponents and Dominating the Fra

Why Trying To Save The World Damages It May 1, 2026 3042 This podcast explores the paradox of good intentions, suggesting that efforts to improve the world or oneself often backfire when they lack genuine awareness or trust. Philosophically, the texts argue that nature and life are inherently purposeless, and forcing a rigid moral or practical goal onto them can lead to destructive dependency and unintended consequences. Economically and socially, the m

Why Forced Improvement Backfires May 1, 2026 1278 This podcast examines how misguided altruism and rigid social systems often produce harmful, unintended outcomes. Using the philosophy of Alan Watts and modern economic examples, the texts argue that enforced virtue and government intervention frequently backfire because they prioritize outward control over an organic trust in nature. This dynamic is illustrated through toxic charity that creates

The Persians & The Jewish People Mar 6, 2026 1070 This podcast examines the 2,700-year history of the Jewish people in Iran, tracing a legacy that began with Cyrus the Great liberating Jews from Babylonian captivity. While the Pahlavi Dynasty ushered in a "Golden Era" of prosperity and religious freedom, the 1979 Islamic Revolution radically shifted the landscape into one of hostility and strict religious law. Personal narratives and historical r

The Matchstick, The Hook, & The Snakes Feb 24, 2026 1599 These moral fables emphasize the vital connection between personal responsibility, gratitude, and discerning wisdom. The first story illustrates how human capital and frugality are more valuable than inherited wealth, as a spoiled son only finds true purpose after losing everything and recognizing his father's foresight. In the second narrative, the consequences of gossip and the danger of freedom

The Lost Art Of Traditional Western Etiquette Feb 24, 2026 2221 This podcast explores the evolution and application of social etiquette, ranging from historical Edwardian customs to modern digital manners. They provide practical guidance on interpersonal behavior, such as chivalrous dating acts, proper introductions based on seniority, and effective ways to politely decline invitations. A significant focus is placed on modern technology, offering specific rule

The American Revolution Was A Toxic Divorce Feb 26, 2026 1080 This podcast examines the American Revolution by analyzing the divergent political perspectives of the British monarchy and the colonial rebels. While the National Archives provides the foundational text of the Declaration of Independence, other scholarly works explore the ideological origins of the conflict, focusing on the colonists' fear of parliamentary corruption and the Crown’s insistence on

Rumi’s Animals Roast Your Ego Feb 20, 2026 1037 This podcast examines the mystical and pedagogical dimensions of Sufism, primarily through the symbolic Quranic narrative of Moses and the spiritual guide Khidr. Scholars and poets like Rumi use this story to illustrate the master-disciple relationship, emphasizing that true wisdom often transcends external law and human logic. The podcast explores how mystical "unveiling" allows practitioners to

How Intellectuals Dismantle Society From Within Feb 20, 2026 2271 This podcast profiles the life and philosophy of Thomas Sowell, a prominent economist who critiques the "anointed" class of intellectuals for prioritizing abstract theories over empirical reality. The texts argue that modern intellectuals often champion a vision of "liberation" from traditional social restraints, which Sowell contends has historically led to disastrous outcomes like family disinte

Data Engineer, Data Scientist, Data Analyst - What Do They Do? Mar 25, 2026 799 This podcast provides a comprehensive comparison between the professional roles of data engineers and data scientists, highlighting their unique contributions to the modern tech landscape. While data engineers focus on the foundational aspects of building, maintaining, and scaling the infrastructure used to move and clean raw information, data scientists specialize in performing statistical analys

Security Analytics - Podcast 05 - Adversarial Machine Learning Feb 25, 2026 950 These sources examine the security of deep neural networks by focusing on the identification and mitigation of adversarial attacks. Research highlights how evasion attacks exploit model vulnerabilities during deployment by using subtle, human-indistinguishable perturbations to cause misclassifications. To counter these threats, authors propose formal verification frameworks that utilize mathematic

Security Analytics - Podcast 04 - Machine Learning Security Applications For Business Feb 16, 2026 875 This podcast investigates advanced methods for enhancing cybersecurity through the application of machine learning. The primary study details the creation of a neural network specifically designed to identify and categorize DDoS flooding attacks, such as SYN and UDP flooding, with high precision. By utilizing a 24-106-5 architecture, the researchers achieved an accuracy rate of over 95% in both si

Security Analytics - Podcast 03 - Fraud, Biometrics, & Bots Feb 8, 2026 1139 Modern cybersecurity faces sophisticated threats like botnets, insider attacks, and fraud. Organizations utilize Behavioral Biometrics and UEBA to establish baseline user profiles. By analyzing unique patterns like keystroke dynamics, these systems enable real-time defense.

Security Analytics - Podcast 02 - Machine Learning Feb 4, 2026 1047 This module explores data mining, visualization, and machine learning concepts for security analytics. It details anomaly detection using network traffic. It clarifies machine learning techniques such as Regressions, Näive Bayes, Decision Trees, Random Forests, and KNN. It goes over supervised and unsupervised machine learning approaches.

Security Analytics - Podcast 01 - Cybersecurity Threats Feb 4, 2026 304 A short 5-minute video on the variety of cybersecurity threats.

How SOC, ISO, & FedRAMP Prove Trust May 31, 2026 1502 This podcast provides technical and regulatory guidance for maintaining security and accessibility within digital environments. The FedRAMP documentation outlines a standardized federal program for the secure adoption of cloud services, emphasizing cost-effective authorization reuse and the transition to more automated security monitoring. Complementing these federal requirements, the ISO/IEC 2700

MITRE ATT&CK, Lockheed Cyber Kill Chain, & The Diamond Model Of Intrusion Analysis Feb 18, 2026 1617 This podcast analyzes and compares three primary frameworks used in modern cybersecurity: the Lockheed Martin Cyber Kill Chain, the MITRE ATT&CK Matrix, and the Diamond Model of Intrusion Analysis. The Cyber Kill Chain offers a linear perspective on the stages of an attack, while MITRE ATT&CK provides an extensive database of specific adversary behaviors and technical methods. In contrast,

CVE, NVD, CVSS, EPSS, & VPR Feb 18, 2026 2197 This podcast examines the essential frameworks used to identify, analyze, and rank security threats, specifically focusing on the roles of MITRE and the National Vulnerability Database (NVD). While MITRE serves as the primary authority for assigning CVE identifiers, the NVD enriches this data with CVSS scores to help organizations gauge the technical severity of vulnerabilities. The documentation

NIST Risk Management Framework (RMF) Feb 13, 2026 2038 The provided documents outline the National Institute of Standards and Technology (NIST) guidelines for managing security and privacy risks within federal information systems and private organizations. Central to these sources is Special Publication 800-53, which provides an extensive catalog of security controls designed to protect the integrity, confidentiality, and availability of data. This fr

NIST Cybersecurity Framework (NIST CSF) Feb 18, 2026 1807 The NIST Cybersecurity Framework (CSF) 2.0 serves as a foundational guide for organizations of all sizes to manage and reduce cybersecurity risks through a standardized taxonomy of functions and outcomes. A central component of this manual is the use of Organizational Profiles, which allow entities to document their Current Profile of existing practices and define a Target Profile representing the

NIST AI RMF Podcast 09 - NIST AI 100 - 2e2025 - Adversarial Machine Learning Feb 15, 2026 847 National Institute of Standards and Technology AI 100-2e2025, Adversarial Machine Learning, examines the security risks posed by malicious actors who intentionally manipulate machine learning systems and outlines strategies to strengthen their resilience. The report explains how adversarial attacks can occur during different phases of the AI lifecycle, including data poisoning during training, mod

NIST AI RMF Podcast 08 - OECD Framework For Classifying AI Systems Feb 15, 2026 1001 Organization for Economic Co-operation and Development Framework for Classifying AI Systems provides a structured method for categorizing AI systems based on their context, capabilities, and potential impact. Rather than ranking systems as simply “high” or “low” risk, the framework analyzes AI across multiple dimensions, including the system’s purpose, the data it uses, its degree of autonomy, the

NIST AI RMF Podcast 07 - NIST AI 100-5 - A Plan For Global Engagement On AI Standards Feb 15, 2026 1093 National Institute of Standards and Technology AI 100-5, A Plan for Global Engagement on AI Standards, outlines a strategic approach for advancing international collaboration in the development of AI standards. The publication emphasizes the importance of aligning technical standards, risk management practices, and governance frameworks across countries to promote innovation while safeguarding tru

NIST AI RMF Podcast 06 - NIST AI 100-3 - The Language of Trustworthy AI Feb 15, 2026 991 National Institute of Standards and Technology AI 100-3, The Language of Trustworthy AI, establishes a shared vocabulary to support consistent understanding and implementation of trustworthy artificial intelligence. The publication clarifies key concepts such as reliability, robustness, safety, security, resilience, privacy, fairness, accountability, transparency, and explainability, emphasizing t

NIST AI RMF Podcast 05 - NISTIR 8367 - Psychological Foundations Of Explainability & Interpretability In AI Feb 15, 2026 1037 National Institute of Standards and Technology Interagency Report 8367, Psychological Foundations of Explainability and Interpretability in AI, examines explainable AI through the lens of human cognition and decision-making. Rather than focusing solely on technical transparency, the report emphasizes how people understand, trust, and interact with AI systems. It explains that effective explanation

NIST AI RMF Podcast 04 - NISTIR 8312 - Four Principles Of Explainable Artificial Intelligence Feb 15, 2026 855 National Institute of Standards and Technology Interagency Report 8312, Four Principles of Explainable Artificial Intelligence, defines foundational guidance for designing AI systems that can be understood and trusted by users. The report outlines four core principles: AI systems should provide explanations for their outputs; those explanations should be meaningful and understandable to the intend

NIST AI RMF Podcast 03 - NIST Special Publication 1270 - Towards A Standard for Identifying & Managing Bias In AI Feb 15, 2026 1081 This podcast outlines a structured approach to recognizing, measuring, and mitigating bias in artificial intelligence systems. The NIST publication distinguishes between statistical bias (systematic error in model outputs) and societal bias (inequities embedded in data and social systems), emphasizing that AI systems can both reflect and amplify existing disparities. It proposes a lifecycle-based

NIST AI RMF Podcast 02 - NIST Generative AI Risk Management (AI 600-1 ) Feb 15, 2026 979 This podcast explores the core elements of NIST AI 600-1, a framework designed to help organizations identify, measure, and manage the unique and often amplified risks associated with generative AI systems. It highlights twelve central risk areas, including confabulation, dangerous or violent content, data privacy concerns, environmental impact, harmful and systemic bias, human–AI configuration ch

NIST AI RMF Podcast 01 - NIST Artificial Intelligence Risk Management Framework Feb 15, 2026 1040 This podcast centers on the NIST AI Risk Management Framework (AI RMF), a voluntary standard designed to increase the trustworthiness of artificial intelligence through four key functions: govern, map, measure, and manage. While the core NIST documents establish foundational principles for mitigating sociotechnical harms—including specific risks like confabulation and bias in generative AI—supplem

The Gambler - The Logic Of Self Sabotage Mar 26, 2026 1338 This podcast provides a comprehensive examination of Fyodor Dostoevsky’s life, literary output, and psychological complexity. Scholarly essays and biographical accounts detail his traumatic experiences, including a mock execution, Siberian imprisonment, and a lifelong battle with epilepsy and gambling addiction. Analysis of his major works, such as Crime and Punishment and The Brothers Karamazov,

The Idiot - Analysis of Fyodor Dostoevsky's Classic & Its Application To Modern Life Mar 24, 2026 1250 This podcast provides a comprehensive analysis of Fyodor Dostoevsky’s novel The Idiot, focusing on the intersection of theological ideals and social reality. The texts examine Prince Myshkin, a protagonist designed to embody absolute Christian beauty and compassion, and his disruptive effect on a nihilistic 19th-century Russian society. Central to the discussion is the Holbein painting of the dead

Ethics & Privacy - US Constitution Podcast - How Boiling Shoelaces Built The American Blueprint Apr 16, 2026 2959 This podcast examined the foundational principles and evolving structure of the American government, beginning with the transition from the failed Articles of Confederation to the U.S. Constitution. The collection highlights the economic shift from early communal experiments toward a free-market system and the implementation of federalism to balance state and national authority. Key legal mileston

Ethics & Privacy - Special Podcast - How The Government Buys Your Private Data Mar 24, 2026 1614 This podcast explores the legal and constitutional tensions surrounding digital data and online platforms. One essay argues that unregulated government collection of bulk digital surveillance data is unconstitutional, suggesting that law enforcement must operate under legislative regulatory schemes that include privacy safeguards and judicial review. The author emphasizes that existing Fourth Amen

Ethics & Privacy - Podcast 10 - Why Humans Justify Fraud & Autocracy Mar 25, 2026 1232 This podcast addresses two very different aspects of institutional evaluation: the formal management of artificial intelligence and the informal realities of university admissions. The first source is a technical publication from NIST detailing a framework to improve AI trustworthiness through specific functions like governing, mapping, measuring, and managing systemic risks. It emphasizes the nee

Ethics & Privacy - Podcast 09 - Algorithms Mirror Our Own Tribalism Mar 24, 2026 1271 This podcast describes social media and its impact on the social fabric. It explores how rules and laws are being rewritten and social norms and responsibleness are being either wiped out or being changed into unrecognizable former selves. The podcast looks at both the positive and negative impacts of social media. It discusses the loss of privacy and looks at not just the United States but also E

Ethics & Privacy - Podcast 08 - Your Behavior Is A Prediction Product Mar 17, 2026 1277 This podcast examines the ethical and societal dangers inherent in modern digital ecosystems, specifically focusing on surveillance capitalism, artificial intelligence, and social media. Harvard professor Shoshana Zuboff warns that tech giants exploit personal data to predict behavior, a practice she argues destroys individual autonomy and democratic stability. Simultaneously, technical surveys an

Ethics & Privacy - Podcast 07 - The Moral Compass Of Software Engineering Feb 28, 2026 1094 This podcast explores the evolving landscape of software development, focusing on the intersection of legal liability, professional ethics, and inclusive design. It discusses a critical shift toward holding manufacturers accountable for security vulnerabilities while highlighting the importance of transparency and accessibility from the start of the lifecycle. Comparison of Agile and Waterfall met

Ethics & Privacy - Podcast 06 - The Intellectual Property Survival Guide Feb 19, 2026 1069 This podcast examines the complex legal and historical landscape of intellectual property, specifically focusing on copyrights, trademarks, and patents. One article outlines the evolution of the fair use defense in the software industry, while another explores how international systems distinguish between the flexible fair use approach and the rigid fair dealing rules. The United States Patent and

Ethics & Privacy - Podcast 05 - Mob Justice, Deepfakes, & Industrialized Crime Feb 13, 2026 838 These sources examine the intricate relationship between individual freedom, technological disruption, and the legal frameworks that govern modern expression. One perspective focuses on the philosophical balance between personal liberty and the weight of moral responsibility, highlighting the importance of these values in maintaining a stable society. This theoretical foundation is challenged by t

Ethics & Privacy - Podcast 04 - Leasing Privacy From Tech Feb 6, 2026 1013 This presentation by Dr. Z defines privacy as a fundamental right. It categorizes privacy into data, physical, behavioral, communication, and decision types. The text also examines the links between privacy and security and legal regulations.

Ethics & Privacy - Podcast 03 - Utilitarianism & Aesthetic Relativism Feb 4, 2026 931 Forcing personal or national ethics on others is by itself unethical no matter the good intentions. By extension, the beauty is in the eye of the beholder mentality destroys all standards and makes everything meaningless. This goes for those who "speak their truth" when in fact there are truths and there are falsehoods. No one gets to pick a cat and call it a dog and state that is their truth.

Ethics & Privacy - Podcast 02 - What If Fraud Is Part Of A Culture? Feb 1, 2026 786 Thought corruption correlates strongly with wealth and cultural norms, which often dictate behavior more than legal rules alone. Standardized international reforms frequently fail because they ignore local identity and values. Success requires discipline, integrity, and context.

Ethics & Privacy - Podcast 01 - The Road To Hell Is Paved With Good Intentions Jan 31, 2026 1040 This transcript of an Alan Watts lecture argues that forced improvements and self-conscious righteousness often result in unintended destruction. Watts suggests that when individuals or nations attempt to "do good" without understanding the complex interconnectedness of nature, they frequently create more harm than the problems they intended to solve. He highlights how scientific interference, suc

CISSP - Passing CISSP - Think Like a Manager Feb 9, 2026 1014 The CISSP exam focuses on risk management, requiring a managerial mindset to align security with business goals. Key concepts include Due Care (action) versus Due Diligence (research), the CIA triad, and the OSI model. Human life is always the top priority. This podcast focuses on passing the CISSP through proper thinking and approaches.

CISSP - CISSP Mastery - A Manager Mindset Feb 9, 2026 2999 The CISSP exam focuses on risk management, requiring a managerial mindset to align security with business goals. Key concepts include Due Care (action) versus Due Diligence (research), the CIA triad, and the OSI model. Human life is always the top priority. This podcast focuses on how to think like a manager to master the CISSP.

CISSP - Domain 8 - Secure SDLC, Database Models, and Malware Feb 9, 2026 1146 The CISSP exam focuses on risk management, requiring a managerial mindset to align security with business goals. Key concepts include Due Care (action) versus Due Diligence (research), the CIA triad, and the OSI model. Human life is always the top priority. This podcast focuses on Domain 8, Secure SDLC, Database Models, and Malware.

CISSP - Domain 7 - Security Operations, Human Safety and the Rest Feb 9, 2026 1002 The CISSP exam focuses on risk management, requiring a managerial mindset to align security with business goals. Key concepts include Due Care (action) versus Due Diligence (research), the CIA triad, and the OSI model. Human life is always the top priority. This podcast focuses on Domain 7, Security Operations, Human Safety, and the Rest.

CISSP - Domain 6 - Security Assessment and Testing Feb 9, 2026 985 The CISSP exam focuses on risk management, requiring a managerial mindset to align security with business goals. Key concepts include Due Care (action) versus Due Diligence (research), the CIA triad, and the OSI model. Human life is always the top priority. This podcast focuses on Domain 6, Security Assessment and Testing.

CISSP - Domain 5 - Identity and Access Management Feb 9, 2026 854 The CISSP exam focuses on risk management, requiring a managerial mindset to align security with business goals. Key concepts include Due Care (action) versus Due Diligence (research), the CIA triad, and the OSI model. Human life is always the top priority. This podcast focuses on Domain 5, Identity and Access Management.

CISSP - Domain 4 - Communication and Network Security Feb 9, 2026 1144 The CISSP exam focuses on risk management, requiring a managerial mindset to align security with business goals. Key concepts include Due Care (action) versus Due Diligence (research), the CIA triad, and the OSI model. Human life is always the top priority. This podcast focuses on Domain 4, Communication and Network Security.

CISSP - Domain 3 - Mastering CISSP Security Models and Cryptography Feb 9, 2026 1210 The CISSP exam focuses on risk management, requiring a managerial mindset to align security with business goals. Key concepts include Due Care (action) versus Due Diligence (research), the CIA triad, and the OSI model. Human life is always the top priority. This podcast focuses on Domain 3 of CISSP, Security Models and Cryptography.

CISSP - Domain 2 - Asset Management Feb 9, 2026 1097 The CISSP exam focuses on risk management, requiring a managerial mindset to align security with business goals. Key concepts include Due Care (action) versus Due Diligence (research), the CIA triad, and the OSI model. Human life is always the top priority. This episode focuses on Domain 2 of the CISSP, Asset Management.

CISSP - Domain 1 - Governance & Risk Management Feb 9, 2026 919 The CISSP exam focuses on risk management, requiring a managerial mindset to align security with business goals. Key concepts include Due Care (action) versus Due Diligence (research), the CIA triad, and the OSI model. Human life is always the top priority. This episode focuses on Domain 1 of the CISSP, Governance and Risk Management.

CGRC - Domain 7 - Continuous Monitoring & Ongoing Authorization Feb 14, 2026 1104 This podcast outlines the continuous monitoring phase of the Risk Management Framework (RMF), emphasizing the need for ongoing situational awareness in federal information systems. The provided text details how organizations must systematically track changes to technology, personnel, and operational environments to ensure that security and privacy controls remain effective over time. Key processes

CGRC - Domain 6 - Risk Acceptance Demands Budget Authority Feb 14, 2026 851 This podcast outlines essential strategies for professionals to manage technology and organizational risk through certifications and structured frameworks. One source highlights specific credentials for mastering vibe coding, CI/CD, and Agentic AI to prove technical proficiency to employers. The remaining sources detail the NIST Risk Management Framework (RMF), a comprehensive seven-step process d

CGRC - Domain 5 - Proving Security Controls With NIST 800-53A Feb 14, 2026 906 The provided podcast outlines the Risk Management Framework (RMF) developed by NIST to help organizations secure information systems and manage privacy risks. These materials explain how to categorize systems, select and implement security controls, and perform rigorous assessments to ensure safeguards function correctly. Key publications like SP 800-37 and SP 800-53A establish a structured proces

CGRC - Domain 4 - Hardening Systems & Documenting RMF Controls Feb 14, 2026 1035 This podcast details the governance, selection, and application of security and privacy controls within the NIST Risk Management Framework. The documentation outlines the CGRC certification requirements, emphasizing continuous compliance, asset monitoring, and stakeholder communication throughout a system's life cycle. Central to these sources is the NIST SP 800-53 catalog, which provides a compre

CGRC - Domain 3 - Selecting and Tailoring NIST Security Control Feb 14, 2026 1055 These sources detail the essential frameworks and training resources used to maintain robust cybersecurity and privacy standards within modern organizations. One document serves as a comprehensive catalog of technical controls, such as NIST SP 800-53, which outlines specific requirements for access management, incident response, and system integrity. Complementing these technical guidelines, the o

CGRC - Domain 2 - Mastering CGRC Domain 2 Scope & Categorization Feb 13, 2026 1007 These materials collectively outline the Risk Management Framework (RMF) and its critical role in securing federal information systems. The documentation, which includes ISC2 training guides and NIST special publications, focuses heavily on the initial stages of the RMF, specifically the categorization of information systems based on security objectives like confidentiality, integrity, and availab

CGRC - Domain 1 - Mastering CGRC Governance and Risk Feb 13, 2026 938 This instructor guide provides a foundational look at the Risk Management Framework (RMF) and the federal mandates that govern it. The material focuses on essential legislation like FISMA and the Privacy Act, while outlining how NIST standards and OMB circulars direct the protection of strategic information. To help candidates understand practical execution, the text details various organizational

Episodes

Recommended

—