All Episodes
Displaying 61 - 90 of 113 in total
PR.AA-02 - Verifying Identities for Credential Issuance
PR.AA-02 requires verifying the identities of individuals or entities before binding them to credentials, tailoring the proofing process to the context of their intend...
PR.AA-03 - Authenticating Users and Devices
PR.AA-03 mandates the authentication of users, services, and hardware to verify their identity before granting access to organizational assets. This can include multif...
PR.AA-04 - Securing Identity Assertions
PR.AA-04 focuses on securing identity assertions—digital statements used to convey authentication and user information—across systems like single sign-on or federated ...
PR.AA-05 - Enforcing Access Control Policies
PR.AA-05 establishes a policy-driven approach to managing access permissions, ensuring they are granted based on need (least privilege) and distinct roles (separation ...
PR.AA-06 - Controlling Physical Access to Assets
PR.AA-06 addresses the management and monitoring of physical access to assets, using controls like security guards, cameras, and locked entries to restrict entry based...
PR.AT-01 - Training Personnel on Cybersecurity Basics
PR.AT-01 ensures that all personnel—employees, contractors, and partners—receive basic cybersecurity awareness and training to handle tasks securely. This includes rec...
PR.AT-02 - Preparing Specialists for Cybersecurity Roles
PR.AT-02 targets individuals in specialized roles—like cybersecurity staff, finance personnel, or senior leaders—with tailored training to address role-specific risks....
PR.DS-01 - Protecting Data-at-Rest
PR.DS-01 focuses on securing data-at-rest—stored in files, databases, or devices—using encryption, digital signatures, and physical controls to protect confidentiality...
PR.DS-02 - Securing Data-in-Transit
PR.DS-02 secures data-in-transit—moving across networks or communications—using encryption and integrity checks like digital signatures to prevent interception or alte...
PR.DS-10 - Safeguarding Data-in-Use
PR.DS-10 protects data-in-use—actively processed in memory or applications—by removing it when no longer needed and isolating it from other users or processes on the s...
PR.DS-11 - Ensuring Reliable Data Backups
PR.DS-11 ensures that data backups are regularly created, securely stored, and tested to maintain availability and integrity for recovery purposes. This includes near-...
PR.PS-01 - Implementing Configuration Management
PR.PS-01 establishes and applies configuration management practices to maintain secure baselines for hardware, software, and services, adhering to the principle of lea...
PR.PS-02 - Maintaining Software Security
PR.PS-02 focuses on maintaining, replacing, or removing software based on risk, including timely patching, updating container images, and phasing out end-of-life versi...
PR.PS-03 - Managing Hardware Lifecycles
PR.PS-03 ensures hardware is maintained, replaced, or securely removed based on its security capabilities and risk profile, such as replacing devices unable to support...
PR.PS-04 - Enabling Continuous Monitoring with Logs
PR.PS-04 requires configuring systems, applications, and services to generate log records that support continuous monitoring, ensuring visibility into activities and e...
PR.PS-05 - Preventing Unauthorized Software Use
PR.PS-05 prevents the installation and execution of unauthorized software by restricting platforms to approved applications and verifying software integrity before use...
PR.PS-06 - Securing the Software Development Process
PR.PS-06 integrates secure development practices into the software lifecycle, protecting code from tampering and ensuring releases have minimal vulnerabilities. This i...
PR.IR-01 - Protecting Against Unauthorized Network Access
PR.IR-01 protects networks and environments from unauthorized logical access by segmenting them based on trust boundaries (e.g., IT, IoT, OT) and restricting communica...
PR.IR-02 - Shielding Assets from Environmental Threats
PR.IR-02 safeguards technology assets from environmental threats like flooding, fire, or excessive heat, using physical protections and resilient infrastructure. This ...
PR.IR-03 - Building Resilient Technology Systems
PR.IR-03 implements mechanisms like redundant storage, load balancing, and high-availability components to meet resilience requirements under both normal and adverse c...
PR.IR-04 - Maintaining Resource Capacity for Availability
PR.IR-04 maintains sufficient resource capacity—storage, compute, power, and bandwidth—to ensure system availability, monitoring usage and forecasting needs. This proa...
DE.CM-01 - Monitoring Networks for Adverse Events
DE.CM-01 focuses on continuously monitoring networks and network services, such as DNS and BGP, to detect potentially adverse events like unauthorized connections or t...
DE.CM-02 - Watching the Physical Environment for Threats
DE.CM-02 involves monitoring the physical environment housing technology assets to detect adverse events, such as unauthorized access or tampering with controls like l...
DE.CM-03 - Tracking Personnel and Technology Usage
DE.CM-03 monitors personnel activity and technology usage to identify potentially adverse events, such as insider threats or policy violations, using tools like behavi...
DE.CM-06 - Monitoring External Service Providers
DE.CM-06 requires monitoring the activities and services of external providers—like cloud platforms or ISPs—to detect adverse events that could impact the organization...
DE.CM-09 - Detecting Threats Across Technology Stacks
DE.CM-09 involves monitoring hardware, software, runtime environments, and associated data to detect adverse events like malware, phishing, or tampering. This includes...
DE.AE-02 - Analyzing Adverse Events for Insights
DE.AE-02 focuses on analyzing potentially adverse events to understand their nature, using tools like SIEM systems to examine log events for malicious or suspicious ac...
DE.AE-03 - Correlating Data from Multiple Sources
DE.AE-03 correlates information from diverse sources—like logs, sensors, and threat intelligence—to build a unified picture of potential adverse events. This involves ...
DE.AE-04 - Estimating the Impact of Adverse Events
DE.AE-04 estimates the impact and scope of adverse events to gauge their potential harm, using tools like SIEMs or manual analysis to assess affected assets and severi...
DE.AE-06 - Sharing Adverse Event Information
DE.AE-06 ensures that information about adverse events is promptly shared with authorized staff—such as SOC teams and incident responders—and integrated into response ...
