Home Insights PodcastsExample Page

Episode 180: Secure by Design Fused to Operational Practices

In episode 180 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager sit down with Stephen Thomas, SVP of Sales and Business Services at the Center for Internet Security^® (CIS^®), and Nick Rust, Director of Distribution at CIS. Together, they discuss how CIS supports secure by design by integrating it into operational practices.

Here are some highlights from our episode:

00:48. Introductions to Stephen and Nick
02:20. The need to connect development and operational environments
07:31. How CIS security best practices make cybersecurity standard and repeatable
09:19. Navigating the complexity the cloud adds to secure by design
11:44. The importance of removing guesswork for operating partners and development teams
14:21. How CIS provides the professional infrastructure for collective action in cybersecurity
16:00. Good configuration management: The bedrock of every successful security program
17:29. The use of a common language to communicate security across an organization
23:59. Shared responsibility, not shared accountability, in the cloud
27:21. A look back at how CIS did secure by design using a projectized approach
32:21. Conveying confidence around cybersecurity and compliance in the connected world
36:16. Parting pieces of advice for organizations just getting started

Resources

If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].

Subscribe to Our Podcast

As of June 23, 2025, the MS-ISAC has introduced a fee-based membership. Any potential reference to no-cost MS-ISAC services no longer applies.