Dr Jason Edwards

Certified: The CCISO Audio Course

Education EN ↓ 71 episodes

The Bare Metal Cyber CCISO Audio Course is your complete, executive-level training companion for mastering the Certified Chief Information Security Officer (CCISO) certification. Built for experienced cybersecurity professionals and strategic leaders, this Audio Course delivers over seventy focused episodes covering every domain, concept, and competency area tested on the official EC-Council exam. From governance, risk, and compliance to strategic planning, vendor oversight, and technical control management, each episode provides structured, exam-aligned instruction that bridges theory with re...

Author

Dr Jason Edwards

Category

Education

Podcast website

baremetalcyber.com

Latest episode

Oct 14, 2025

Where to listen?

Podcasts in the app Replaio Radio Coming soon

Podcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts

Get it on Google Play Install for free Android 5M+ downloads · 4.8 rating iOS soon

Episodes

Welcome to the CCISO Certification 14.10.2025

Dive into a fast, no-fluff overview of what this podcast delivers, who it’s for, and how each episode helps you level up with practical, real-world takeaways. In this trailer, you’ll hear the show’s promise, the format you can expect, and a sneak peek at the kinds of stories, tips, and expert insights coming your way. Hit follow to get new episodes as they drop and start listening smarter from day...

Episode 70: Final Exam Review and Strategy 07.07.2025

In this final episode of the prepcast, we shift focus from content to performance. You’ve learned the material—now it's time to master the test. We walk through proven strategies for final review, including how to prioritize domains, balance study time, and simulate test conditions. You’ll get tips on memory recall, cognitive pacing, and avoiding exam fatigue. We also address last-minute prep tool...

Episode 69: Vendor Risk Oversight and Auditing 07.07.2025

Vendor relationships introduce risk far beyond basic performance metrics—and in this episode, we dive into the executive oversight practices required to manage those risks. You’ll learn how to assess third-party risk using tiered models, risk questionnaires, and onsite audits. We also discuss how to require evidence of compliance, conduct assessments aligned to frameworks like ISO 27001 or SOC 2,...

Episode 68: Vendor Contracts, SLAs, and Performance Metrics 07.07.2025

Securing a vendor is only the beginning—the real work lies in managing performance, risk, and accountability. This episode focuses on the contractual elements that govern third-party relationships, including service level agreements (SLAs), key performance indicators (KPIs), penalties for non-compliance, and confidentiality clauses. You’ll learn how to review and negotiate contracts with a securit...

Episode 67: Security Procurement: RFPs, RFIs, and Vendor Selection 07.07.2025

Procurement is more than just purchasing tools—it’s a strategic process that shapes your organization's security ecosystem. In this episode, we walk you through the essentials of security procurement, including how to develop Requests for Proposals (RFPs) and Requests for Information (RFIs), establish evaluation criteria, and conduct vendor due diligence. You’ll learn how to write procurement docu...

Episode 66: ROI and Cost-Benefit Analysis for Security Investments 07.07.2025

As cybersecurity budgets grow, so does the need to justify investments with clear, measurable value. In this episode, we explore how CISOs evaluate the return on investment (ROI) of security initiatives, technologies, and services. You’ll learn how to calculate ROI using both quantitative and qualitative factors, including risk reduction, productivity gains, regulatory compliance, and reputational...

Episode 65: Security Budgeting Essentials: Managing and Adjusting Budgets 07.07.2025

Security budgeting doesn’t end once funding is approved—CISOs must continuously manage, adjust, and defend their budgets in the face of shifting priorities and evolving threats. In this episode, we explore the fundamentals of dynamic budget management, including tracking expenditures, reallocating resources, and responding to unexpected events such as incidents, audits, or compliance changes. You’...

Episode 64: Financial Management Principles for Security Leaders 07.07.2025

Financial fluency is essential for every CISO—and in this episode, we break down the core principles of financial management in the context of enterprise cybersecurity. You’ll learn how to interpret balance sheets, manage operational and capital expenditures, and build forecasts that align with multi-year strategic plans. We explain how to calculate total cost of ownership (TCO), return on investm...

Episode 63: Strategic Security Planning Frameworks (TOGAF, SABSA) 07.07.2025

Effective security leaders think in frameworks—and in this episode, we explore two of the most influential planning models for enterprise architecture: TOGAF (The Open Group Architecture Framework) and SABSA (Sherwood Applied Business Security Architecture). You’ll learn how these frameworks guide long-term security strategy by aligning governance, policy, technology, and risk with enterprise busi...

Episode 62: Aligning Security with Organizational Objectives 07.07.2025

Security is no longer a siloed function—it must be embedded in business strategy. In this episode, we examine how CISOs align cybersecurity initiatives with overarching organizational goals. You’ll learn how to interpret business drivers, engage with other executive leaders, and shape security programs that enable growth, agility, and competitive advantage. This includes aligning with priorities l...

Episode 61: Autonomous Security Operations Centers and Future Trends 07.07.2025

As security operations evolve, the idea of the autonomous SOC is moving from concept to implementation. In this episode, we explore what defines an autonomous Security Operations Center and how automation, AI, machine learning, and orchestration platforms are converging to reduce human intervention. You’ll learn about the architectural components of next-generation SOCs, including automated threat...

Episode 60: Emerging Tech in Security: AI and Machine Learning 07.07.2025

Artificial intelligence and machine learning are rapidly reshaping the cybersecurity landscape—and CISOs must understand both their potential and their limitations. In this episode, we explore how AI and ML are used in security solutions, from behavioral analytics and anomaly detection to automated threat hunting and decision support. You’ll learn how these technologies function, what data they re...

Episode 59: Virtualization Security Overview 07.07.2025

Virtualized environments introduce a unique set of security concerns that CISOs must understand and manage. In this episode, we break down how hypervisors, virtual machines, and containers work—and how these technologies change the security landscape. You’ll learn about hypervisor attacks, inter-VM threats, virtual network segmentation, and the implications of snapshot management and VM sprawl. We...

Episode 58: Mobile Device Security Essentials 07.07.2025

With mobile devices becoming core tools for business productivity, they also represent a growing attack surface that CISOs must manage. In this episode, we examine the risks posed by smartphones, tablets, and other portable devices, and the controls needed to secure them. You’ll learn how to implement mobile device management (MDM), containerization, encryption, and remote wipe capabilities. We al...

Episode 57: Physical Security Management 07.07.2025

While cybersecurity often dominates the conversation, physical security remains an essential component of any comprehensive security program. In this episode, we explore how physical controls—like access badges, surveillance systems, security guards, and biometrics—support the protection of data centers, executive offices, and other sensitive facilities. You'll learn how these controls are selecte...

Episode 56: Encryption Principles and Practices 07.07.2025

Encryption is a cornerstone of data protection, and in this episode, we break down its role in securing data both at rest and in transit. You’ll learn about the key encryption types—symmetric, asymmetric, and hashing—and how each serves a distinct purpose in confidentiality, integrity, and authentication strategies. We explore how encryption is applied across systems, from full-disk encryption and...

Episode 55: Data Security and Privacy Basics 07.07.2025

Data is the crown jewel of most organizations—and protecting it is a central responsibility of the CISO. In this episode, we explore the foundational practices for securing sensitive and regulated data, including classification, labeling, access controls, encryption, and secure disposal. You’ll learn how to define data handling requirements by type, user role, business function, and compliance reg...

Episode 54: Cloud Security Fundamentals 07.07.2025

As organizations migrate more infrastructure and services to the cloud, CISOs must adapt their strategies to manage risk in cloud environments. This episode introduces the core principles of cloud security, including shared responsibility models, identity federation, encryption of data at rest and in transit, and secure API design. You'll learn about common misconfigurations that lead to breaches,...

Episode 53: Network Security for Executives 07.07.2025

Network security remains a foundational element of cybersecurity architecture, even as perimeter boundaries blur in cloud-first and remote-enabled environments. In this episode, we provide a comprehensive overview of modern network security strategies, including segmentation, firewall deployment, IDS/IPS, secure tunneling, and zero trust network access (ZTNA). You’ll learn how to assess and design...

Episode 52: Endpoint Security Essentials 07.07.2025

Endpoints represent one of the largest attack surfaces in modern organizations, making endpoint protection a critical priority. In this episode, we cover the foundational components of endpoint security—including antivirus, EDR (Endpoint Detection and Response), application whitelisting, configuration hardening, and data loss prevention (DLP). You’ll learn how to approach endpoint protection for t...

Episode 51: Best Practices for Access Control 07.07.2025

Once you've selected the right access control model, the challenge shifts to enforcing it consistently across systems, users, and environments. In this episode, we walk through best practices for implementing, maintaining, and auditing access control systems in complex enterprises. You'll learn how to enforce least privilege, manage role creep, and reduce the risk of unauthorized access through st...

Episode 50: Access Control Models Overview 07.07.2025

Access control is foundational to every security program, and this episode introduces the core models used to govern who can access what, when, and under what conditions. We examine the primary access control models—Discretionary Access Control (DAC), Mandatory Access Control (MAC), Role-Based Access Control (RBAC), Attribute-Based Access Control (ABAC), and Rule-Based Access Control—and explain w...

Episode 49: Advanced Threat Hunting Concepts 07.07.2025

Building on the previous episode, we now explore more advanced threat hunting concepts that CISOs must understand to support elite detection capabilities. You'll learn how mature organizations move beyond one-off hunts to establish sustained, repeatable hunting programs with custom detection logic, automation pipelines, and continuous telemetry tuning. We explore how machine learning, behavior ana...

Episode 48: Threat Hunting Basics for Executives 07.07.2025

Threat hunting goes beyond traditional alert-driven detection by proactively searching for indicators of compromise within the environment. In this episode, we explore what threat hunting is, why it's becoming a critical capability, and how CISOs support and guide hunting programs. You’ll learn about the use of hypotheses, the importance of telemetry visibility, and how analysts use hunting framew...

Episode 47: Threat Intelligence for Executives 07.07.2025

Listen to the Certified: The CCISO Audio Course podcast in Replaio

Radio and podcasts in one app - free, with no sign-up. Install today and do not miss the launch

Get it on Google Play

Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.