

Hosted by Jason Edwards · 🇺🇸 US · EN · 83 episodes
Established thought leaders with verified media credentials.
The **CIS Critical Security Controls Audio Course** is a comprehensive, audio-first training series that guides listeners through all eighteen **CIS Controls**, transforming one of the world’s most respected cybersecurity frameworks into clear, actionable learning. Designed for professionals, students, and auditors alike, this series explains each control in practical, plain language—focusing on how to implement, assess, and sustain them in real environments. With eighty-three structured episodes, the course walks you step by step through the safeguards that define effective cybersecurity, helping you understand not only what to do but why each measure matters.The **CIS Controls**, maintained by the Center for Internet Security, represent a globally recognized set of prioritized actions proven to reduce the most common and dangerous cyber risks. Organized across eighteen control families—from inventory and configuration management to incident response and data recovery—the framework
Jason Edwards hosts Framework: The Center for Internet Security (CIS) Top 18 Controls, a technology show with 83 episodes published.


Safeguard 18.2 extends penetration testing to include internal assessments and red team exercises that emulate an attacker with initial access. Internal testing evaluates how far a threat could move laterally, escalate p

Safeguard 18.1 requires organizations to establish and maintain a formal penetration testing program that includes recurring external assessments. External tests simulate real-world attackers operating from outside the e

Control 18—Penetration Testing—closes the CIS framework by validating how well all other controls perform under real-world conditions. While vulnerability scanning identifies potential weaknesses, penetration testing goe

The remaining safeguards in Control 17 reinforce the full lifecycle of incident response—spanning preparation, communication, testing, and continuous improvement. These include assigning key response roles, defining secu

Safeguard 17.2 emphasizes the importance of testing the incident response plan through structured tabletop exercises. These simulations bring together key personnel—from technical teams to executives—to rehearse decision

Safeguard 17.1 requires organizations to establish and maintain a comprehensive incident response process that defines scope, roles, responsibilities, and communication procedures. This process must include not only the

Control 17—Incident Response Management—defines how an organization prepares for, detects, responds to, and learns from security incidents. Even the most robust defenses can be breached, and when that happens, success de

The remaining safeguards under this control expand beyond coding and testing to address the full ecosystem in which applications live. They include maintaining an inventory of third-party components (a software bill of m

This safeguard advances assurance by requiring a structured process to accept and address reported vulnerabilities and by embedding testing that sees both code and behavior. Static analysis inspects source or bytecode wi

This safeguard directs organizations to formalize a secure application development process and set explicit standards for how code is designed, written, reviewed, and released. Secure coding practices begin with consiste

A secure software lifecycle integrates security activities into every stage of building and operating applications—planning, design, development, testing, deployment, and maintenance—so that weaknesses are prevented earl

The remaining safeguards in Control 15 round out a complete third-party risk program by adding structured assessment, continuous monitoring, and secure decommissioning. After building the inventory and embedding security

Safeguard 15.2 ensures that contracts with service providers explicitly define security expectations and obligations, creating enforceable accountability. Every vendor relationship introduces risk, and legal agreements m

Safeguard 15.1 requires organizations to establish and maintain a complete inventory of all service providers that store, process, or access enterprise data. This inventory must include vendor classification, assigned bu

Control 15—Service Provider Management—addresses the growing reliance on third-party vendors and the risks that accompany it. In today’s interconnected ecosystems, external partners often handle sensitive data or manage

The remaining safeguards under Control 14 extend awareness beyond general staff by emphasizing continuous reinforcement, contextual learning, and cultural integration. They include training employees to recognize and rep

Safeguard 14.3 focuses on providing targeted, role-based training to employees whose responsibilities involve elevated privileges or specialized technical duties—such as system administrators, developers, and IT support

Safeguard 14.2 emphasizes the use of phishing simulations to test, measure, and improve employee awareness of social engineering attacks. Phishing remains the most prevalent method for initial compromise, exploiting huma

Safeguard 14.1 requires organizations to establish and maintain a formal security awareness program that educates the workforce on secure behaviors and threat recognition. The program should define clear objectives, trai
Sponsor detection runs nightly. Check back soon.
No public pitch examples yet for this show.
Generate your own personalised pitchBased on semantic analysis of episode topics and host coverage, this show is a strong guest fit for executives in:
Industry fit is computed by PitchCentric using vector embeddings of the show's episode catalog.
Shows with the most semantically similar episode content. Pitch one, pitch all; producers cluster.








Framework: The Center for Internet Security (CIS) Top 18 Controls has a verified contact on file. Create a free PitchCentric account to access it and generate a personalised pitch in seconds. Research at least 3 recent episodes first and lead with a specific angle that serves their technology audience.
Framework: The Center for Internet Security (CIS) Top 18 Controls is hosted by Jason Edwards. The show is categorised under technology (education) and has published 83 episodes.
Framework: The Center for Internet Security (CIS) Top 18 Controls has published 83 episodes.
Framework: The Center for Internet Security (CIS) Top 18 Controls regularly covers technology, education, courses. It sits in the technology category, with a education focus.
Framework: The Center for Internet Security (CIS) Top 18 Controls is accessible for guests with genuine technology expertise. A personalised, episode-aware pitch will still outperform a generic one every time.
Framework: The Center for Internet Security (CIS) Top 18 Controls hasn't explicitly signalled guest openness in recent episodes. That doesn't rule out pitching. your hook just needs to be especially compelling and relevant to their recent content.
Episodes of Framework: The Center for Internet Security (CIS) Top 18 Controls average 11 minutes. a focused format where a clear narrative arc and tight preparation matter most.
Our data rates Framework: The Center for Internet Security (CIS) Top 18 Controls's guest bar at 80/100 (Premium tier). Established thought leaders with verified media credentials. Sign in to PitchCentric to see how your own Pod Score compares against this show.
Methodology. Booking Probability™ blends Listen Score, 30-day Virality, open-to-guests detection, and Apple ratings. Data refreshed every 60 minutes. Listen Score and Booking Probability are calculated by PitchCentric. Last enriched today.