CCT 343: Microsoft Defender - CISSP EOL-EOS (Part 2) - Board Translation (Segment 2)
Failed to add items
Add to basket failed.
Add to Wish List failed.
Remove from Wish List failed.
Follow podcast failed
Unfollow podcast failed
CCT 343: Microsoft Defender - CISSP EOL-EOS (Part 2) - Board Translation (Segment 2)
-
Narrated by:
-
By:
About this listen
Send us Fan Mail
Three Microsoft Defender zero-days are reportedly being exploited, and that is the kind of headline that tests whether our security program is real or just optimistic. I break down what we know, including BlueHammer (CVE-2026-33825) landing in Patch Tuesday while Red Sun and Undefend were described as still unpatched at the time, and the practical response: update fast, verify coverage, and keep your eyes on threat intel so local privilege escalation does not become a bigger incident.
From there, I keep the CISSP momentum going with Domain 2.5 retention requirements, because retention is one of those “boring” topics that turns you into a hero the day something goes wrong. We walk through why retention exists (regulatory compliance, legal mandates, litigation holds, audits, and business continuity), what you should actually retain (security logs, audit trails, backups, PCAP where it makes sense, and especially configuration files and system documentation), and how to test backup and recovery so it works when you need it. We also hit the real-world trade-offs: cost vs risk, over-retention vs under-retention, GDPR-style data minimisation, and secure disposal with documentation you can show an auditor.
Then I shift into security leadership with segment two of the boardroom cybersecurity series: five business translations that convert security speak into language boards can act on. Vulnerabilities become business exposure, alert volume becomes risk prevented, budget requests become ROI, AI threats become operational risk, and compliance becomes business continuity. If you want clearer retention policies, stronger audit readiness, and better executive buy-in, subscribe, share the show, and leave a review so more security pros can find it.
Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success.
Join now and start your journey toward CISSP mastery today!