Bedste CSF-podcasts (2025)

1
A Mom’s Story of Suffering, Silence, and Surrender with June Jameson 42:22

22d ago42:22

42:22

***This podcast deals with mature topics such as personal struggles, abuse, or trauma. Certain episodes may not be appropriate for sensitive ears.*** In this powerful and deeply moving episode of Hope Stories, Sister Josephine Garrett is joined by June Jameson, a Catholic artist and mother of nine, to share her story of crisis, suffering, and ultim…

1
When We No Longer Believe the Sign of Peace with Nubia Torres 38:18

1M ago38:18

38:18

***This podcast deals with mature topics such as personal struggles, abuse, or trauma. Certain episodes may not be appropriate for sensitive ears.*** In this deeply moving episode of Hope Stories, Sister Josephine Garrett sits down with her lifelong friend Nubia Torres, a Catholic woman and immigration advocate whose life and career have been devot…

1
When Grief Shattered Her Faith, This Mom Found Christ Waiting in the Silence with Kelly Breaux 50:36

2M ago50:36

50:36

***This podcast deals with mature topics such as personal struggles, abuse, or trauma. Certain episodes may not be appropriate for sensitive ears.*** In this episode of Hope Stories, Sr. Josephine Garrett, CSFN, sits down with Kelly Breaux, co-founder of Red Bird Ministries, to share her powerful story of loss, faith, and healing. Kelly and her hus…

1
God Is Heartbroken Too: Emily Frase on NFP, Trauma, and Catholic Motherhood 1:05:14

2M ago1:05:14

1:05:14

***This podcast deals with mature topics such as personal struggles, abuse, or trauma. Certain episodes may not be appropriate for sensitive ears.*** When Emily Frase started blogging, she didn’t expect to become one of the boldest voices challenging the way the Catholic Church talks about Natural Family Planning (NFP). In this episode, Emily sits …

1
Why She Stays: Noelle Garcia’s Radical Trust in a Wounded Church 35:46

2M ago35:46

35:46

***This podcast deals with mature topics such as personal struggles, abuse, or trauma. Certain episodes may not be appropriate for sensitive ears.*** In this heartfelt episode of Hope Stories, Sister Josephine welcomes Noelle Garcia, Catholic speaker, mom of six, and ministry veteran, for a powerful conversation about worship, wounds, and staying w…

1
Be Not Afraid of the Life-Giving Wounds with Fr. Thomas Berg 52:00

3M ago52:00

52:00

***This podcast deals with mature topics such as personal struggles, abuse, or trauma. Certain episodes may not be appropriate for sensitive ears.*** In this powerful episode, Sister Josephine welcomes Father Thomas Berg, Ph.D., priest of the Archdiocese of New York, professor, author, and former member of the Legionaries of Christ. His deeply pers…

1
Season Three Introduction: To stand in the Church and hurt 21:54

3M ago21:54

21:54

***This podcast deals with mature topics such as personal struggles, abuse, or trauma. Certain episodes may not be appropriate for sensitive ears.*** Welcome to Season 3 of Hope Stories with Sister Josephine. In this Season 3 opening episode, Sister Josephine Garrett shares how the mission of this podcast is shifting into even deeper territory: wha…

1
PODCAST CSF Épisode 27: Parlons finances avec Jade : conseils, parcours et résilience 48:36

5M ago48:36

48:36

Dans cet épisode, on s’assoit avec Jade, une conseillère financière dévouée, qui partage des réflexions sur son parcours, sa philosophie et les principes clés qui guident son travail avec ses clients. Que ce soit pour bâtir des stratégies financières à long terme ou pour naviguer à travers les fluctuations du marché, Jade nous explique comment elle…

1
RC.CO-04 - Sharing Public Recovery Updates 19:04

8M ago19:04

19:04

RC.CO-04 involves sharing public updates on incident recovery using approved channels and messaging, such as breach notifications or preventative steps, to inform affected parties or the broader community. This ensures transparency about recovery efforts and future safeguards, maintaining public trust. It addresses external expectations post-incide…

1
RC.CO-03 - Communicating Recovery Progress 19:19

8M ago19:19

19:19

RC.CO-03 ensures recovery activities and progress are shared with designated stakeholders—like leadership and suppliers—consistent with response plans and agreements. This includes regular updates on restoration status, adhering to contractual protocols for information sharing. It keeps all parties informed and aligned during recovery. This subcate…

1
RC.RP-06 - Declaring Recovery Completion 19:18

8M ago19:18

19:18

RC.RP-06 declares the end of recovery once predefined criteria are met, finalizing the process with a comprehensive after-action report detailing the incident, actions, and lessons learned. This formal closure ensures all steps are documented for review and improvement. It marks the return to full normalcy. This subcategory aligns with risk managem…

1
RC.RP-05 - Confirming System Restoration 18:56

8M ago18:56

18:56

RC.RP-05 verifies the integrity of restored assets—checking for lingering threats or root causes—before returning systems to production, confirming normal operations. This involves testing restoration adequacy to ensure functionality and security are fully restored. It finalizes recovery with assurance. This subcategory aligns with risk goals by en…

1
RC.RP-04 - Restoring Critical Functions Post-Incident 19:15

8M ago19:15

19:15

RC.RP-04 considers critical mission functions and cybersecurity risks to define post-incident operational norms, using impact records to prioritize restoration order. This involves collaboration with system owners to confirm successful recovery and monitor performance for adequacy. It ensures recovery aligns with strategic goals. This subcategory a…

1
RC.RP-03 - Verifying Backup Integrity 18:29

8M ago18:29

18:29

RC.RP-03 ensures backups and restoration assets are checked for integrity—free of compromise or corruption—before use in recovery efforts. This verification prevents reintroducing threats or using unreliable data, safeguarding the restoration process. It guarantees a clean starting point for recovery. This subcategory aligns with risk management by…

1
RC.RP-02 - Prioritizing Recovery Actions 19:15

8M ago19:15

19:15

RC.RP-02 involves selecting, scoping, and prioritizing recovery actions based on incident response plan criteria and available resources, adapting as needs shift. This ensures efforts focus on critical systems first, balancing speed with effectiveness in execution. It operationalizes recovery with precision. This subcategory aligns actions with ris…

1
RC.RP-01 - Launching Incident Recovery Efforts 18:02

8M ago18:02

18:02

RC.RP-01 initiates the recovery phase of the incident response plan once triggered, ensuring all responsible parties are aware of their roles and required authorizations. This begins during or after containment, focusing on restoring affected systems and services systematically. It transitions the organization from response to recovery. This subcat…

1
RS.MI-02 - Eradicating Incident Threats 18:38

8M ago18:38

18:38

RS.MI-02 ensures incidents are fully eradicated, removing threats like malware or unauthorized access through automated system features or manual responder actions. This can involve third-party support, such as MSSPs, to eliminate root causes and residual risks. It restores systems to a secure state. This subcategory aligns eradication with risk go…

1
RS.MI-01 - Containing Cybersecurity Incidents 18:09

8M ago18:09

18:09

RS.MI-01 focuses on containing incidents to prevent their expansion, using automated tools like antivirus or manual actions by responders to isolate threats. This can involve third-party assistance (e.g., ISPs) or redirecting compromised endpoints to remediation VLANs, limiting damage. It stops incidents from spreading further. This subcategory ali…

1
RS.CO-03 - Sharing Information with Stakeholders 20:00

8M ago20:00

20:00

RS.CO-03 involves sharing incident information with designated stakeholders—both internal, like leadership, and external, like ISACs—consistent with response plans and agreements. This includes voluntary sharing of anonymized attack data or updates on insider threats with HR, enhancing situational awareness. It ensures relevant parties stay informe…

1
RS.CO-02 - Notifying Stakeholders of Incidents 18:55

8M ago18:55

18:55

RS.CO-02 ensures timely notification of internal and external stakeholders—like customers, partners, or regulators—about incidents, following breach procedures or contractual obligations. This includes notifying law enforcement when criteria and approvals dictate, maintaining transparency and compliance. It keeps affected parties informed and engag…

1
RS.AN-08 - Assessing Incident Magnitude 19:10

8M ago19:10

19:10

RS.AN-08 estimates and validates an incident’s magnitude by assessing its scope and impact, searching other targets for indicators of compromise or persistence. This involves manual reviews or automated tools to confirm the extent of damage or spread, refining initial assessments. It quantifies the incident’s true reach. This subcategory aligns ana…

1
RS.AN-07 - Preserving Incident Data Integrity 19:08

8M ago19:08

19:08

RS.AN-07 focuses on collecting and preserving incident data and metadata—such as source and timestamps—using chain-of-custody procedures to ensure integrity. This comprehensive gathering supports forensic analysis and compliance, protecting evidence from alteration. It ensures data remains a trustworthy resource for investigation. This subcategory …

1
RS.AN-06 - Recording Investigation Actions 18:57

8M ago18:57

18:57

RS.AN-06 ensures that all investigative actions during an incident—like system checks or containment steps—are meticulously recorded, with integrity and provenance preserved. This involves immutable logs by responders and detailed documentation by the incident lead, safeguarding evidence for legal or audit purposes. It maintains a reliable investig…

1
RS.AN-03 - Investigating Incident Causes 18:21

8M ago18:21

18:21

RS.AN-03 conducts detailed analysis to reconstruct incident events, identify involved assets, and pinpoint root causes, such as exploited vulnerabilities or threat actors. This includes examining deception technologies for attacker behavior insights, aiming to understand both immediate triggers and systemic issues. It provides the foundation for ef…

1
RS.MA-05 - Initiating Incident Recovery 18:40

8M ago18:40

18:40

RS.MA-05 applies predefined criteria to determine when to shift from response to recovery, based on incident characteristics and operational considerations. This decision balances containment success with potential disruptions from recovery actions, ensuring a smooth transition. It marks the pivot to restoring normalcy. This subcategory aligns reco…

1
RS.MA-04 - Escalating Incidents When Needed 19:39

8M ago19:39

19:39

RS.MA-04 ensures incidents are escalated or elevated to higher levels of authority or expertise when their complexity or impact exceeds initial handling capabilities. This involves tracking incident status and coordinating with designated stakeholders, both internal and external, for additional support. It maintains control over evolving incidents.…

1
RS.MA-03 - Categorizing and Prioritizing Incidents 19:45

8M ago19:45

19:45

RS.MA-03 categorizes incidents—such as ransomware or data breaches—and prioritizes them based on scope, impact, and urgency, balancing rapid recovery with investigation needs. This detailed review assigns incidents to specific response strategies, ensuring appropriate resource allocation. It organizes chaos into actionable steps. This subcategory a…

1
RS.MA-02 - Triaging and Validating Incident Reports 19:00

8M ago19:00

19:00

RS.MA-02 involves triaging and validating incident reports to confirm their cybersecurity relevance and need for response, applying severity criteria to prioritize action. This preliminary review filters out non-issues, ensuring resources focus on genuine threats like breaches or malware. It streamlines the initial handling of reported events. This…

1
RS.MA-01 - Executing the Incident Response Plan 18:51

8M ago18:51

18:51

RS.MA-01 initiates the execution of the incident response plan in coordination with third parties—like outsourcers or suppliers—once an incident is confirmed. This includes designating an incident lead and activating additional plans (e.g., business continuity) as needed to support response efforts. It ensures a structured, collaborative approach t…

1
DE.AE-08 - Declaring Incidents Based on Criteria 20:00

8M ago20:00

20:00

DE.AE-08 involves declaring incidents when adverse events meet predefined criteria, such as severity or scope, ensuring a formal response is triggered. This process accounts for known false positives to avoid unnecessary escalation, applying criteria to event characteristics systematically. It marks the transition from detection to response. This s…

1
DE.AE-07 - Enhancing Analysis with Threat Intelligence 19:23

8M ago19:23

19:23

DE.AE-07 integrates cyber threat intelligence and contextual data—like asset inventories or vulnerability disclosures—into adverse event analysis to enhance accuracy and relevance. This involves securely feeding intelligence to detection technologies and personnel, enabling rapid analysis of supplier or third-party advisories. It enriches understan…

1
DE.AE-06 - Sharing Adverse Event Information 19:37

8M ago19:37

19:37

DE.AE-06 ensures that information about adverse events is promptly shared with authorized staff—such as SOC teams and incident responders—and integrated into response tools. This includes generating alerts, assigning tickets in ticketing systems, and providing access to analysis findings at all times. It enables swift, coordinated action against de…

1
DE.AE-04 - Estimating the Impact of Adverse Events 19:31

8M ago19:31

19:31

DE.AE-04 estimates the impact and scope of adverse events to gauge their potential harm, using tools like SIEMs or manual analysis to assess affected assets and severity. This process refines initial estimates through review, ensuring a clear understanding of consequences like data loss or downtime. It informs prioritization of response efforts. Th…

1
DE.AE-03 - Correlating Data from Multiple Sources 19:09

8M ago19:09

19:09

DE.AE-03 correlates information from diverse sources—like logs, sensors, and threat intelligence—to build a unified picture of potential adverse events. This involves consolidating log data into centralized servers and using event correlation tools (e.g., SIEM) to identify patterns or connections. It enhances detection by linking disparate clues in…

1
DE.AE-02 - Analyzing Adverse Events for Insights 18:44

8M ago18:44

18:44

DE.AE-02 focuses on analyzing potentially adverse events to understand their nature, using tools like SIEM systems to examine log events for malicious or suspicious activity. This includes leveraging cyber threat intelligence to characterize threat actors, tactics, and indicators of compromise, supplemented by manual reviews where automation falls …

1
DE.CM-09 - Detecting Threats Across Technology Stacks 20:08

8M ago20:08

20:08

DE.CM-09 involves monitoring hardware, software, runtime environments, and associated data to detect adverse events like malware, phishing, or tampering. This includes tracking authentication attempts, configuration changes, and endpoint health to identify risks such as unauthorized software or credential attacks. It ensures a deep, system-level vi…

1
DE.CM-06 - Monitoring External Service Providers 19:10

8M ago19:10

19:10

DE.CM-06 requires monitoring the activities and services of external providers—like cloud platforms or ISPs—to detect adverse events that could impact the organization. This includes tracking remote administration or onsite maintenance by third parties for deviations from expected behavior. It ensures external dependencies don’t become blind spots.…

1
DE.CM-03 - Tracking Personnel and Technology Usage 18:37

8M ago18:37

18:37

DE.CM-03 monitors personnel activity and technology usage to identify potentially adverse events, such as insider threats or policy violations, using tools like behavior analytics and access logs. This includes tracking unusual access patterns or interactions with deception technologies, like honeypot accounts, to detect malicious intent. It focuse…

1
DE.CM-02 - Watching the Physical Environment for Threats 18:30

8M ago18:30

18:30

DE.CM-02 involves monitoring the physical environment housing technology assets to detect adverse events, such as unauthorized access or tampering with controls like locks and alarms. This includes reviewing logs from badge readers and visitor records for unusual patterns, supplemented by tools like cameras and security guards. It protects the phys…

1
DE.CM-01 - Monitoring Networks for Adverse Events 18:06

8M ago18:06

18:06

DE.CM-01 focuses on continuously monitoring networks and network services, such as DNS and BGP, to detect potentially adverse events like unauthorized connections or traffic anomalies. This involves comparing real-time network flows against established baselines to identify deviations that could signal a security threat. It ensures visibility into …

1
PR.IR-04 - Maintaining Resource Capacity for Availability 18:03

8M ago18:03

18:03

PR.IR-04 maintains sufficient resource capacity—storage, compute, power, and bandwidth—to ensure system availability, monitoring usage and forecasting needs. This proactive scaling prevents performance bottlenecks or failures that could disrupt operations. It aligns capacity planning with risk and resilience objectives. This subcategory supports un…

1
PR.IR-03 - Building Resilient Technology Systems 20:06

8M ago20:06

20:06

PR.IR-03 implements mechanisms like redundant storage, load balancing, and high-availability components to meet resilience requirements under both normal and adverse conditions. This avoids single points of failure, ensuring systems remain operational during disruptions. It supports continuous service delivery aligned with risk goals. This subcateg…

1
PR.IR-02 - Shielding Assets from Environmental Threats 19:59

8M ago19:59

19:59

PR.IR-02 safeguards technology assets from environmental threats like flooding, fire, or excessive heat, using physical protections and resilient infrastructure. This includes requiring service providers to mitigate such risks in their operations, ensuring consistent protection across owned and outsourced systems. It maintains asset availability un…

1
PR.IR-01 - Protecting Against Unauthorized Network Access 18:45

8M ago18:45

18:45

PR.IR-01 protects networks and environments from unauthorized logical access by segmenting them based on trust boundaries (e.g., IT, IoT, OT) and restricting communications to essentials. This includes zero trust architectures and endpoint health checks to limit access to verified devices only. It prevents intruders from moving freely within system…

1
PR.PS-06 - Securing the Software Development Process 17:38

8M ago17:38

17:38

PR.PS-06 integrates secure development practices into the software lifecycle, protecting code from tampering and ensuring releases have minimal vulnerabilities. This includes monitoring performance to maintain security in production and securely disposing of software when obsolete. It ensures organization-developed software meets high security stan…

1
PR.PS-05 - Preventing Unauthorized Software Use 17:03

8M ago17:03

17:03

PR.PS-05 prevents the installation and execution of unauthorized software by restricting platforms to approved applications and verifying software integrity before use. This includes using approved DNS services to block malicious domains and limiting execution to permitted products where risk warrants. It reduces the risk of malware or unvetted sof…

1
PR.PS-04 - Enabling Continuous Monitoring with Logs 17:22

8M ago17:22

17:22

PR.PS-04 requires configuring systems, applications, and services to generate log records that support continuous monitoring, ensuring visibility into activities and events. This includes securely sharing logs with centralized infrastructure for analysis, tailored to needs like zero trust architectures. It provides the data needed to detect and res…

1
PR.PS-03 - Managing Hardware Lifecycles 16:24

8M ago16:24

16:24

PR.PS-03 ensures hardware is maintained, replaced, or securely removed based on its security capabilities and risk profile, such as replacing devices unable to support modern software protections. This includes planning for end-of-life support and disposing of hardware responsibly to prevent data leakage. It keeps the physical infrastructure secure…

1
PR.PS-02 - Maintaining Software Security 16:31

8M ago16:31

16:31

PR.PS-02 focuses on maintaining, replacing, or removing software based on risk, including timely patching, updating container images, and phasing out end-of-life versions. This ensures software remains supported and secure, reducing vulnerabilities from outdated or unauthorized applications. It includes plans for obsolescence to manage lifecycle ri…

1
PR.PS-01 - Implementing Configuration Management 17:44

8M ago17:44

17:44

PR.PS-01 establishes and applies configuration management practices to maintain secure baselines for hardware, software, and services, adhering to the principle of least functionality. This involves testing and deploying hardened configurations while reviewing defaults for potential risks during installations or upgrades. It ensures platforms are s…

Podcasts der er værd at lytte til

CSF Podcasts

Podcasts der er værd at lytte til

Hurtig referencevejledning