Best Force Majeure Podcast Podcasts (2025)

1
Doom that Came to Sanctaris E16 - The Disciple 42:55

4d ago42:55

42:55

Tragically, it appears that while our host may have rejoined us, the good Colonel is still suffering from something of an ague and is not in the best of spirits. Moreover, his choice of chaperone is clearly wanting, and we fear that they may not harbour good intentions for the continuation of our exploration... Please join us as we discover the Doo…

1
Doom that Came to Sanctaris E15 - Unwelcome Company 52:13

20d ago52:13

52:13

It appears that once again proceedings are being interrupted by uninvited guests, and we can only offer our most profuse apologies for the inconvenience and discourtesy. We will ask a colleague to attend to the matter forthwith, hopefully allowing you to continue to enjoy your exploration of this historic location. Please join us as we discover the…

1
Trailer 1:58

26d ago1:58

1:58

By Jason Edwards

1
Doom that Came to Sanctaris E14 - Purpose Walks Until The End 48:41

1M ago48:41

48:41

Alas, it seems that site security has a minor disagreement with our excursions presence - please allow us a moment to negotiate with said custodians and we are sure that the rest of the expedition will be permitted to go swimmingly... Please join us as we discover the Doom that Came to Sanctaris! Cast: Adam can be found as @maddambeltaine.bsky.soci…

1
Doom that Came to Sanctaris E13 - A History of Violence 51:07

2M ago51:07

51:07

We trust you are enjoying the archaeological wonders of the Prison of Korrath, and bid you continue follow our team of experience curators as we uncover even more of the lost history of this world... Please join us as we discover the Doom that Came to Sanctaris! Cast: Adam can be found as @maddambeltaine.bsky.social on Bluesky Ed can be found as @e…

1
Episode 100 — Emerging Regulations: AI, Sovereignty and Sector Rules 33:36

2M ago33:36

33:36

The cloud landscape is constantly evolving, and regulations are racing to keep pace. This final episode explores emerging rules governing artificial intelligence, digital sovereignty, and sector-specific requirements in areas like healthcare, finance, and critical infrastructure. These developments will shape the future of cloud security practice, …

1
Episode 99 — Records Management: Retention Schedules and Disposition 34:12

2M ago34:12

34:12

Records management defines how information is retained, archived, and ultimately disposed of. In this episode, we cover how cloud systems enforce retention schedules, integrate with compliance requirements, and apply defensible disposition when data is no longer required. Poor records management not only creates legal risk but also inflates costs a…

1
Episode 98 — Intellectual Property: Licensing, OSS Use and Patents in Cloud 35:25

2M ago35:25

35:25

Intellectual property concerns arise frequently in the cloud, where software, data, and designs may involve multiple stakeholders. This episode explores licensing models, use of open-source software (OSS), and patent issues that affect cloud adoption. We highlight why organizations must track licensing terms carefully and ensure OSS use complies wi…

1
Episode 97 — Legal for BCDR: Force Majeure, RTO/RPO and Notifications 34:09

2M ago34:09

34:09

Business continuity and disaster recovery are not just technical exercises—they also carry legal obligations. This episode covers how contracts and laws address force majeure events, define Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO), and require notification to stakeholders when disruptions occur. These legal dimensions ensu…

1
Episode 96 — Ethics & Professionalism: Codes, Conflicts and Duty of Care 34:35

2M ago34:35

34:35

Professionalism in cloud security goes beyond technical competence—it includes ethical conduct and adherence to codes of practice. This episode explains the ethical responsibilities of CCSP professionals, including conflict of interest management, duty of care, and adherence to industry codes such as the ISC2 Code of Ethics. We emphasize why trust,…

1
Episode 95 — Cloud Insurance: Coverage, Exclusions and Incident Costs 34:50

2M ago34:50

34:50

Cyber insurance has expanded into cloud-specific policies, offering organizations financial protection against breaches, outages, and other incidents. This episode explores how cloud insurance is structured, including what is typically covered, common exclusions, and how claims are assessed. We discuss why organizations must carefully review polici…

1
Episode 94 — Audit Readiness: Evidence Generation and Control Mapping 36:22

2M ago36:22

36:22

Audits test whether organizations can prove compliance with standards and contractual obligations. In this episode, we discuss audit readiness in the cloud, focusing on evidence generation, control mapping, and continuous assurance. Documentation, automated reporting, and mapping provider controls to customer responsibilities all play vital roles i…

1
Episode 93 — Third-Party Risk: Due Diligence and Continuous Monitoring 35:35

2M ago35:35

35:35

Cloud adoption almost always involves third parties, and their risk becomes your risk. This episode explains how due diligence, contract clauses, and continuous monitoring are used to manage vendor relationships. We cover the importance of evaluating a provider’s certifications, financial stability, and security practices before onboarding, and why…

1
Episode 92 — Digital Evidence: Logging, Time Sync and Admissibility 36:41

2M ago36:41

36:41

For evidence to be admissible in legal or regulatory contexts, it must be accurate, verifiable, and properly maintained. This episode explores how digital evidence is collected in cloud environments, focusing on logging, time synchronization, and data integrity. Logs must be complete, tamper-resistant, and tied to reliable time sources so investiga…

1
Episode 91 — E-Discovery: Preservation, Collection and Production in Cloud 36:11

2M ago36:11

36:11

E-Discovery obligations do not disappear in the cloud; in fact, they often become more complex. This episode explains how organizations must preserve relevant data during litigation, ensuring it cannot be altered or deleted once a legal hold is in place. We discuss the challenges of collection across distributed services, including multiple regions…

1
Episode 90 — Privacy Regulations: Cross-Border Transfers and Consent 37:20

2M ago37:20

37:20

Privacy regulations impose strict rules on how personal data is handled, especially in the cloud where cross-border transfers are routine. This episode explores the requirements for lawful transfers under frameworks such as GDPR, as well as consent obligations that ensure users’ rights are respected. We also discuss localization laws that may restr…

1
Episode 89 — Compliance Frameworks: ISO, SOC and Cloud-Specific Standards 37:43

2M ago37:43

37:43

Compliance frameworks provide benchmarks for cloud providers and customers alike. In this episode, we cover widely adopted standards such as ISO 27001, SOC 2, and cloud-specific programs like CSA STAR. We explain how frameworks provide assurance to regulators, customers, and partners, while also reducing duplication of effort through recognized cer…

1
Episode 88 — Governance & Risk: ERM, Risk Appetite and Cloud Policies 35:36

2M ago35:36

35:36

Governance provides the structure for aligning cloud security with business strategy. This episode explains how enterprise risk management (ERM) frameworks define risk appetite, set tolerance levels, and establish policies that guide cloud decisions. We examine how risk assessments inform governance structures and how policies translate high-level …

1
Episode 87 — Contracts & SLAs: Security, Privacy and Audit Clauses 36:15

2M ago36:15

36:15

Contracts and service-level agreements (SLAs) form the legal foundation of cloud relationships. This episode explores how security, privacy, and audit clauses define accountability between providers and customers. We highlight the importance of specifying uptime commitments, incident response expectations, and audit rights to ensure transparency an…

1
Episode 86 — Domain 6 Overview: Legal, Risk and Compliance 36:33

2M ago36:33

36:33

The sixth domain of the CCSP exam shifts attention from technical controls to the legal, risk, and compliance frameworks that govern cloud operations. In this episode, we introduce the core themes, including contracts, service-level agreements, international privacy rules, and regulatory obligations. While technical knowledge is essential, professi…

1
Episode 85 — Service Catalog: Standard Builds and Self-Service Controls 35:18

2M ago35:18

35:18

A service catalog provides pre-approved templates and builds that standardize cloud deployment. In this episode, we discuss how catalogs simplify operations, reduce risk, and accelerate adoption by giving users secure, vetted options. Self-service access is controlled through catalog entries, ensuring that only compliant resources can be launched w…

1
Episode 84 — Cost & Security: Guardrails for Spend with Least Privilege 36:38

2M ago36:38

36:38

Cloud introduces new financial dimensions to security. This episode explores how cost optimization intersects with security, showing how excessive privileges or poorly controlled resources can drive unexpected expenses and risks. We explain how budgets, quotas, and automated guardrails ensure both financial discipline and security hygiene. Cost gov…

1
Episode 83 — Business Continuity: Failover, Runbooks and Exercises 34:43

2M ago34:43

34:43

Business continuity in the cloud goes beyond disaster recovery; it ensures that critical services remain available under any condition. In this episode, we cover failover strategies across regions, the creation of detailed runbooks that guide recovery actions, and the role of exercises in validating readiness. Continuity planning in the cloud benef…

1
Episode 82 — Access Reviews: Just-In-Time and Just-Enough Access Workflows 33:48

2M ago33:48

33:48

Access control is only effective if it remains accurate over time. This episode explains how access reviews confirm that permissions align with roles and responsibilities, ensuring least privilege is preserved. We highlight advanced workflows such as Just-In-Time (JIT) access, which grants temporary credentials, and Just-Enough Access (JEA), which …

1
Episode 81 — Key & Secret Operations: Rotation, Expiry and Escrow 27:57

2M ago27:57

27:57

Keys and secrets are not static assets; they must be actively managed to maintain security. In this episode, we explore operational practices such as regular rotation, enforced expiry, and escrow arrangements that ensure continuity in case of emergencies. Keys left unrotated for years become predictable targets, while secrets without expiration can…

1
Episode 80 — Vulnerability Operations: Prioritization and Remediation at Scale 28:32

2M ago28:32

28:32

Vulnerability operations extend beyond scanning, focusing on how findings are prioritized, tracked, and remediated across thousands of resources. This episode covers how risk-based prioritization ensures that critical flaws are addressed first, while less urgent issues are scheduled for later remediation. We also explore automation and orchestratio…

1
Episode 79 — Configuration Management: Baselines and Continuous Compliance 28:07

2M ago28:07

28:07

Configuration management goes hand in hand with posture and change management, ensuring systems remain aligned with secure baselines. This episode discusses how baselines are established, how continuous compliance tools monitor against them, and how automated remediation closes gaps quickly. In the cloud, where drift happens rapidly, configuration …

1
Episode 78 — Change Management: Guardrails, Approvals and Exceptions 27:41

2M ago27:41

27:41

Change management ensures that updates to cloud environments are controlled, predictable, and secure. In this episode, we explore how guardrails, approval workflows, and documented exceptions keep systems stable while still allowing agility. We highlight the tension between speed and control, showing how automation can reduce friction while preserv…

1
Episode 77 — Forensics in Cloud: Acquisition, Chain of Custody and Tools 29:04

2M ago29:04

29:04

Forensics in the cloud is complicated by lack of physical access, but it remains essential for investigations. This episode examines how evidence is acquired from cloud platforms, how chain of custody is maintained, and which tools support forensic readiness. We emphasize that evidence must be gathered in a way that preserves integrity, even when d…

1
Episode 76 — Incident Response: Cloud-Specific Triage and Containment 22:04

2M ago22:04

22:04

Incident response in the cloud requires adapting traditional processes to dynamic, distributed environments. This episode covers how cloud-specific triage differs from on-premises, emphasizing challenges like volatile workloads, shared infrastructure, and rapid scaling. We discuss containment techniques that isolate affected services while minimizi…

1
Episode 75 — SOAR Playbooks: Automation for Detection and Response 33:25

2M ago33:25

33:25

Security Orchestration, Automation, and Response (SOAR) platforms transform operations by codifying response actions into playbooks. This episode explains how triggers from SIEMs or monitoring systems activate playbooks that execute repeatable, automated workflows. By reducing manual effort, SOAR accelerates response and ensures consistency across …

1
Episode 74 — Cloud Posture Management: Misconfiguration Detection and Drift 21:54

2M ago21:54

21:54

Cloud Security Posture Management (CSPM) addresses one of the leading causes of breaches: misconfiguration. In this episode, we explore how CSPM tools automatically detect weaknesses, enforce baselines, and identify drift from secure configurations. Cloud environments evolve rapidly, and without posture management, small errors can scale into criti…

1
Episode 73 — SIEM & Analytics: Ingesting and Correlating Cloud Telemetry 21:02

2M ago21:02

21:02

Security Information and Event Management (SIEM) systems remain a cornerstone of security operations, but in the cloud, they must adapt to ingest vast amounts of telemetry from distributed sources. This episode explains how SIEM platforms collect, normalize, and correlate cloud logs, enabling advanced analytics that reveal patterns and anomalies ac…

1
Episode 72 — Monitoring Strategies: Metrics, Logs and Traces in Cloud 22:56

2M ago22:56

22:56

Effective monitoring is at the heart of cloud security operations, providing the visibility required to detect, analyze, and respond to threats. In this episode, we discuss monitoring strategies that combine metrics for performance, logs for events, and traces for end-to-end transaction visibility. Each of these telemetry sources provides a differe…

1
Episode 71 — Domain 5 Overview: Cloud Security Operations 24:18

2M ago24:18

24:18

Domain 5 introduces the operational side of cloud security, where the focus shifts from architecture and design to the day-to-day activities that ensure systems remain secure, resilient, and compliant. This episode provides a roadmap of the domain, highlighting monitoring strategies, posture management, automation, incident response, and business c…

1
Episode 70 — Secure Delivery: Blue/Green, Canary and Rollback Safety 22:24

2M ago22:24

22:24

Delivery strategies determine how applications are released into production, and security must be considered at every step. In this episode, we compare blue/green deployments, canary releases, and rollback mechanisms, showing how each method reduces risk by limiting exposure to new code. These approaches provide safety nets when changes fail or int…

1
Episode 69 — DevSecOps: Pipelines, Gates and Automated Policy 22:46

2M ago22:46

22:46

DevSecOps integrates security into every stage of the development and delivery process. This episode explains how pipelines enforce security gates, how automated policies validate code and infrastructure, and how feedback loops accelerate remediation. By embedding security in workflows, DevSecOps reduces friction and strengthens trust in deployment…

1
Episode 68 — Configuration Management: Feature Flags and Secure Defaults 24:11

2M ago24:11

24:11

Configuration management ensures that applications run consistently and securely across environments. In this episode, we explore how feature flags, environment variables, and default settings play critical roles in security posture. Misconfigured defaults are a leading cause of breaches, making it vital to enforce secure baselines and monitor for …

1
Episode 67 — Containerized Apps: Image, Registry and Runtime Controls 24:20

2M ago24:20

24:20

Containers bundle applications and dependencies, but their security depends on careful control across the lifecycle. This episode examines how images are built, stored in registries, and deployed in runtime environments. We highlight risks such as outdated base images, poisoned registries, and misconfigured container permissions. Hardening requires…

1
Episode 66 — Serverless Apps: Event Injection and Least Privilege Design 22:58

2M ago22:58

22:58

Serverless applications offer scalability and efficiency but bring unique risks. In this episode, we explore how event-driven models introduce vulnerabilities such as event injection, where malformed inputs can manipulate logic or trigger unintended behavior. We also highlight the critical role of least privilege in securing serverless functions, e…

1
Episode 65 — Runtime Protections: Behavior Monitoring and Application Shielding 23:38

2M ago23:38

23:38

Even well-tested applications face threats once deployed, making runtime protection essential. This episode covers technologies that monitor application behavior in real time, including runtime application self-protection (RASP), anomaly detection, and shielding mechanisms that block malicious inputs. These controls provide a last line of defense a…

1
Episode 64 — Dynamic & Interactive Testing: DAST and IAST in CI/CD 24:58

2M ago24:58

24:58

Dynamic Application Security Testing (DAST) examines applications while they are running, simulating external attacks to uncover vulnerabilities that may not appear in source code. Interactive Application Security Testing (IAST) combines elements of both static and dynamic testing, instrumenting the application to monitor its behavior during execut…

Podcasts Worth a Listen

Force Majeure Podcast

Podcasts Worth a Listen

Quick Reference Guide