In the IANS Podcast studio this week we welcome fierce cloud advocate George Gerchow who talks about the must-haves every enterprise needs before making the emotional transition to cloud. George also explains the benefits of managing security controls in the cloud and tells us why Cloud Access Security Brokers (CASBs) are smoking hot right now. And he gives us some special insight into the infamous Mossack Fonseca Panama Papers as only an infosec expert with Panamanian roots really can.
IANS faculty David Etue joins us to discuss the "30-year opportunity" represented by DevOps for organizations that manage it correctly. We also discuss encryption, improvements in provider-driven cloud controls, and the importance of getting quick wins across LOBs for security team leadership efforts.
On this week's show, IANS Faculty Mike Saurbaugh stops by to chat about cooperative red team/blue team strategies, ways to address the infosec skills gap by nurturing current security team members, and how he keeps a stiff upper lip while compiling the IANS Vulnerability and Breach Update every quarter.
In this week's episode, I'm joined by IANS Lead Faculty Dave Schackleford for a wide ranging discussion of the infosec topics and trends on the minds of IANS clients. We cover the hot news of the week, explore top areas of concern in cloud security, and dive into growing areas of interest including SDN and advanced SIEM initiatives. Dave and I also square off on the security community's penchant for smugness and snark. What could go wrong?
This week, I sit down with noted mainframe security expert and seasoned IT auditor Philip Young a.k.a. Soldier of Fortran for an eye-opening look into the art and science of securing legacy systems. Mr. Young shares some harsh truths and tears down some persistent misconceptions about mainframe security. We also discuss the failings of modern compliance audits and ways to improve them.