IANS faculty member and Securosis CTO Adrian Lane joins me this week to talk about incentivizing security in the application development lifecycle and leveraging improvements in the security ecosystem growing up around Big Data initiatives. Lane also discusses security advantages in the cloud for those bold enough to fully embrace it and he tells me how being a gentleman farmer affects his thinking about infosec... or not.
This week, we're joined by infosec legend and firewall pioneer Marcus Ranum for a wide-ranging discussion of big ideas in network security, infosec program leadership, art, life and much more. Marcus gives us the inside dope on his Network Security: Reloaded talk and ponders which mistakes we're making today might haunt us in the future.
Securosis president and founder Mike Rothman joins me this week for a rollicking conversation about the enterprise cloud imperative and how automation and a strong SecDevOps culture are vital to cloud transformation. Mike also talks about the state of security program leadership a decade after he authored The Pragmatic CSO and we take a few shots at vendors and infosec industry hype. As one does.
Mentioned in the 'cast: Dennis Fisher's Ransomware Is Dope blog post: https://www.onthewire.io/ransomware-is-dope/
This week, IANS Chief Research Officer Stan Dolberg joins me to talk about the study of organizational engagement and its role in enterprise information security. Stan shares IANS data on security leadership performance and tells me how his passion for crafting fine studio furniture informs his approach to technology research.
This week I'm joined by by old friend and tech journalism colleague Dennis Fisher to talk about phone fraud and "card not present" scams and examine cutting edge tools to defend against these growing threats to the enterprise. We also talk security in the IoT space and take a no-holds-barred look at the state of infosec coverage in today's technology trade press.
Check out Dennis Fisher's infosec coverage at www.onthewire.io
As always just back from some exotic location, well-known IANS faculty member Jayson Street this week regales us with stories of intrigue from the world of physical security penetration testing and tells us how every enterprise should approach security from the front door to the loading dock. Jayson also talks about the sorry state of security awareness training in most organizations and offers some simple tips to keep businesses safe from e-mail fraudsters.
IANS Faculty, Debra J. Farber, joins me to talk all things data privacy and discuss how international regulations may affect U.S. businesses in the near term. She is the Sr. Director of Global Public Policy Visa (overseeing security, privacy, and cybercrime issues). Farber also shares details about Women in Security and Privacy (WISP), a San Francisco-based effort that she co-founded to attract more women into careers in information security and privacy.
Visit WISP at www.wisporg.com
Security testing and incident-response expert Kevin Beaver, author of Hacking for Dummies joins us to examine the 2016 Verizon Data Breach Investigations Report. We discuss the report's methods and conclusions and talk about real takeaways for enterprise security leaders and teams.
In the IANS Podcast studio this week we welcome fierce cloud advocate George Gerchow who talks about the must-haves every enterprise needs before making the emotional transition to cloud. George also explains the benefits of managing security controls in the cloud and tells us why Cloud Access Security Brokers (CASBs) are smoking hot right now. And he gives us some special insight into the infamous Mossack Fonseca Panama Papers as only an infosec expert with Panamanian roots really can.
IANS faculty David Etue joins us to discuss the "30-year opportunity" represented by DevOps for organizations that manage it correctly. We also discuss encryption, improvements in provider-driven cloud controls, and the importance of getting quick wins across LOBs for security team leadership efforts.