It's dangerous world out there, and guys like Jon Condra are here to help us make sense of it. The Director of East Asian Research and Analysis at risk and threat intelligence firm Flashpoint, Jon joins me this week to talk about the recent Flashpoint Business Risk Intelligence Decision Report he authored and share his insights on emerging threats from Russia, China, North Korea and a host of other international bad actors.
After a busy week in infosec, we needed help sorting the wheat from the chaff. Enter IANS most prolific and acerbic faculty member, Dave Shackleford, to deliver the smackdown of truth on proposed updates to the ubiquitous NIST Framework, the present and future states of ransomware in the age of WannaCry, and the real value of President Trump's new cybersecurity executive order.
The WannaCry ransomware attack garnered global attention, but what should organizations be doing today to defend themselves against these types of attacks in the future? What’s the likelihood of a copycat attack in the near future? Was this simply a test for future, larger attacks?
IANS Faculty Dave Kennedy, president and CEO of TrustedSec and frequent guest on major news networks such as CNN and Fox, stops by the IANS studio to review the latest details surrounding the WannaCry attack and offer tips for thwarting future attacks, from disabling SMB-1 to implementing application whitelisting.
Special Guest David Dewey, head of research at Pindrop Security, drops by to talk about Pindrop's comprehensive report on the frightening state of call-center fraud. We discuss how phone fraudsters, aided by VOIP and other call-manipulation technologies, are costing large enterprises millions in account takeovers, fraudulent purchases and returns, bogus money transfers and the occasional mayhem just for the lulz.
If it's springtime in New England, it must be time for faculty member Kevin Beaver to join us on the podcast to examine the Verizon Data Breach Investigations Report better known as the DBIR. This week we dive into the 10th annual report and talk about what the findings say about our seeming inability to eradicate even basic security shortcomings like lousy passwords, porous web apps and our insatiable penchant for clicking on stuff. Any stuff.
Kevin and I also spend a few minutes talking about the Trump administration's efforts to improve security in federal government agencies and departments. And Kevin tells us why his passion for racing souped-up Mazda Miatas maybe isn't so crazy after all.
The IANS Podcast hits the road this week, meeting up with cloud expert and presentation powerhouse George Gerchow at our Washington DC Forum for a wide-ranging discussion of all things enterprise cloud security. George shares insights into the white-hot Cloud Access Security Broker (CASB) market, and dishes on behind-the-curtain action at the Big 3 cloud providers.
George also dives into SecDevOps, and talks about the need for coding savvy for infosec leaders in the new "security as code" world. He also shares how his other life pursuit as an accomplished musician informs his work as an information security thought leader.
This week, IANS Faculty Raffy Marty stops by to dish on the buzz -- and the hype -- surrounding machine learning and artificial intelligence in security. The VP of all things analytics at Sophos also talks improvements in visualization, trends in endpoint protection, and the need for better asset inventories and data classification in today's enterprises.
Well-known IT security and services expert Lawrence Walsh joins me this week to share his deep insights for vetting and working with managed security services provider (MSSPs) in a variety of settings. Larry and I also share a wide-ranging discussion of infosec industry trends, hits and misses from the recent RSA Conference, and the impact of the Trump administration on the tech sector.
This week I'm joined by IANS faculty member and Incite Learning founder Dr. David C. Kolb to talk about his popular series of organizational engagement and leadership skills courses now in their second year at the IANS Information Security Forums. David shares his thoughts on new sessions for 2017 targeting negotiation skills and the ability to thrive in the chaos that defines most infosec environments.
We also get in some Super Bowl talk and discuss how David's years as an outdoorsman and Outward Bound program leader have informed his work helping corporate executives hone their soft skills.
This week, Securosis founder and CEO Rich Mogull joins us to elaborate on his popular new blog series "Tidal Forces: The Trends Tearing Apart Security as We Know It." The thought-provoking articles, which will form the basis of Mogull's RSA talk next month, focus on fundamental changes in the nature of endpoints and the grand transformation toward cloud-based, as-as-service IT delivery. These changes, Mogull posits, are inflection points that will roil the multibillion dollar IT security market and require a significant rethinking of infosec by both vendors and practitioners.