IANS Faculty, Debra J. Farber, joins me to talk all things data privacy and discuss how international regulations may affect U.S. businesses in the near term. She is the Sr. Director of Global Public Policy Visa (overseeing security, privacy, and cybercrime issues). Farber also shares details about Women in Security and Privacy (WISP), a San Francisco-based effort that she co-founded to attract more women into careers in information security and privacy.
Visit WISP at www.wisporg.com
Security testing and incident-response expert Kevin Beaver, author of Hacking for Dummies joins us to examine the 2016 Verizon Data Breach Investigations Report. We discuss the report's methods and conclusions and talk about real takeaways for enterprise security leaders and teams.
In the IANS Podcast studio this week we welcome fierce cloud advocate George Gerchow who talks about the must-haves every enterprise needs before making the emotional transition to cloud. George also explains the benefits of managing security controls in the cloud and tells us why Cloud Access Security Brokers (CASBs) are smoking hot right now. And he gives us some special insight into the infamous Mossack Fonseca Panama Papers as only an infosec expert with Panamanian roots really can.
IANS faculty David Etue joins us to discuss the "30-year opportunity" represented by DevOps for organizations that manage it correctly. We also discuss encryption, improvements in provider-driven cloud controls, and the importance of getting quick wins across LOBs for security team leadership efforts.
On this week's show, IANS Faculty Mike Saurbaugh stops by to chat about cooperative red team/blue team strategies, ways to address the infosec skills gap by nurturing current security team members, and how he keeps a stiff upper lip while compiling the IANS Vulnerability and Breach Update every quarter.
In this week's episode, I'm joined by IANS Lead Faculty Dave Schackleford for a wide ranging discussion of the infosec topics and trends on the minds of IANS clients. We cover the hot news of the week, explore top areas of concern in cloud security, and dive into growing areas of interest including SDN and advanced SIEM initiatives. Dave and I also square off on the security community's penchant for smugness and snark. What could go wrong?
This week, I sit down with noted mainframe security expert and seasoned IT auditor Philip Young a.k.a. Soldier of Fortran for an eye-opening look into the art and science of securing legacy systems. Mr. Young shares some harsh truths and tears down some persistent misconceptions about mainframe security. We also discuss the failings of modern compliance audits and ways to improve them.
This week, the inimitable Jack Daniel, one of information security's most respected and recognizable thought leaders, sits down with us for a wide-ranging conversation on securing networks, hardening applications, organizing Bsides events, fighting the crypto wars and staying sane in this crazy business. He also shares his tips for leveraging social media and gives us a glimpse into the mind of infosec's most compelling fictional character: @InfosecNoir's Jimmy Black, Cyber Private Eye.
Bluebox Security co-founder and IANS faculty member Adam Ely joins us this week to talk about trends in appdev security and the need for stricter oversight in regulatory compliance efforts. Ely also discusses discusses how CISOs can raise their innovation game and shares tips on how he overcame his own introverted nature to become a strong voice in enterprise security.
Episode 3 of the IANS Podcast features our wrap-up of RSA 2016 with news and views straight from the conference floor. We listen in on big .gov announcements from Defense Secretary Ashton Carter and Rep. Michael McCaul (R-Texas). And we talk to IANS faculty members Dave Shackleford and Joshua Corman about the big news of the week including the DROWN vulnerability, the Hack the Pentagon initiative, and the push to make infosec pros better business leaders.