This week, Securosis founder and CEO Rich Mogull joins us to elaborate on his popular new blog series "Tidal Forces: The Trends Tearing Apart Security as We Know It." The thought-provoking articles, which will form the basis of Mogull's RSA talk next month, focus on fundamental changes in the nature of endpoints and the grand transformation toward cloud-based, as-as-service IT delivery. These changes, Mogull posits, are inflection points that will roil the multibillion dollar IT security market and require a significant rethinking of infosec by both vendors and practitioners.
The always-entertaining Joff Thyer of Black Hills Information Security shares his insights on threat hunting in the enterprise and gives advice on how information security leaders and teams can get maximum benefit from penetration tests -- from preparation and documentation to teaching moments and after-action items. We also take on more Yahoo! follies, the ongoing drama that is vendor vulnerability reporting, and the OTHER Russian hack -- the Methbot criminal enterprise stealing millions in video advertising revenues.
IANS faculty infosec experts Marcus Ranum, Dave Kennedy and Aaron Turner join me for a special edition of the IANS Information Security Podcast to discuss the recent DHS-FBI report attributing election-season hacking to Russian state-sponsored actors. We talk about the quality of the government's evidence in the matter and examine ways private-sector security professionals might be able to leverage the report's indicators of compromise to bolster their network defenses... or not.