Feb 262009
 

 

Link to MP3

Episode 16 is up and running.  Jim and I cover a lot of news again in this episode.  Also, Jim goes a little crazy with the geek toys, but it is all really cool stuff and good info.  We get into some PCI futures, playing off of Rich Mogull’s ideas on the subject.  And we have a good cert discussion as well.

Show notes:

InfoSec News Update:

Discussion: Continued from Martin’s Network Security Podcast Episode 139 and Rich’s post - Will Outbound monitoring and filtering be the next PCI requirement?
Geek Toys:

Consultants Corner: Top three security certifications (uhhh, yeah…)

Music Notes:

Dec 112008
 

 

Link to MP3

Show Notes:

Segment 1: InfoSec News Update (Michael gets to do a little talkin’ here – and he promptly screws it up):

  • New Security Awareness video on YouTube – kinda cheesey, but a pretty good production
  • Digittrade HD Encryption Broken- “in our test, unscrewing the housing took longer than cracking its encryption mechanism.”
  • Lenovo’s new Facial recognition software defeated by printed photo
  • Massachusetts new law – 201 CRM 17.00 – “Every person that owns, licenses, stores or maintains personal information about a resident of the Commonwealth shall develop, implement, maintain and monitor a comprehensive, written information security program applicable to any records containing such personal information” – a civil penalty of $5,000 may be awarded for each violation of 93H. In addition, under the portion of 93H concerning data disposal, businesses can be subject to a fine of up to $50,000 for each instance of improper disposal. Requires – Regular Monitoring, Documenting responsive actions taken during breach, and reasonable monitors of systems.
  • File Under DUH!Symantec Discovers Cybercrime makes money – estimates value around $1.7Bil
  • Really simple PCI FAQ that you should be aware of
  • Apple and the AntiVirus Debate – In a written statement sent to security news site Securityfocus.com, Apple explained their decision to pull the document: “We have removed the KnowledgeBase article because it was old and inaccurate,” Apple said in a statement sent to SecurityFocus. “The Mac is designed with built-in technologies that provide protection against malicious software and security threats right out of the box. However, since no system can be 100 percent immune from every threat, running antivirus software may offer additional protection.”

Discussion: BLATANT FUDPatching at the Enterprise level – Securina “virtually every Windows PC is at risk” – 98% of Windows computers are missing patches – 46% were missing more than 11 patches

Segment 2: Geek Toys and Consultants Corner

  • Geek Toys – Kensington Portable Power outlet – AS SEEN ON REGIS AND KELLY!!!!
  • Consultants Corner – Helping client dealing with a breach (specifically as how it relates to compliance issues)

Music Notes: NEW – CHECK OUT THE LINKS TO THE BANDS ON PODSHOW.COM