ISDPodcast Episode 233 for October 13, 2010. Tonight’s podcast is hosted by Rick Hayes, Keith Pachulski, and Adrian Sanabria.
Announcements:
MyHardDriveDied.com Data Recovery Class:
http://www.myharddrivedied.com
Washington, DC – December 6th – 10th
Use the Discount Code: isdpodcast for a $300 discount.
Phreaknic:
http://www.phreaknic.info
When: Oct 15-17 2010
Where: Nashville, TN
Hack3rCon:
http://www.hack3rcon.org
When: Oct 23-24 2010
Where: Charleston, WV
Recommended Oracle Security Books and Whitepapers
http://www.amazon.com/Oracle-Security-Handbook-Implement-Environment/dp/0072133252
http://www.oracle.com/pls/db111/homepage
Shoutouts!
Clinton from Baltimore, we’re going to actually devote an entire episode to your question on Friday.
Special shoutout goes to William Goatse (you know who you are) for the encouragement. Also, thanks for not Goatse’n me with the image. Though I do want to share one that is absolutely so wrong. It’s a contempor-anus styled Goatse ring! http://www.regretsy.com/2010/07/21/when-irish-goatse-are-smiling/
Interview:
Alex Hutton is a Principal in Research & Risk Intelligence with Verizon Business. Over the past 15 years he’s served a number of different roles (from grunt to executive) for various security companies. He is a co-author of the Verizon Data Breach Investigation (2009), writes regularly for the Verizon Security Blog (http://securityblog.verizonbusiness.com). He’s also a co-founder of The Society of Information Risk Analysts, and an author at the New School of Information Security blog (http://www.newschoolsecurity.com). Alex also contributes to the Cloud Security Alliance, ISM3 security management standard, the CIS metrics project and the Open Group Security Forum.
He’s also going to discuss and help us understand the Verizon Payment Card Industry Compliance Report which analyzed findings from actual PCI DSS assessments Verizon conducted between 2008 and 2009. The report also shows that only 22 percent of organizations score as compliant with the PCI DSS at their first audit.
Protecting stored data, tracking and monitoring access to network resources and cardholder data, and regularly testing security systems and processes were the top three reasons for breaches in Verizon’s 2010 Data Breach Investigations Report. And it’s those three security areas where companies are having difficulty deploying or complying with in PCI, according to Verizon.
http://www.verizonbusiness.com/resources/reports/rp_2010-payment-card-industry-compliance-report_en_xg.pdf
Tomorrow Night: Adrian Crenshaw
Friday Night: Eric Smith, Lares Consulting