Mon, 29 October 2012
For the first time in who knows how long, we had the whole crew on the show this evening, and we hit some really fun stories. First, there are a few upcoming InfoSec events that you might want to be aware of. First, BSidesDFW is this upcoming weekend, November the 3rd: http://www.securitybsides.com/w/page/50488342/BSidesDFW%202012. Next weekend are three different BSides events, BSidesDelaware, Portland, and Jackson: http://www.securitybsides.com/w/page/28563447/BSidesDelaware http://www.securitybsides.com/w/page/40113672/BsidesPDX http://www.securitybsides.com/w/page/53447313/BSidesJackson Then we jumped into our first story for the evening, the recent breach in South Carolina: http://www.cbsnews.com/8301-505245_162-57542255/haley-taxpayer-info-didnt-need-to-be-encrypted/ http://www.reuters.com/article/2012/10/29/us-usa-cybersecurity-southcarolina-idUSBRE89S13T20121029 Once our heads stopped spinning from some of those quotes, we went into a pretty cool, old style hack that Barnes and Noble recently disclosed: http://www.wired.com/threatlevel/2012/10/barnes-and-noble-pos-hack/ From those, we transitioned into a discussion on Incident Response: http://www.infosecisland.com/blogview/22470-Have-You-Added-Personas-to-your-Incident-Response-Program.html As well as Mike Rothman's great article on security tradeoffs: http://www.darkreading.com/blog/240010015/making-security-trade-offs.html After our MAD Security Minute for the week, we wrapped up with a discussion of IAM from Darkreading: http://www.darkreading.com/identity-and-access-management/167901114/security/news/240009630/7-costly-iam-mistakes.html As always, you can find the podcast here or on iTunes: http://sfspodcast.libsyn.com And if you have any feedback, drop us a comment or find us at @SFSPodcast on Twitter.