The Southern Fried Security Podcast
Join Andy Willingham, Martin Fisher,Steve Ragan, Yvette Johnson, and Joseph Sokoly as they discuss information security, news, and interview interesting people. Get in the discussion at www.southernfriedsecurity.com.

We're joined by our newest team member - Zach Lanier!

The crew discusses the recent events at RSA in the context of "What Should A CISO DO?"

Here are some of the stories we found...

Calm

http://www.govinfosecurity.com/podcasts.php?podcastID=1050
http://www.scmagazineuk.com/the-impact-of-the-rsa-token-data-breach-is-still
-undetermined/article/198935/

Panic

http://www.channelregister.co.uk/2011/03/24/rsa_securid_news_blackout/
http://blogs.computerworlduk.com/jericho-forum/2011/03/after-the-breach---ho
w-secure-is-rsas-securid/
http://www.americanbanker.com/bulletins/-1034737-1.html

FUD

http://www.digitalidnews.com/2011/03/23/ironkey-protects-banks-and-their-cus
tomers-from-rsa-securid-data-breach
(alt)
http://www.istockanalyst.com/business/news/4990527/ironkey-introduces-protec
tion-for-banks-and-their-customers-from-rsa-securid-data-breach
http://www.networkworld.com/news/2011/032311-rsa-securid-backdoor.html?page=
1
http://www.businesswire.com/news/home/20110322006389/en/Swivel-Secure-Authen
tication-Expert-Comments-RSA-Security
http://www.microscope.co.uk/news/rivals-move-to-plug-gap-left-by-rsa-uncerta
inty/

We'll be back next time with more fun and stories!


Direct download: SFS_Podcast_-_Episode_48.mp3
Category:podcasts -- posted at: 9:04pm EDT

Well, the boys are short the News Yankee this week...

 

Joseph is back from South By Southwest and BSides Austin and gives a brief rundown on the doings there.

 

Martin interviews Larry Ponemon about the "Cost of Compliance" study recently published by the Ponemon Institute.

 

Andy?  He's just hanging out with the infant.

Direct download: SFS_Podcast_-_Episode_47.mp3
Category:general -- posted at: 8:20pm EDT

Once again, we have the whole gang together, as we discuss two groups of stories that fit together nicely. 

We do have some upcoming cons for the southern oriented of us.  

First is the upcoming BSidesAustin, held in sunny Austin, TX. It's this weekend (March 11-12), and full details can be found at http://www.keepsecurityweird.org/  

A little farther down the road is the second year for HouSecCon. November 3rd, held in Houston, TX. The CFP just went out, and if last year was any indication, this year is gonna rock as well. Full details here: http://houstonseccon.com/ 

But on to the discussions of the week: 

The first group of articles talks about the CSO's relationship with the business, particularly in talking about the things that the business should know: 

http://www.thesecuritysamurai.com/2011/02/28/5-things-business-people-should-know-about-internet-security/

http://www.csoonline.com/article/print/670463 

But you can't talk about the business without talking about the technology side of things, and Andy's favorite company, the Goog, has given us some good stuff to talk about this week. Android devices have been taking off rapidly, and Wells Fargo has given us some interesting insight into their inner workings by just saying "No." to outside devices: 

http://www.thetechherald.com/article.php/201109/6891/Google-pulls-56-malicious-apps-from-Android-Marketplace

http://www.networkworld.com/news/2011/030711-wells-fargo-smartphones-tablets.html?page=1 

As always, you can find the podcast here: http://sfspodcast.libsyn.com/rss

And if you have any feedback, drop us a comment or find us at @SFSPodcast on twitter.

Direct download: SFS_Podcast_-_Episode_46.mp3
Category:podcasts -- posted at: 9:14pm EDT

Again, we're sorry that Andy moving to Google mail caused the outage.  We promise to provide more warning when Andy finally breaks down and buys an iPad...

This week the guys discuss....

Is Stress Making You Want To Crack?

http://www.darkreading.com/security-monitoring/167901086/security/security-management/229219084/under-growing-pressure-security-pros-may-be-ready-to-crack-study-says.html

HIPAA penalties finally hit the big time...

http://www.csoonline.com/article/669067/hipaa-privacy-actions-seen-as-warning

Couple of Google stories...  First, a small percentage but large number of users get their gmail accounts reset...

https://www.infosecisland.com/blogview/12162-Gmail-Data-Vanishes-Into-the-Cloud.html

And Google introduces 2-Factor Authentication for gmail....

http://www.darkreading.com/authentication/167901072/security/client-security/229218478/google-introduces-two-factor-authentication-option.html

Direct download: SFS_Podcast_-_Episode_45.mp3
Category:podcasts -- posted at: 8:47pm EDT