Tue, 22 November 2016
Andy and Martin close out 2016 with a quick run through of the major stories of the year and look forward to what's to come in 2017. Thanks to everyone who came to BSides Atlanta! |
Mon, 24 October 2016
Martin, Steve, and Yvette discuss the recent DDoS of the DNS provider Dyn and what information security people should be considering in a world where terabit DDoS is a reality. |
Mon, 10 October 2016
Martin, Steve, and Yvette talk about recent events at Yahoo and the moral compass questions information security professionals and leaders may be forced to face when their employer appears to be doing something they shouldn't... |
Wed, 21 September 2016
For the first time we can think of it's just Yvette and Martin on this episode. The two of them talk about what to think about and what you might do if you run into some extra budget at the end of the year. Do you invest in shiny? What about services? Some training might be nice? Or so you score points with the team down the hall? |
Mon, 29 August 2016
We interview Nick Selby (@nselby) about a recent blog post where he had a less than optimal experience with a managed security service provider.
https://nselby.github.io/When-Security-Monitoring-Provides-Neither-Security-Nor-Monitoring/
|
Wed, 17 August 2016
Martin, Andy, and Steve talk about third party risk programs in light of breaches at Target, Banner Health, and other unfortunate souls. |
Tue, 28 June 2016
Joseph is on sabbatical but the rest of the crew talks about how infosec professionals should focus on their problems and how to effectively interact with "the business".
|
Mon, 6 June 2016
Guillaume’s last visit to the show: Episode 167 WWDC 2016 Security Rumors and Wishes Wishlist Reduced Annoyances and Increased Security on iOS Find us on Twitter: And if you have any feedback, questions, or comments, drop us a comment or find us at @SFSPodcast on Twitter. And if you’ve found our Facebook page, we’re sorry. We’re going to fix that up.
|
Wed, 18 May 2016
This evening, Martin sat down with Patrick Heim from Dropbox. Enjoy the interview, and the gang will be back next episode. |
Mon, 9 May 2016
The 2016 DBIR Find us on Twitter: And if you have any feedback, questions, or comments, drop us a comment or find us at @SFSPodcast on Twitter.
|
Mon, 18 April 2016
This evening, Martin, Steve, and Joseph talk about overhyped vulnerabilities, and how that affects communication with the business. Badlock’s Site Find us on Twitter: And if you have any feedback, questions, or comments, drop us a comment or find us at @SFSPodcast on Twitter. And if you’ve found our Facebook page, we’re sorry. We’re going to fix that up. |
Mon, 4 April 2016
Tonight, Martin and Joseph sit down and talk about communicating cautionary tales without turning them into FUD. US-CERT advisory on ransomware Find us on Twitter: And if you have any feedback, questions, or comments, drop us a comment or find us at @SFSPodcast on Twitter. And if you’ve found our Facebook page, we’re sorry. We’re going to fix that up. |
Tue, 22 March 2016
InfoSec programs without money are like cereal but no milk, peanut butter but no jelly, Milli but no Vanilli… (Get over it, I’m old - Martin) Martin is doing a talk on “The ABCs of Getting Your InfoSec Program Funded” and we’re going to discuss how this works in the real world at all of the different levels. Find us on Twitter: And if you have any feedback, questions, or comments, drop us a comment or find us at @SFSPodcast on Twitter. And if you’ve found our Facebook page, we’re sorry. We’re going to fix that up. |
Mon, 7 March 2016
Episode 175 - RSAC Wrapup and More... Congrats to Risky Business for winning this year’s podcast of the year! RSA: Fear and loathing at RSA: Hacking, security and the limits of protection | TechCrunch Spear Phishing: What Happens When You Dare Expert Hackers to Hack You Backdoors: Transmission Infected with KeRanger Ransomware – MacStories Find us on Twitter: And if you have any feedback, questions, or comments, drop us a comment or find us at @SFSPodcast on Twitter. |
Mon, 15 February 2016
We’ve been nominated for the 2016 Security Blogger Awards! Topic: Threat Intel Norse Corp disappears shortly after CEO is asked to step down Digital Shadows announces 14 million series B fund raising Mind Over Matter: The Importance of Intelligence in Your Threat Program - “When it comes down to it, you can’t outsource your business risk management strategy.” Threat Intelligence Indicators are not Signatures // InfoSec Zanshin Find us on Twitter: And if you have any feedback, questions, or comments, drop us a comment or find us at @SFSPodcast on Twitter. |
Mon, 1 February 2016
We’ve been nominated for the 2016 Security Blogger Awards! Topic: Vendor Relationships Trend Micro AV gave any website command-line access to Windows PCs Google security researcher excoriates TrendMicro for critical AV defects Find us on Twitter: And if you have any feedback, questions, or comments, drop us a comment or find us at @SFSPodcast on Twitter. |
Mon, 18 January 2016
Topic: Security Awareness Some people think it's a waste of time: Why you shouldn’t train employees for security awareness But, that said, it's a requirement for government agencies and regulated industries: HHS Security Awareness and Training Requirements Privacy and Security Training requirements for multiple regulations DISCUSSION & OPINION: Is Security Awareness worth the time? If you have to do it, make it better: Find us on Twitter: And if you have any feedback, questions, or comments, drop us a comment or find us at @SFSPodcast on Twitter. |