eIQcast Episode 22: Update on PCI
Discussions about PCI-DSS rules this year have focused on how effective the guidelines really are at preventing theft of credit card data. Recent survey data indicates merely following PCI does not protect a wide range of protected data.
In the newest episode of the eIQcast, eIQneworks Product Evangelist John Linkous provides an update on PCI compliance and how far it goes to actually keep credit card data secure.
Running time: 10:38
eIQcast Episode 21: The Role of File Integrity Monitoring
In this episode of the eIQcast, Mike Rothman dives into the nuances of file integrity monitoring and why it's an important aspect of both security and compliance. One of the first things an attacker is going to do is mess around with system files, so having some mechanism to ensure that system files, registry values and the like aren't tampered with is a big part of "reacting faster" to potential security issues.
Mike also discusses how eIQ's SecureVue security and compliance management platform provides this capability through it's newly updated agent technology, continuing to show technical innovation beyond simple security information and event management (SIEM) and log management solutions.
Running time: 10:41
eIQcast Episode 20: Seeing Clearly Through the Clouds
In this latest episode of the eIQcast, eIQnetworks SVP of Strategy Mike Rothman discusses some of the challenges of cloud computing with Ross Levanto. Mike goes into the issues of maintaining visibility when networks and systems reside in someone else's datacenter, and some of the mechanisms eIQ is adding to SecureVue to help customers address this issue.
This coincides with the recent announcement from eIQnetworks regarding security and compliance management in the cloud. Check it out on http://www.eiqnetworks.com.
Running time: 11:40
eIQcast Episode 19: BUSTED! The Greatest Hacker Goes Down...
This past Monday the U.S. Justice Department charged 28 year-old Albert Gonzalez with a series of crimes that resulted in the theft of more than 130 million credit and debit card numbers from late 2006 to early 2008.
The indictment places blame for several high-profile data theft incidents on a small group of individuals who found holes in websites used to transfer the credit card data. Basically, these folks have to be the best hackers out there if they were behind every high profile data breach of the past two years.
In the latest episode of eIQcast, Security and Compliance Evangelist John Linkous reviews the charges, talks about how retailers and consumers can protect themselves, and notes how the crime was carried out by exploiting a well-known (and extremely easy to replicate) web site security weakness.
eIQcast Episode 18: eIQviews on Black Hat
eIQnetworks Senior Vice President of Strategy Mike Rothman just returned from Black Hat USA 2009 in Las Vegas, which took place from July 25-30, 2009. Mike has been to Black Hat many times, and the more things change, the more they stay the same. The presentations all lead to same conclusion: No matter who you are, where you are or how secure your network is, you are vulnerabile.
In the latest episode of the eIQcast, Mike discusses his thoughts about the latest Black Hat show, the leading attack vectors (like SSL, iPhones, and web apps), and other assorted topics with Ross Levanto.
eIQcast Episode 17: Exposed Smart Metering and Energy Security Compliance
According to published reports, one of the anticipated sessions at the upcoming Black Hat conference will show vulnerabilities within smart metering technologies that certain utilities are deploying to make the electricity grid more intelligent-- from energy production through consumption.
The big question is whether the vulnerabilities would put utilities out of compliance with energy industry regulations regarding security.
In the latest episode of the eIQcast, Ross Levanto asks eIQnetworks Product Evangelist John Linkous for a review of what we know about the vulnerabilities and the current state of security compliance within the energy industry.