Our Terms of Use and Privacy Policy have changed. We think you'll like them better this way.

  • 00:35

    PCI: Comply to Survive; Exceed to Prosper

    in Technology

    It's all mandatory. Nothing is voluntary. The rule is if you store, process, or transmit credit card data you must be compliant with the PCI standards. And that's a global rule.

    In this podcast, security experts will engage in a lively discussion about PCI Compliance and how the planned publication date of PCI DSS and PA DSS version 3.0 will effect security teams within organizations.  Join us to better understand what incremental requirements are included, when your organization must adopt them.

    The PCI security standard dates back to mid 2005 when the major payment card brands came together to require organizations processing credit or debit cards transactions to make improvements to their IT security systems or face severe penalties if their failure to do so resulted in a network security breach and cardholder data loss. Yet to this day, payment card data is still the number one target of attackers and the universal currency of the cybercrime marketplace, leading to numerous questions and issues about the  effectiveness of PCI. Don't miss what's sure to be an insightful look back and prognostication of what's ahead for payment card industry participants within today's network environments as we witness the meteoric acceptance of mobile devices and social media technologies.

    Download the new whitepaper "Exceeding PCI compliance requirements" here https://www.ibm.com/services/forms/signup.do?source=swg-WW_Security_Organic&S_PKG=ov18649 

    Also covered in this podcast:

    POS, Payment Card Data, PCI DSS 3.0, ibm, security, x-force, qradar, security intelligence, siem, identity and access management, infosphere, guardium, websphere, datapower, key lifecycle manager, vulnerability manager, endpoint manager, intrusion

  • 00:36

    Proactive APT and Root Abuse Mitigation Techniques

    in Technology

    With growing numbers of cybercriminals and nation state actors intent upon stealing your electronic assets, disrupting your business operations and pilfering your intellectual property, you now need proactive strategies in place to mitigate risks that go beyond a traditional perimeter firewall. The most dangerous data theft threats are coming from the internal privileged user - not always the actual user, but often an external party that compromised a privileged user with Advance Persistent Threat (APT) tactics. Allowing privileged users, such as database, server, hypervisor, cloud infrastructure and storage admins, access to sensitive data unnecessarily increases the risk surface of your business and greatly simplifies an APT's mission of stealing your most valued data.  In this podcast Caleb Barlow will be joined by Vormetric Executives: CEO Alan Kessler and CSO Sol Cates, and the 2BSecure President and Former Chief Information Security Officer, Central Intelligence Agency (CIA), Bob Bigman.  We will discuss the latest data-theft trends and modern techniques to protect your data as close to the source as possible with data centric security and data firewalls across physical, virtual, private cloud and public cloud environments.  The solution will include exploration of IBM InfoSphere Guardium products, encryption techniques, strong policy controls, and security intelligence.
    Topics or interested parties may also include SafeNet, Trend Micro, Oracle, NTAP, VMware, AWS, Imperva customers using or considering TDE, FDE, volume encryption, privileged users access management (PAM), Database Account Monitoring (DAM), Vulnerability assessment tools, data discovery and data leak prevention (DLP) .  

  • 00:25

    Database Security Best Practices for Databases and Big Data

    in Technology

    Caleb talks with Joe DiPietro about practical security controls for databases and big data environments.  The following aspects of security and compliance will be covered:

    - what to monitor
    - how to discover sensitive information
    - validating security controls & database policies
    - what role does the business owner play in the security framework
    - what to protect in a big data environment
    The Ready for IBM Security Intelligence Partner Program Webinar link reference in the show is as follows:   https://www-950.ibm.com/events/swgeer/swgeer06.nsf/signin?openform&seminar=kwoamoe8zkpv4&lang=en


  • 00:31

    Database Security and Compliance with Ron Ben-Natan

    in Internet

    SQL injection attacks, insider threats and regulations are driving organizations to find new ways to secure sensitive data stored in databases.  To make matters worse, Forrester reports that 60 percent of enterprises are behind in applying database security patches.  Whereas most attention has previously been focused on securing network perimeters and client systems (firewalls, IDS/IPS, anti-virus, etc.), we are now entering a new phase where information security professionals are now being tasked with ensuring that corporate databases are secure from breaches and unauthorized changes. In this podcast Caleb talks with Ron Ben-Natan, IBM Distinguished Engineer and CTO for Data Security, Compliance and Optimization at IBM.