eiqcast's Podcast

eIQcast Episode 7: FAA and Incident Response

Mike Rothman — Thu, 12 Feb 2009 14:28:06 GMT

In this episode of the eIQcast, Ross Levanto interviews Link (that's eIQ Product Evangelist John Linkous for newbies) about the recent FAA breach. Clearly the FAA had a strong incident response process in place since they disclosed the breach within a week. As with everything, there are always areas to improve, so John discusses some of the advantages of broad monitoring as well in detecting issues (and possible incidents) earlier in the process. Running time: 11:35

eIQcast Episode 6 - Configuration Audit

Mike Rothman — Wed, 04 Feb 2009 14:56:52 GMT

This week, John and Mike tackle the concept of configuration audit and why it's important to ensure devices are configured correctly. We also discuss some of the configuration "standards" out there, like Center for Internet Security and some suggestions from the US Federal Government. Running time: 12:23

eIQcast Episode 5: Heartland and PCI

Mike Rothman — Fri, 23 Jan 2009 13:20:09 GMT

This week's episode is focused on the Heartland data breach and it's eventual impact on PCI. Mike Rothman, eIQ's SVP of Strategy, is interviewed by Ross Levanto and discusses some of the specifics behind the breach and reinforces the message that log data alone is not going to catch these new attacks. More importantly, Mike talks about some of the changes that are needed with the PCI standard, given that two "PCI compliant" organizations have had high profile data breaches. Running time: 10:57

eIQcast Episode 4 - Drilldown on COSO/COBIT

Mike Rothman — Tue, 13 Jan 2009 16:23:46 GMT

In this episode, John Linkous and Mike Rothman drill deep into the COSO/COBIT framework. Why do you care? Well a good part of the acceptable practices of little regulations like Sarbanes-Oxley and FISMA are directly related to COBIT. Thus, if you have to worry about those regulations, you should be familiar with COBIT. Check it out. Running time: 11:43

eIQcast Episode 3: Compliance Automation

Mike Rothman — Wed, 24 Dec 2008 17:45:32 GMT

In the third episode of the eIQcast, John and Mike tackle the concept of compliance automation. What exactly are you automating? And how do you delve into some of the specific compliance regulations and frameworks to figure out how to do more with less. Given the economic backdrop heading into 2009, we believe that all customers will need to figure out how to make their operations much more effective and more importantly, efficient. Automation is one way to do that.

eIQcast Episode 2: Security Automation

Mike Rothman — Wed, 10 Dec 2008 15:45:47 GMT

In the second eIQcast, John and Mike discuss the need to automate security operations and some of the issues therein. The reality is that attacks have not stopped, but in this kind of macro-economic environment the opportunity to add resources to defend against attacks is limited. Thus we all need to work more effectively and more efficiently, which is what security automation is all about.

eIQcast Episode 1 - Low and Slow Attacks

Mike Rothman — Mon, 01 Dec 2008 15:16:38 GMT

In this inaugural episode of the eIQcast, Mike Rothman and John Linkous decompose a particularly nasty attack called the "low and slow" attack, which is designed to make existing defenses obsolete. Listeners will understand how the low and slow attack works and also how to defend against it using security management technology (like eIQ's SecureVue). Running time: 13:10