Mar 31 2014

Network Security Podcast, Episode 330

Published by at 1:09 pm under Podcast

It only took 4+ weeks, but Martin and Zach are back on the air. Rich is back to his “(Inter)National Man of Mystery” routine, so he missed out on the somewhat lively discussion about drones, “secure” browsers, PCI, and, of course, the NSA.

Network Security Podcast, Episode 330
Time: 37:27

Show Notes:

[Slashdot] [Digg] [Reddit] [] [Facebook] [Technorati] [Google] [StumbleUpon]

One response so far

One Response to “Network Security Podcast, Episode 330”

  1. Marco Tietzon 31 Mar 2014 at 2:34 pm

    Martin, Zach,
    good to have you back.

    re: Target/Trustwave
    Hopefully this will lead to a larger conversation about compliance vs security. The QSAs are really stuck in a tough spot. You are right, the companies driving PCI are not solving for ‘improving security’ but ‘making sure we are in PCI DSS compliance’. Realistically there should be a large overlap, but this is not the goal here.
    On the other hand we are guilty as well. Every time you argue for a security measure with ‘we need it for PCI’ you are actually hurting yourself in the long run and train your team to only listen to ‘compliance’.

%d bloggers like this: