Videos

Don Bailey on mobile device threats, mobile device security policy

In this video, researcher Don Bailey of iSec Partners discusses the myriad threats facing corporate mobile devices, and how to stop them.
IT patch management best practices: Overcoming the challenges

This presentation on vulnerability and IT patch management best practices discusses the challenges of improving testing and deployment processes.

PCI tokenization: Credit card security policy guidance

Experts Diana Kelley and Ed Moyle discuss the PCI guidelines on tokenization, and how the technology could aid your enterprise.
PCI encryption, virtualization standards: Interpreting PCI guidelines

Get expert advice on understanding the PCI encryption requirements and virtualization guidance in this video.
Enterprise encryption strategy: The path to simple data encryption

This primer on enterprise encryption strategy covers use cases for various devices and data types, and offers strategies for simple data encryption.
Marcus Ranum on cyberwar, critical infrastructure protection

Network security expert Marcus Ranum explains why he believes cyberwarfare is only a tool for powerful nation states and discusses how Stuxnet supports his premise.
Enterprise mobile security risks prompt revised mobile protection strategy

Cybercriminals will find ways to bypass native security restrictions on smartphones and other devices, says security luminary Winn Schwartau.
Improve mobile malware protection, lower data loss risks by locking down devices

Mobile malware has been minimal, but attackers are developing attacks that target smartphones to gain access to sensitive data, says security luminary Winn Schwartau.
IE9 security, Apple security issues: Video with Gartner’s Neil MacDonald

In this video, Gartner’s Neil MacDonald discusses patch management, IE9 security, his Windows 8 security wish list and protecting Apple computers.
RSA SecurID attack, social engineering threat analysis from Gartner's Neil MacDonald

In this video, Gartner Vice President Neil MacDonald discusses the SecurID attack at RSA, APT realities and the growing enterprise social engineering threat.
Ramon Krikken on tokenization vs. encryption, PCI tokenization

The Gartner IT1 research director discusses tokenization vs. encryption, PCI tokenization to reduce audit scope and lagging tokenization standards.
Gartner’s Ramon Krikken on Web application security scanners

In this video, learn how to get the most out of Web application security scanners, and the four key elements for a successful implementation.
Gartner Security Summit attendees on IT security, government issues

When managing IT security, government infosec pros face unique risks. Check out these Q&As from the 2011 Gartner Security & Risk Management Summit.
Web 2.0 tutorial: Security awareness for Web 2.0 attacks

Robert "Rsnake" Hansen discusses Web 2.0 attacks that pose serious security risks to enterprises and their security landscape.
PCI analysis: Wade Baker on Verizon PCI report findings

In this video, Verizon's Director of Risk Wade Baker explains the company's PCI report and what it has to say about the state of the standard.
Narcissistic vulnerability pimp: Baker on researchers and bug bounties

In a blog post, Verizon Director of Risk Wade Baker proposed a new title for security researchers looking to get attention who release bug information before a patch is released: Narcisstic vulnerability pimps.
Verizon VERIS: Wade Baker discusses incident sharing

In this video, Wade Baker discusses his company's incident sharing system, Verizon VERIS, and explains how they hope to improve the incident response process.
Marcus Ranum on the consequences of poor software design

Marcus Ranum discusses the consequences of poor software design and what can be done to ensure this does not happen in the future.
Defense in Depth 2.0

This video will offer an executive overview of not only the key business and technical issues that have necessitated a dramatic change in defense in depth design, but also how to develop a strategy that can be used to drive an organization’s layered defense tactics amid a threat landscape that has evolved rapidly in the last 1-2 years.
Jim Lewis on cyberwarfare, secure infrastructure collaboration

In this video, the director of the Center for Strategic and International Studies discusses cyberwar and the need for collaborative infrastucture protection.
Jim Lewis on SCADA security threats, Stuxnet analysis

Jim Lewis, Director and Senior Fellow at the Center for Strategic and International Studies, gives his analysis of the Stuxnet worm, and what he believes are the greatest threats to SCADA systems.
Secure software development: Getting started

Chris Eng, senior security researcher at Veracode Inc., explains how firms can get started improving their software development processes.
Using Windows 7 security features in your data protection program

Lisa Phifer discusses Windows 7 security features like AppLocker, User Access Controls, BitLocker and BitLockerToGo, Volume Shadow Copy and DirectAccess.
Intersecting state and federal data protection acts and regulations

Expert Richard Mackey discusses data protection acts and regulations from Massachusetts and Nevada and shows why compliance plays such an important role.