Tag Archives: GRC

Defensive Security Podcast Episode 43

More advice from Bob; PCI 3 is here; Stats from a survey of malware analysts; A report from EastWest on measuring the Cyber Security Problem; The benefits of a GRC program; and we talk about web defacements.

Subscribe in iTunes | Podcast RSS Feed | Twitter Email
PCI 3: http://www.bankinfosecurity.com/critiquing-new-version-pci-dss-a-6208
Study of malware analysts, highlighting that it’s apparently common to not disclose breaches: http://www.threattracksecurity.com/documents/malware-analysts-study.pdf
EastWest produces document outlining need for better incident/breach metrics: https://dl.dropboxusercontent.com/s/84odmpmtoee7rbu/MCP%20Final%2010_22_2013.pdf
VERIS Community already has this: http://www.veriscommunity.net/doku.php?id=public and it’s part of the input for the DBIR
Benefits of a grc application: http://www.computerworld.com/s/article/9243025/The_best_data_security_offense_is_a_good_defense?taxonomyId=17&pageNumber=1