Careers Information Security Podcast

As people increasingly turn to information assurance to start - or re-start - a career, the nation's community colleges play a greater role in job training. Erich Spengler, professor at Moraine Valley Community College near Chicago, discusses: The role of community colleges in information assurance education; Challenges and opportunities for two-year programs; Where to begin when considering your next career move. Spengler has over 20 years experience in Information Systems and holds an MBA from Loyola University of Chicago and an MS in Computer Science from the University of Illinois - Springfield. In addition to serving as a tenured professor of Computer Integrated Technologies at Moraine Valley Community College, Erich also serves as a Guest Lecturer at Northwestern University and as the Director and Principle Investigator for the National Science Foundation (NSF) Regional Center for Systems Security and Information Assurance (CSSIA @ www.cssia.org). Erich holds several industry certifications includ

Interview with Shirley Inscoe and BC Krishna, Authors of Insidious: How Trusted Employees Steal Millions and Why It's so Hard for Banks to Stop Them Insider fraud has always been a risk for banking institutions, but this risk has only grown in the past year. And so has the size of the crimes. Shirley Inscoe and BC Krishna of Memento have written a new book, "Insidious: How Trusted Employees Steal Millions and Why It's so Hard for Banks to Stop Them." In an exclusive interview, the authors discuss: What's most misunderstood about insider fraud; How organizations are responding to the threat; Advice for what banking institutions can do today to prevent insider crimes. Inscoe, Memento's Director of Financial Services Solutions, had a distinguished 24-year career at Wachovia, the fourth largest bank in the U.S. Throughout her tenure at Wachovia, Inscoe held a series of increasingly responsible positions in risk management, regulatory compliance, and loss reduction initiatives. She is a member of the Americ

It's one of the newest and most popular stops on the Washington, D.C. tour, and its artifacts of history leave clues for how information security professionals should approach their future. The International Spy Museum has just celebrated its 7th year and its 5 millionth visitor, says Executive Director Peter Earnest, a former CIA officer who's run the museum since its inception. In an exclusive interview, Earnest discusses: the museum's goals and growth plans; who visits the museum and what they get from the experience; lessons to be learned by today's information security professionals. Earnest is a 35-year veteran of the Central Intelligence Agency (CIA). He served 25 years as a case officer in its Clandestine Service, primarily in Europe and the Middle East. He ran intelligence collection and covert action operations against a range of targets including Soviet Bloc representatives and Communist front organizations. As Museum director, he has played a leading role in its extraordinary success as

The past year has been an education for anybody in the banking industry. And the year's events have also had an impact on banking education, says Kirby Davidson, President and CEO of the Graduate School of Banking at the University of Wisconsin-Madison. In an exclusive interview, Davidson discusses: How the past year has influenced banking education; How banking education will continue to involve; What it takes to start a banking career today. Davidson is actively involved in new product development, curriculum design, alumni relations, online distance education, and marketing and strategic alliances with sponsoring organizations and business partners. Prior to joining GSB, Kirby was VP of Marketing for a national trade association, the Conference of State Bank Supervisors, in Washington, DC. He was recruited to develop and manage their new marketing department, overseeing nationwide marketing and membership campaigns, implementation of a new customer relationship database, and image-branding promotional

Organizations are doing a good job protecting their operating systems, but they're leaving their critical applications vulnerable to dangerous cyber threats. This is the key takeaway - and to some extent the surprise - of the new Top Cybersecurity Risks report released on Sept. 15 by TippingPoint, Qualys, the Internet Storm Center and SANS Institute. In an exclusive interview about the report, Alan Paller, Director of Research at SANS, discusses: The key messages to organizations about cyber risks; Trends to watch in the coming months; What organizations can do now to minimize their vulnerability. Paller founded SANS in 1989 to provide graduate-level education to cybersecurity professionals. In the intervening years, more than 80,000 people have learned their technical security skills - from forensics to penetration testing to intrusion detection, in SANS courses. Today he focuses on identifying the tipping points that can turn the tide against the growing wave of cyber crime and cyber espionage. He h

Legal Insights on Data Privacy Trends and Breach Response Your organization has been breached - how should you immediately respond? How should you not respond? Alysa Hutnik, attorney with Kelley Drye in Washington, D.C., specializes in information security and privacy, counseling clients on what to do after a security breach. In an exclusive interview, Hutnik discusses: Do's and don'ts following a data breach; Privacy legislation trends for 2010; What organizations can do today to prevent privacy/security challenges tomorrow. Hutnik is an Associate with Kelley Drye whose practice includes representing clients in all forms of consumer protection matters. In particular, she specializes in advertising, privacy, and data security law. She frequently conducts workshops and gives speeches on advertising, privacy, and data security compliance. She is often quoted on these issues in major business and law journals and newsletters, and has authored numerous advertising, privacy, and data security articles. Ms. H

Interview with Srinivas Mukkamala When it comes to incident response, there's nothing for critical than first response. And first response skills are exactly what students are attaining in a unique information assurance program offered by New Mexico Tech. In an exclusive interview, Srinivas Mukkamala of New Mexico Tech discusses: How the school's First Responders program works; Qualifications of students enrolled in the program, and how it helps them prepare for careers; Advice for individuals looking to start - or jump-start - a career in information assurance. Mukkamala, one of CAaNES' owners and its interim-Director of Operations, is a senior research scientist with ICASA (Institute for Complex Additive Systems Analysis, a statutory research division of New Mexico Tech performing work on information technology, information assurance, and analysis and protection of critical infrastructures as complex interdependent systems) and Adjunct Faculty of the Computer Science Department of New Mexico Tech. He

Schools are back in session in the U.S., the weather is cooling, and the fall flu season is close at hand. So, how should businesses and government agencies prepare for the expected widespread return of the H1N1 virus? Regina Phelps, a noted expert in pandemic preparedness, updates us on H1N1, discussing: What we have learned so far about the pandemic; Good - and bad - examples of pandemic preparedness; How individuals and organizations can take steps today to ensure effective response to H1N1. Phelps is an internationally recognized expert in the field of emergency management and continuity planning. With over 26 years of experience, she has provided consultation and educational speaking services to clients in four continents. She is founder of Emergency Management & Safety Solutions, a consulting company specializing in emergency management, continuity planning and safety.

Information security requirements and challenges change on a daily basis - and with them come growing opportunities for individuals with skills in digital forensics. Rob Lee, a director with Mandiant and curriculum lead for digital forensic training at SANS Institute, discusses: the growing need for digital forensics skills; today's top challenges and how organizations are tackling them; career prospects for individuals in digital forensics. Lee has more than 13 years experience in computer forensics, vulnerability and exploit discovery, intrusion detection/prevention, and incident response. Rob graduated from the U.S. Air Force Academy and served in the U.S. Air Force as a founding member of the 609th Information Warfare Squadron, the first U.S. military operational unit focused on Information Operations. Later, he was a member of the Air Force Office of Special Investigations where he conducted computer crime investigations, incident response, and computer forensics. Prior to joining MANDIANT, he dir

Ten years ago, the National Security Agency (NSA) started up the Centers of Academic Excellence program to encourage stronger information assurance programs at colleges and universities. Initially, there were 7 designated CAE schools. Today, the ranks have swollen to over 100 CAE-designated schools, and information assurance professionals are much better prepared to tackle the cybersecurity challenges we face. Dickie George, Information Assurance Technical Director within the NSA, discusses: The CAE program's core mission; Benefits of the program for participating schools and students; What to expect from CAE in its second decade. George began at the National Security Agency in August 1970 after graduating from Dartmouth College. He started in the Crypto-Math Intern Program, having tours in Research, the SIGINT Directorate, and the Information Assurance Directorate's (IAD) predecessor organization. Except for a tour in the Signals Intelligence Directorate (SID) and one at the Center for Communications

Interview with Dr. David Dampier on Mississippi State's Unique Program Mississippi State University's 'Wounded Warriors' program is all about providing digital forensics training for soldiers and sailors transitioning home from Iraq, Afghanistan and elsewhere in the world. In an exclusive interview, Dr. David Dampier, associate professor in the university's department of computer science and engineering - and an Army veteran - discusses: Details of the 'Wounded Warriors' program; Job prospects for returning veterans; How this program has impacted other training opportunities at Mississippi State. Dampier is an Associate Professor in the Department of Computer Science and Engineering and serves as the Director of the National Forensics Training Center at Mississippi State University. The NFTC is a USDOJ-funded center that provides law enforcement officers free training in digital forensics. He is a retired Army officer with over 20 years of service. His research interests are in digital forensics and sof

Opportunities - and Salaries - are up for the Right People with the Right Skills The economy has been down, but job opportunities are up for information security professionals with the right skills. This is the posture of David Foote, CEO and chief research officer of Foote Partners, an IT workforce research firm. In an exclusive interview, Foote discusses: The hottest IT security skills and certifications; Hiring trends and areas of growth in the coming months; Complementary skills that also are in high demand. Foote has long been one of the nation's leading industry analysts tracking, analyzing and reporting on IT workforce management and compensation practices, trends and issues. His columns, articles and contributions appear regularly in dozens of publications. As Foote Partners' CEO and Chief Research Officer since 1997, David leads a senior team of experienced former McKinsey & Company, Gartner, META Group, and Towers Perrin analysts and consultants, and former HR, IT, and business executives,

With the heightened focus on cybersecurity - and increased incidents of insider crimes - the digital forensics practice has also gained a higher profile in both the private and public sectors. Keith Barger, a forensics veteran, currently serves as a director in KPMG's forensics practice in Houston, TX. In an exclusive interview, Barger discusses: Myths and realities about forensics; How businesses and government agencies are employing forensics today; Tips on where your organization can acquire forensics skills. Barger joined KPMG in 2006 after six years as a Special Agent and Digital Forensics and e-Discovery Western Regional Coordinator and Project Manager with the Department of Justice, Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF). Keith has extensive experience with e-Discovery, the Amended Federal Rules of Civil Procedure, digital forensic investigations, forensic methodologies, computer evidence recovery, and data analysis. Barger specializes in electronic data discovery, data

The Heartland data breach and July's denial of service (DDoS) attacks against government agencies are among the biggest information security incidents of the year. And they've pushed incident response into the spotlight. Peter Allor is on the Steering Committee of the Forum for Incident Response and Security Teams (FIRST.org), and in this interview he discusses: Key incident response issues facing organizations today; What we've learned from the Heartland and government DDoS incidents; How to prepare for a successful career in incident response. Allor is a member of the Forum for Incident Response and Security Teams (FIRST) Steering Committee, a forum for security and incident information exchange between teams international. He also is the program manager for cyber incident & vulnerability Handling for IBM, where he is responsible for guiding the company's overall security initiatives and participation in enterprise and government implementation strategies. In addition, Allor is a member of: The Infor

Interview with Alan Berman of DRI International and AnneMarie Staley of NYSE The H1N1 threat has put business continuity and disaster recovery (BC/DR) in the headlines. But behind the scenes, the discipline has long been active in helping global organizations respond to myriad natural and man-made disasters. In a discussion about H1N1 and other BC/DR issues, Alan Berman of DRI International and AnneMarie Staley of NYSE touch upon: The biggest threats and regulatory challenges facing global organizations; How to apply "Think Global, Act Local" to BC/DR; What organizations must do now to respond to the H1N1 threat. Berman, the Executive Director of DRI International, is a CBCP, a member of the ASIS BS25999 technical committee, a member of the Committee of Experts for ANSI-ANAB, a former member of the NY City Partnership for Security and Risk Management and the co-chair for the Alfred P. Sloan Foundation committee to create the new standard for the US Private Sector Preparedness Act (PL 110-53). Over a

Not only is Capella University one of the NSA's accredited Centers of Academic Excellence (CAE), the school also offers undergraduate, graduate and post-graduate programs in information assurance - and 100% online. In discussing Capella's unique programs, Dr. Steven Brown touches upon: How Capella's information assurance programs have developed; Where students live, work, and what they bring to the programs; The future of information security education. Dr. Brown is an experienced professional with more than 25 years of technical and business experience. His work both domestically and internationally has been in telecommunications, data networks, strategic communications, electronic commerce, business management, and security. He has authored several publications and presented at conferences around the world. Dr. Brown is currently serving as a Capella core faculty member teaching graduate courses in information assurance and security. He is responsible for ensuring that the information security and net

Cybersecurity is the buzzword these days, and in terms of education ... Carnegie Mellon University is all over it, and has been for nearly a decade. In an exclusive interview, Pradeep Khosla, dean of the College of Engineering at Carnegie Mellon, discusses: The school's current cybersecurity programs; Hot career opportunities for graduates; Advice for those looking to start or jump-start a cybersecurity career. Khosla is currently Dean of the College of Engineering and the Philip and Marsha Dowd University Professor at Carnegie Mellon. His previous positions include: Founding Director, Carnegie Mellon CyLab; Head, Department of Electrical and Computer Engineering; Director, Information Networking Institute; Founding Director, Institute for Complex Engineered Systems (ICES); and Program Manager, Defense Advanced Research Projects Agency (DARPA), where he managed a $50M portfolio of programs in real-time systems, internet enabled software infrastructure, intelligent systems, and distributed systems.

Interview with Prof. N. Paul Schembari, East Stroudsburg University Information security - it's now a major national priority, and it's also the subject of a new Master's of Science program at East Stroudsburg University. This unique, online graduate program debuts on Aug. 31, and in an exclusive interview ESU professor N. Paul Schembari discusses: The program's unique characteristics; Educational and career opportunities for prospective students; How to quickly take steps toward enrollment.

A veteran cybersecurity pro, Shane Sims shares his insights on trends he's seeing as cybercrime continues to hit all companies, including financial institutions. Sims is currently a Director in the Forensic Services practice at PricewaterhouseCoopers, where he provides investigative, forensic technology, security incident response and cyber security services to commercial and government clients. He is a former FBI Supervisory Special Agent who specialized in cybercrime, digital evidence, computer exploitation, and network surveillance. Listen to this podcast and hear Sims insights on: Who's hitting financial institutions with cybercrime activities; Why just having an incident response plan isn't enough; What needs to happen and (what shouldn't be done) when a breach occurs.

Information assurance is what everyone is talking about these days, and the term is strongly associated with "excellence" at the University of Dallas. Listen to Dr. Brett J.L. Landry, Director of the school's Center for Academic Excellence, Information Assurance, discuss: What make's the school's program unique; How students maximize their education; The future of information assurance education. Landry is the Ellis Endowed Chair of Technology Management, Associate Professor and Director of the Center for Academic Excellence in Information Assurance at the University of Dallas. He joined the University of Dallas in the fall of 2006, following six years of teaching at the University of New Orleans. He has worked in network security and design in the private and public sector and earned his Ph.D. from Mississippi State University. Landry has published numerous journal articles on Information Technology in the ACM Journal of Educational Resources in Computing (JERIC), Communications of the ACM (CACM), Dec