Compliance Podcasts by Imperva

Podcasts

Hide Descriptions

Selected Tag: Compliance | Show All

Leveraging WAF and DAM for Protecting Data, Securing Servers, Meeting Partner Requirements, Addressing PCI, and Beyond -- an Interview with Richard Collins from Imperva Customer TechSoup Global

On this episode of the Imperva Security Podcast Richard Collins from TechSoup Global talks about using Imperva SecureSphere WAF and DAM solutions. He discusses key drivers such as sensitive data protection, securing mission-critical servers, addressing partner concerns over data security from Microsoft, Adobe, and Intuit (which require their partners to have strong data security solutions), and addressing PCI.

Richard also discusses how WAF can be used as a unifying technology that brings together development and operations teams. Finally he explains why he chose Imperva SecureSphere above competitors, and how Imperva offers the best solution for TechSoup Global by providing a superior: user interface, policy management system, profiling and learning capability, architecture flexibility, and ability to integrate database and Web application protection through a single solution.

Mr. Collins is the Senior Director for Information System Security for TechSoup Global, a nonprofit organization that helps nonprofits in 31 countries around the world get and use technology to better serve their missions. In addition, TechSoup Global works with companies and foundations to optimize their philanthropic impact.

At TechSoup Global, Mr. Collins is in charge of security strategy and security policy to protect data and information systems across the organization. He is also responsible for senior project management, consulting, and coordination for all security and system-stability related projects.

Mr. Collins is currently leading several security projects including achieving PCI compliance, providing security and risk protection across the architecture stack, and embedding security into systems development, operations planning, and implementation processes.

A 20-year industry veteran, Mr. Collins has held positions ranging from programmer analyst to CIO in a wide range of industries including banking, telecommunications, publishing, and technical consulting services. Mr. Collins holds a Masters Degree in Information Systems and Telecommunications Management.

Tags: Customer, WAF, DAM, Richard Collins, TechSoup Global, Sensitive Data, Compliance, PCI

PCI by the Numbers: Survey Results Explored -- an Interview with Dr. Larry Ponemon of the Ponemon Institute

On this episode of the Imperva Security Podcast Dr. Larry Ponemon of the Ponemon Institute discusses the results of his latest PCI DSS survey. He talks about a number of fascinating and sometimes anomalistic statistics from the survey results, and shares his views and leanings. Dr. Ponemon addresses questions such as:

Can consumers rely on companies to protect their credit card information?
How has PCI affected security budgets?
Which PCI approaches work and which ones don't?
How do smart companies manage the cost and get the most out of PCI?

Dr. Larry Ponemon is the Chairman and Founder of the Ponemon Institute, a research "think tank" dedicated to advancing privacy and data protection practices. Dr. Ponemon is considered a pioneer in privacy auditing and the Responsible Information Management or RIM framework.

Dr. Ponemon consults with leading multinational organizations on global privacy management programs. Dr. Ponemon was appointed to the Advisory Committee for Online Access & Security for the United States Federal Trade Commission. He was appointed by the White House to the Data Privacy and Integrity Advisory Committee for the Department of Homeland Security. Dr. Ponemon was also an appointed to two California State task forces on privacy and data security laws.

Dr. Ponemon earned his Ph.D. at Union College in Schenectady, New York. He has a Master's degree from Harvard University, Cambridge, Massachusetts, and attended the doctoral program in system sciences at Carnegie Mellon University, Pittsburgh, Pennsylvania. Dr. Ponemon earned his Bachelors with Highest Distinction from the University of Arizona, Tucson, Arizona.

Download: PCI DSS Survey Results (pdf)

Tags: PCI DSS, Larry Ponemon, Ponemon Institute, Survey, Compliance

Interview with Dave Anderson -- Director of Marketing for SAP Business Objects governance, risk and compliance solutions

On this episode of the Imperva Security Podcast Dave Anderson from SAP is interviewed. Dave discusses GRC and ITGRC. He covers the differences, early adopters and what solutions currently exist. He dives into gaps that need to be addressed and what he sees as the future for GRC.

Dave Anderson, Director of Marketing for SAP Business Objects governance, risk and compliance solutions has 15 years of experience in information security, risk management and compliance at several leading companies, including SAP, ArcSight, KPMG, and VeriSign. During this time, he developed and managed marketing and product solutions that integrate risk, compliance, strategy and performance into unified governance and compliance frameworks. Dave's experience also includes implementing and auditing IT Governance solutions based on COSO, CobiT, ISO 27001 and ITIL standards; and he is a Certified Information Systems Auditor.

Tags: Dave Anderson, SAP, ITGRC, GRC, Governance, Risk, Compliance, IT Governance

Interview with Nick Selby, Leader of the 451 Group's Enterprise Security Practice

On this episode of the Imperva Security Podcast Nick Selby is interviewed. Nick talks about analyzing cyber black markets and trends in compliance. He also covers the maturing of security as it becomes more about operations and business risk. He also discusses the economy and its impact on the network security and data security industry.

Nick Selby leads The 451 Group's Enterprise Security Practice (ESP), which provides objective analysis of enterprise security businesses and trends. Nick also serves as The 451's Director of Research Operations, leading the coordination of 451 analysts' research methodologies and processes.

Tags: Nick Selby, Black Market, Compliance, Business Risk, Network Security, Data Security

Interview with Gretchen Hellman, VP of Marketing & Product Management Vormetric

On this episode of the Imperva Security Podcast Gretchen Hellman is interviewed. Gretchen talks about the Heartland Data Breach, and shares her perspectives on compliance. She also discusses data security and explains how there is not technological panacea -- data security comes through defense in depth.

Gretchen Hellman brings over 10 years of enterprise security and enterprise software experience to her role as the VP of Marketing and Product Management for Vormetric. Most recently, Gretchen was Director of Product Marketing for Voltage Security, where she led product marketing, field marketing and corporate marketing initiatives. Prior to Voltage Security, she was responsible for compliance market strategy at ArcSight, where she drove initiative to apply ArcSight's award winning Security Information and Event Management solution to the regulatory compliance market. She has also held marketing leadership roles at Network Associates/McAfee. Gretchen began her career in information security as a consultant specializing in security policy and security program development. Gretchen is a frequent speaker in the areas of security standards and control frameworks, regulatory compliance strategies, security policy, and security technologies. She holds a B.S.E.E. from Santa Clara University.

Tags: Gretchen Hellman, Data Security, Compliance, Heartland, Partner

Interview with John P. Pironti, President of IP Architects and Interop Chairperson

On this episode of the Imperva Security Podcast John P. Pironti is interviewed. John discusses the relationship between security operations and business risk management. He also shares his views on regulatory compliance and the changing landscape for network and data security professionals.

John P. Pironti is the President of IP Architects, LLC and Interop chairperson. He has designed and implemented enterprise wide electronic business solutions, information security programs, business resiliency capabilities, and threat and vulnerability management solutions for key customers in a range of industries, including financial services, energy, government, hospitality, aerospace, media and entertainment, and information technology on a global scale. Mr. Pironti has a number of industry certifications including Certified in the Governance of Enterprise IT (CGEIT), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Information Systems Security Architecture Professional and (ISSAP) and Information Systems Security Management Professional (ISSMP). He is also a published author and writer, highly quoted and often interviewed by global media, and a frequent speaker on electronic business and security topics at domestic and international industry conferences.

Tags: John P. Pironti, Data Security, Risk Management, Compliance