Imperva Blog|Login|中文Deutsch日本語

Podcasts

Launch iTunes & Subscribe  Imperva on iTunes Hide Descriptions
Selected Tag: Data Security | Show All
Perspectives on Data Security in Asia -- An interview with Terry Ray

Perspectives on Data Security in Asia -- An interview with Terry Ray


On this episode of the Imperva Security Podcast Terry Ray -- Senior Director for Americas and Asia Pacific Technical Services for Imperva is interviewed.

Terry is a frequent visitor to many parts of Asia. Over the years he has developed a relationship with customers and partners in Asia, giving him a sense for the state of data security, general security trends, and reactions to current security events from an Asian-centric perspective that he can contrast with a North America-centric view. Terry discusses how different regions approach application and database security, current events such as the recent Google attacks in China, and how the Asian community is applying countermeasures to protect their sensitive applications and databases.

Terry Ray is the Senior Director for Americas and Asia Pacific Technical Services for Imperva Inc., a provider of data security solutions. At Imperva, Terry manages teams of security engineers and, has designed and deployed data security solutions, and performed data penetration testing for a wide range of healthcare, financial services, government and eCommerce organizations. Terry has been a frequent speaker for ISSA, OWASP, ISACA, IANS and others in the Americas and abroad.

Prior to joining Imperva, Terry worked in a variety of technical roles at Check Point Software Technology ltd., including security engineering and, partner and end-user technical instruction. Terry has lectured on general network security topics and taught professional security related product certifications in over 35 countries worldwide.

Tags: Terry Ray, Imperva, Asia, Data Security

Play Podcast Podcast Transcript (PDF)
Data Security at a Non-Profit Radio Station -- An interview with Juan Walker

Data Security at a Non-Profit Radio Station -- An interview with Juan Walker


On this episode of the Imperva Security Podcast Juan Walker -- Database and Data Security Advisor with the Educational Media Foundation (EMF) is interviewed.

Juan and I discuss the need for non-profits to protect sensitive information such as donor details. The key to a solid security strategy for EMF is data security, so Juan talks about a number of controls that EMF has in place including the Imperva Database Activity Monitoring (DAM) solution. Juan discusses why the Imperva DAM was chosen over several competitors, how it is currently used to address security and compliance, as well as some of the early wins it has given them related to data discovery and reporting.

Juan Walker is Database and Data Security Advisor for the Information Technology Team at EMF Broadcasting, which is KLOVE and Air-1 Radio Network with over 610 Stations and Translators in 46 States. Juan has over 15 years of experience in Database Architecture and Administration, and extensive knowledge in encryption and data security. Prior to EMF Broadcasting Juan worked as a Database Administrator at Microsoft Corporation and Senior Data Architect at Georgia Pacific Corporation. He has received certifications from SANS and ISC2.

Tags: Juan Walker, Educational Media Foundation, Customer, DAM, Data Security

Play Podcast Podcast Transcript (PDF)
Portuguese interview with Rafael Koike of Telsinc Brazil; he talks about growing trends in application and database security in Brazil

Portuguese interview with Rafael Koike of Telsinc Brazil; he talks about growing trends in application and database security in Brazil


On this episode of the Imperva Security Podcast Rafael Koike of Telsinc is interviewed by Luiz Eduardo Dos Santos of Imperva.

Rafael and Luiz discuss the partnership between Telsinc and Imperva, as well as the evolution, current state, and futures of the security industry in the Brazil. Topics covered are the main drivers for application security, compliance, internal fraud, and, inevitably touch on the controversial subject of the power blackout that recently happened in Brazil.

Telsinc is an Imperva partner and has been active in the Brazilian IT market since 1994, offering advanced solutions and professional services. They are recognized as a company that is agile, experienced and innovative in the utilization and operation of information technology.

Rafael has been with Telsinc since 2006 and helps develop and grow the IT Security business within Telsinc which offers complete solutions from the perimeter to the end point. He has more than ten years of experience in networking and security field having previously worked at Siemens. Rafael holds CISSP and CISM certifications in governance and administration. In addition, he is technically certified CCSE Checkpoint and CCNP Cisco. Due to his contributions, Telsinc's IT Security division has grown an average of 33% annually with estimated revenue of over R$11m in 2010 in hardware sales alone.

To download a Portuguese version of the transcript, click here.

Tags: Partner, Telsinc, Rafael Koike, Portuguese, Brazil, Data Security

Play Podcast Podcast Transcript (PDF)
Interview with the CISO of the State of Colorado and his security deputy on the consolidation of IT security resources and building security in early

Interview with the CISO of the State of Colorado and his security deputy on the consolidation of IT security resources and building security in early


On this episode of the Imperva Security Podcast Seth Kulakow - Chief Information Security Officer for the State of Colorado and his deputy Travis Schack are interviewed.

We discuss several issues that are unique to state-level information security as well as several solid, modern approaches to developing an effective security posture. The consolidation of IT security resources such as security, database and application developers, etc under one umbrella, and the need for executive level sponsorship kicks off this discussion. We also talk about the importance of marketing security internally to peers, building security into the business process and outlining key requirements early on in the form of RFPs, contracts and the like to ensure that there is a real partnership between vendors and customers.

Seth Kulakow was selected as the Chief Information Security Officer (CISO) in November 2008. As the CISO, Seth is responsible for the State's Information Assurance and Compliancy programs.

Prior to joining the Governor's Office of Information Technology, Seth was the Information Security Officer for Denver International Airport (DIA), ranked the 4th busiest airport in the nation and the 10th busiest in the world. During his tenure at DIA, Seth created and managed a peer recognized first of its kind (in any US airport) full time security program from its infancy to a best practice repeatable program. The program covered every facet of security from risk analysis and assessment, compliancy, system auditing, penetration testing and forensics, to ingress and egress controls.

Tags: Seth Kulakow, Travis Schack, State of Colorado, Data Security, State Government, Government

Play Podcast Podcast Transcript (PDF)
GLBA co-author, Paul Reymann talks about GLBA, compliance and security within the financial industry

GLBA co-author, Paul Reymann talks about GLBA, compliance and security within the financial industry


On this episode of the Imperva Security Podcast Paul Reymann - CEO of the Reymann Group & co-author of GLBA talks about the financial industry, and how security and compliance have been changing. He also touches on financial modernization, the convergence of NIST and ISO, and the risk management continuum.

Mr. Reymann is one of the nation's leading regulatory experts and co-author of Section 501 of the Gramm-Leach-Bliley Act Security rule. Fortune 500 companies have leveraged Mr. Reymann's subject matter expertise to develop successful go-to-market strategies for information security and technology products and services within key vertical markets.

He has more than twenty years experience in the financial services industry, including thirteen years with the Department of Treasury's Office of Thrift Supervision (OTS) in Washington D.C. There he guided the regulatory agency's Technology Risk management activities and authored several key regulatory directives and advisories on emerging risk management issues, including the industry's first regulatory directive on "Transactional Internet Banking."

Tags: Paul Reymann, GLBA, GLB, NIST, ISO, Financial, Data Security

Play Podcast Podcast Transcript (PDF)
Mark Weatherford, CISO for the State of California, discusses the complexities of security within state government

Mark Weatherford, CISO for the State of California, discusses the complexities of security within state government


On this episode of the Imperva Security Podcast Mark Weatherford, CISO for the State of California is interviewed. He discusses challenges within information security at the state level including fusion centers, cross-agency coordination, and addressing risks beyond the perimeter -- specifically sensitive data.

Mark Weatherford has extensive executive and operational experience in the information and cyber security arena with a career that spans both the public and private information security sectors. Appointed by Governor Schwarzenegger to his present position as Executive Officer of the California Office of Information Security and Privacy, Weatherford has broad authority over the State's information security and privacy activities.

Mr. Weatherford previously served as the Chief Information Security Officer for the State of Colorado where he was appointed by two successive governors to develop and lead the state information security program.

Mr. Weatherford is a former U.S. Naval Cryptologic Officer, holds a Bachelor of Science degree in Business Administration from the University of Arizona at Tucson and a Master of Science degree in Information Technology Management from the Naval Postgraduate School in Monterey, California.

Tags: Mark Weatherford, State Government, Data Security, Government

Play Podcast Podcast Transcript (PDF)
Interview with Nick Selby, Leader of the 451 Group's Enterprise Security Practice

Interview with Nick Selby, Leader of the 451 Group's Enterprise Security Practice


On this episode of the Imperva Security Podcast Nick Selby is interviewed. Nick talks about analyzing cyber black markets and trends in compliance. He also covers the maturing of security as it becomes more about operations and business risk. He also discusses the economy and its impact on the network security and data security industry.

Nick Selby leads The 451 Group's Enterprise Security Practice (ESP), which provides objective analysis of enterprise security businesses and trends. Nick also serves as The 451's Director of Research Operations, leading the coordination of 451 analysts' research methodologies and processes.

Tags: Nick Selby, Black Market, Compliance, Business Risk, Network Security, Data Security

Play Podcast Podcast Transcript (PDF)
Interview with Dr. Anton Chuvakin, Director of PCI Compliance Solutions at Qualys and Recognized Security Expert & Author

Interview with Dr. Anton Chuvakin, Director of PCI Compliance Solutions at Qualys and Recognized Security Expert & Author


On this episode of the Imperva Security Podcast Dr. Anton Chuvakin is interviewed. Anton talks about PCI and the need for vulnerability assessments to work in concert with application and data security solutions to develop a strong security posture.

Dr. Anton Chuvakin (http://www.chuvakin.org) is the Director of PCI Compliance Solutions at Qualys and is a recognized security expert and book author. He is an author of the book "Security Warrior" and a contributor to books such as "Know Your Enemy II", "Information Security Management Handbook", "Hacker's Challenge 3", "PCI Compliance", "OSSEC HIDS" and others. Anton also published numerous papers on a broad range of security subjects. In his spare time he blogs at http://www.securitywarrior.org. Anton has presented at many security conferences across the world; his recent speaking engagements include presenting in the United States, UK, Singapore, Spain, Canada, Poland, Czech Republic, Russia and other countries. Anton holds a Ph.D. degree from Stony Brook University.

Tags: Anton Chuvakin, PCI, Data Security

Play Podcast Podcast Transcript (PDF)
Interview with Gretchen Hellman, VP of Marketing & Product Management Vormetric

Interview with Gretchen Hellman, VP of Marketing & Product Management Vormetric


On this episode of the Imperva Security Podcast Gretchen Hellman is interviewed. Gretchen talks about the Heartland Data Breach, and shares her perspectives on compliance. She also discusses data security and explains how there is not technological panacea -- data security comes through defense in depth.

Gretchen Hellman brings over 10 years of enterprise security and enterprise software experience to her role as the VP of Marketing and Product Management for Vormetric. Most recently, Gretchen was Director of Product Marketing for Voltage Security, where she led product marketing, field marketing and corporate marketing initiatives. Prior to Voltage Security, she was responsible for compliance market strategy at ArcSight, where she drove initiative to apply ArcSight's award winning Security Information and Event Management solution to the regulatory compliance market. She has also held marketing leadership roles at Network Associates/McAfee. Gretchen began her career in information security as a consultant specializing in security policy and security program development. Gretchen is a frequent speaker in the areas of security standards and control frameworks, regulatory compliance strategies, security policy, and security technologies. She holds a B.S.E.E. from Santa Clara University.

Tags: Gretchen Hellman, Data Security, Compliance, Heartland, Partner

Play Podcast Podcast Transcript (PDF)
Interview with John P. Pironti, President of IP Architects and Interop Chairperson

Interview with John P. Pironti, President of IP Architects and Interop Chairperson


On this episode of the Imperva Security Podcast John P. Pironti is interviewed. John discusses the relationship between security operations and business risk management. He also shares his views on regulatory compliance and the changing landscape for network and data security professionals.

John P. Pironti is the President of IP Architects, LLC and Interop chairperson. He has designed and implemented enterprise wide electronic business solutions, information security programs, business resiliency capabilities, and threat and vulnerability management solutions for key customers in a range of industries, including financial services, energy, government, hospitality, aerospace, media and entertainment, and information technology on a global scale. Mr. Pironti has a number of industry certifications including Certified in the Governance of Enterprise IT (CGEIT), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Information Systems Security Architecture Professional and (ISSAP) and Information Systems Security Management Professional (ISSMP). He is also a published author and writer, highly quoted and often interviewed by global media, and a frequent speaker on electronic business and security topics at domestic and international industry conferences.

Tags: John P. Pironti, Data Security, Risk Management, Compliance

Play Podcast Podcast Transcript (PDF)
Interview with Richard Stiennon, Founder of IT-Harvest and Former Gartner Analyst

Interview with Richard Stiennon, Founder of IT-Harvest and Former Gartner Analyst


On this episode of the Imperva Security Podcast Richard Stiennon is interviewed. Richard talks about beginning authorship of a new book and his perspectives on data security including a very interesting story about WWI and efficiency experts.

Richard Stiennon, security expert and industry analyst, is known for shaking up the industry and providing actionable guidance to vendors and end users. He recently re-launched the security blog ThreatChaos.com and is the founder of IT-Harvest, an independent analyst firm that researches the 1,200 IT security vendors. He was Chief Marketing Officer for Fortinet, Inc. the leading UTM vendor. Prior to that he was VP Threat Research at Webroot Software. Before Webroot, Mr. Stiennon was VP Research at Gartner Inc. where he covered security topics including firewalls, intrusion detection, intrusion prevention, security consulting, and managed security services for the Security and Privacy group. He is a holder of Gartner's Thought Leadership award and was named "One of the 50 most powerful people in Networking" by NetworkWorld Magazine.

Music provided by partnersinrhyme.com.

Tags: Richard Stiennon, Data Security

Play Podcast Podcast Transcript (PDF)
Selected Tag: Data Security | Show All
Launch iTunes & Subscribe Request More Information