by Jeff Bardin,
The Brave New World of InfoSec
I was out on YouTube today searching for anything related to risk management and information security. I found goofy looking guys with feathers on their heads speaking to global warming; insurance companies betting your lifespan; motor vehicle departments discussing auto risk; Big 4 companies talking about risk from Asia; tongue-in-cheek discussion from Seinfeld on risk; credit risk, finanical risk, paddle boat risk, base jumping risk, workplace risk, proof of life risk, Basel II, Forex, SAP, ....
I decided to refine my searches to something a bit more pertinent and put in 'information risk management.' A bit closer to home. Knowing that my firm is involved in this I was not surprised on some levels but on another level I was. I found a bevy of videos from RSA on information risk management, data loss prevention, portal security and more. The surprise was in the number of videos. These guys have been busy!
It took me awhile to go through them all but I did. I should have signed up for CPE credits because I learned something this weekend sitting outside enjoying the chirps of birds just inside an overhang (avoiding the risk of droppings and dodging the buzz of the occassional hornet).
I learned that the company I work for (EMC and RSA, The Security Division of EMC) is quite serious about information risk management. Having my head buried inside, building out the Office or Risk Management within the Global Security Organization, I had failed to realize that there was (is) a great wealth of information and expertise just around the corner. Now that I know what is there, I'm sure to mine this wealth of info. They might get tired of my visits to Bedford. Some of the links to the chalk talks are below:
http://www.youtube.com/watch?v=MUQzEJ82TrQ - Info Risk Mgmt
http://www.youtube.com/watch?v=356EqgS4HZk&feature=related - Info Risk Mgmt - Financial Services
http://www.youtube.com/watch?v=VPE415yr4Sg&feature=related - Data Loss Part I
http://www.youtube.com/watch?v=orXO4_kew0c&feature=related - Data Loss Part II
http://www.youtube.com/watch?v=URQFqY7oL6Q&feature=related - Online Fraud
http://www.youtube.com/watch?v=yRFMfiLbNj8 - ISO27002 Framework
http://www.youtube.com/watch?v=qRuQzVWm7kc&feature=related - Information Centric Security
http://www.youtube.com/watch?v=JiaTBYSAKaQ - Art Coviello
http://www.youtube.com/watch?v=j0BIVeAgzq8 - Securing Web Portals
http://www.youtube.com/watch?v=BhfVyiG9bcw&feature=related - Security Internal Access to Enterprise Resources
http://www.youtube.com/watch?v=BhfVyiG9bcw Securing Enterprise Access to Network Resources
http://www.youtube.com/watch?v=j0BIVeAgzq8 Secure Web Access For Employees, Partners, Customers
http://www.youtube.com/watch?v=EhyHJ175qIQ Key Components of a Secure Remote Access Solution
http://www.youtube.com/watch?v=KoYAww8ug5s Implementing Identity Assurance for Business Acceleration
http://www.youtube.com/watch?v=mEJilaxag6Q Moving from Compliance to Governance in Financial Services
I can honestly say that I've received much more than a church chat sitting through the videos. I'll be more vigilant with YouTube. I think I'll start on Second Life next .