Security experts discuss whether the TJX data breach illustrates the need to toughen the PCI Data Security Standard.

 

 Security Wire Weekly [08:10m]: Play Now | Play in Popup | Download

Chris Farrow talks about the changes ahead for the current PCI standard and how compensating controls should be used, why they are confusing and how to address compensating controls with your assessor. He is co-founder and vice president of the PCI Security Vendor Alliance. Farrow serves as the founder and director of the Center for Policy & Compliance, a research and advisory group created by Configuresoft.

Diana Kelley discusses some of the headaches companies are encountering during the compliance process and how to choose an assessor. Kelley is vice president and service director at the Burton Group, where she focuses her research on security issues, including compliance.

Dan Jones, director of IT at the University of Colorado, explains his school’s ongoing PCI compliance initiatives. Jones says compliance is an ongoing process.

 

 Security360 [19:43m]: Play Now | Play in Popup | Download

Security researcher Adam Laurie warns of weaknesses in radio frequency identification technology (RFID). The researcher explains how easy it is to copy an RFID tag. Also a look at the week’s news.

 

 Security Wire Weekly [11:45m]: Play Now | Play in Popup | Download

As part of SearchSecurity.com’s ongoing series on deploying Windows Vista, Omar Ghneim, network administrator for energy firm EXCO Resources, explains his efforts to make sense of Vista’s user account controls and keep critical business applications running without the barrage of pop-ups that has earned Microsoft scorn.

 

 Security Wire Weekly [17:26m]: Play Now | Play in Popup | Download

Paul Henry of Secure Computing warns of a new threat to companies with VoIP and Web 2.0 functionality, and a researcher questions the quality of a recent security update for AOL Instant Messenger. Also: Oracle patches security flaws across its product line.

 

 Security Wire Weekly [08:35m]: Play Now | Play in Popup | Download

The SearchSecurity.com editorial team discusses the debate brewing over the security of virtualization in the wake of VMware’s success. Other topics include HD Moore’s attack platform for the iPhone and the latest struggles with the Payment Card Industry Data Security Standards.

 

 Security Squad [20:32m]: Play Now | Play in Popup | Download

Michelle Stewart, CISO at AirTran Airways explains how high profile data security breaches and the Payment Card Industry Data Security Standards (PCI DSS) impact the airline’s IT security priorities. Also a review of the week’s news.

 

 Security Wire Weekly [10:02m]: Play Now | Play in Popup | Download

Code Green CEO Sreekanth Ravi explains why his company is gearing its latest data protection offering toward SMBs. Also, Google fixes a serious Gmail flaw.

 

 Security Wire Weekly [13:05m]: Play Now | Play in Popup | Download

Pedram Amini, head of TippingPoint’s security research group, co-wrote the recently-released book, “Fuzzing: Brute Force Vulnerability Discovery,” and recently unveiled the new Sulley fuzzing framework. In this conversation, he talks about the book and explains how the Sulley framework will take fuzzing to the next level.

 

 Security Newsmaker: Play Now | Play in Popup | Download