SRT Episode 4 – Responsible Reporting of Breaches

September 17, 2006 by SecurityCatalyst · 3 Comments
Filed under: Podcast 

How many times have you wondered what you would do if you find out your company wasn’t protecting information as they promised? What if you were a consultant or contractor?

Is there a right way to report on privacy and security breaches?

Join the Security Round Table with Special Guest Randal Schwartz to discuss this important issue.

On this episode:

Larry Pesce | Pauldotcom Security Weekly | Haxor the Matrix
Martin McKeay | Network Security Blog & Podcast
Michael Santarcangelo | The Security Catalyst
Randal Schwartz | Stonehenge | Legal Information: Friends of Randal Schwartz

Note: we did reach some interesting conclusions and directions for future advancement. Continue the discussion at the Security Catalyst Community (currently open to trusted catalysts until October 15, 2006 when it becomes available to the entire community).

 
icon for podpress  SRT 4 [56:33m]: Play Now | Play in Popup | Download (1597)

Tags:

Comments

3 Responses to “SRT Episode 4 – Responsible Reporting of Breaches”

Trackbacks

Check out what others are saying about this post...
  1. Network Security Blog says:
    September 19, 2006 at 1:45 pm

    Responsible disclosure, the other type…

  2. BitRatchet » Blog Archive » [security roundtable] responsible disclosure says:
    September 21, 2006 at 6:06 pm

    [...] Couldn’t finish listening to the security roundtable ep. 4 about responsible disclosure. Made me too anxious thinking about how I had been a contractor for so many years, monkeying around with various client computers, without legal councel. Basically, what I got from most of the discussion, is that a) unless you are rich enuf to defend yourself against a corporation, you have not economic incentive to responsibly disclose against a potentially agressive vendor b) don’t disclose except thru your legal councel. Let a lawyer represent and disclose thru their firm. [...]

  3. Security Ripcord says:
    September 27, 2006 at 8:52 am

    Letter to Santa on Security 2.0…

    I just wrote an E-mail to Michael Santarcangelo of the Security Catalyst about his Security 2.0 initiative. Please comment if you have any input.  Also watch out for Michael to open the Security Catalyst Community soon.  You should also li…