Here is a list of things to do:
* subscribe with the RSS 2.0 feed(s) to your right (or below for yahoo and iTunes)
* Call the listener feedback line: 206-339-9361
* If you liked the show, tell a friend; if you didn’t, tell me!

Subscribe in iTunes using this link (Click Here Now)

Subscribe or RATE THE SHOW in Yahoo Here. Please take the time to rate the show for the series as well as the specific episode.

==>Download or listen to Security Catalyst #11 here (27 minutes long) < ==

On This Episode
The Windows WMF “Zero-Day Exploit” gets patched
Well, the patch is out – several of them. We talk about the MS patch, as well as briefly touch on the discussion around third party patches, patch management and then focus on the larger issue of defense in depth. Are you practicing good defense in depth?

Microsoft Announcement and Information

H&R Block Blunder
In reality, this isn’t probably going to be a big deal – but I was amazed as we ended the year to find yet another company has been required to notify customers that they may have had a compromise of personally identifiable information. In this case, the social security number (SSN) of the recipient of TaxCut software was included in the tracking number. We discuss corporate accountability and how to help protect your company from these mistakes.

USA Today Story

DHS takes a risk assessment approach
Not enough attention has been positively applied to the common sense approach DHS is applying with homeland security money. Rather than dole out the money in a political fashion, they have decided to take a “risk-based” approach. While the specific details are only coming to light now, this is an excellent step that sets the example – and may give you the opportunity to take the same approach with your business or home network.

DHS Press Release

The following track from the podsafe music collection of podshow was used during the introduction of SC11.

Please remember to rate this podcast on iTunes and Yahoo! Thanks!!

About the Author Michael Santarcangelo

The founder of Security Catalyst, Michael develops exceptional leaders and powerful communicators with the security mindset for success.

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}

Don't know where to start?

Check out Security Catalyst Office Hours to meet your peers and celebrate the good, help each other, and figure out your best next step. We meet each Friday… and it’s free to attend.