SecureMaryland Ep09 – What’s The Risk?

Welcome to the SecureMaryland Podcast Episode 9 “What’s The Risk?” recorded on Sunday, Dec. 15th.  SecureMaryland is part of The Cast Cast network.  For more Baltimore based podcasts, visit www.thecastcast.com

A very big thanks to SmartLogic Solutions for making this possible. Visit www.smartlogicsolutions.comfor more information.

Visit our new website for the show: www.SecureMaryland.org

Congratulations to local author, Jeff Six, for the release of his book: Application Security for the Android Platform: Processes, Permissions, and Other Safeguards

Some Security Meet-ups in the Baltimore area:
CharmSec (meets the last Thursday of every month 7pm) – www.charmsec.org

The Ethical Hackers Club (TEHC) (first wed of the month – columbia MD) – http://www.meetup.com/ethical-hacker-club/

Hosts:
Raymond Gabler: Overall tech geek with over 15 years of experience in the Information Security/Risk Threat management side of IT.

Shawn Grimes from Shawn’s Bits.com . I’ve been a Security Engineer for about the last 10 years and I can be found on twitter at @shawng

Brandon Dixon is from 9b+ and George Washington University. I work as a security researcher and incident responder. I can be found on twitter @9bplus and blog at blog.9bplus.com

Topic: Assessing Risk

1. Define Risk Assessments Threat Vulnerability and Controls
   1. Types of controls: Preventative, Corrective, and Detective others?
   2. Types of Risk: Residual, transferred risk (making it some one else’s worry)
   3. Types of Threats: Natural, Accidental, Malicious (Criminal, technical, hacking, etc).
   4. Liklihood and Impact analysis.
2. NIST Standards 800-30 and 800-39