The Reality Check Security Podcast

Jim Routh is the CISO of the Depository Trust and Clearing Corporation (DTCC). Jim is a veteran technology and security executive, having held positions at American Express and American Express Financial Advisors before joining DTCC. At DTCC, Jim designed and implemented an enterprise wide information security program based on risk management best practice, COBIT, and ISO 27001. He is a member of the Board of Directors for FS-ISAC and the Wall Street Technology Association.

 

 Show 002 - An Interview with Jim Routh [23:48m]: Play Now | Play in Popup | Download

Steve Lipner is the senior director of security engineering strategy in Microsoft’s trustworthy computing group. Steve runs the Security Development Lifecycle team focused on product security and privacy. Steve has been active in computer security for thirty-five years. He holds a B.S. and an M.S. from MIT. His book The Security Development Lifecycle co-authored with Mike Howard is required reading in the field.

 

 Show 001 - An Interview with Steve Lipner [22:26m]: Play Now | Play in Popup | Download

The Reality Check Podcast with Gary McGraw focuses directly on software security practitioners and practical software security. Reality Check’s sister podcast, the Silver Bullet Security Podcast with Gary McGraw, follows a free form interview style tailored highlight the ideas and experience of security gurus. By contrast, Reality Check is concerned with practical questions centered on running large-scale software security initiatives in the real world.

Reality Check targets experienced leaders working to solve software security problems in large organizations every day. We use a standard script to guide each conversation with questions about history, methodology, best practice, and measurement. We plan to interview leaders of mature software security programs and leaders of programs just getting started.

Your feedback is absolutely welcome. Please subscribe to the series through or RSS feed or through iTunes.

The Reality Check Podcast with Gary McGraw will focus on software security practitioners and practical software security. We’ll interview people involved in running large-scale software security initiatives. Our first conversation will be with Steve Lipner who runs Microsoft’s Secure Development Lifecycle team. Check back here on January 5th or sign up with our RSS feed.