Adam Shostack, who is part of Microsoft's Security Development Lifecycle team, co-wrote "The New School of Information Security" with Andrew Stewart to examine some of the ongoing shortcomings of the information security profession, and propose some very practical steps that any individual or organization can take to improve things. In this podcast, Adam explains what motivated him to write the book and talks about one or two of those practical steps, including the role of games in educating people about security and privacy. (Please note: Adam has asked me to point out a minor correction: Laurie Williams created "Protection Poker" not "Threat Poker".)

I happen to have a spare copy of Adam's excellent game on my desk in front of, and I will dispatch it post-haste to the first person to reply to comment on this post with the name of the virus that supposedly derailed the Iranian nuclear weapons programme.

You can download this and other podcasts in both podcast (MPEG4) and sound-only (MP3) format from the Consult Hyperion podcast page, where you can also subscribe to the podcast RSS feed. If you have iTunes, you can find the podcasts in the iTunes Store: just search for "Consult Hyperion" in the podcasts area and you can click and subscribe. Alternatively, you can click on this iTunes link.

Comments

We have a winner! E-mail me your postal address Duncan and I will send you the game when back in the office in the New Year.

Posted by: Dave Birch | 22 December 2011 at 03:54 PM

Stuxnet

Posted by: Duncan Hart | 22 December 2011 at 02:56 PM