Government Information Security Podcast

IT security and privacy lawyer David Navetta says revelations that mobile devices such as the iPhone, iPad and Android maintain hidden files tracking users locations could pose a threat to organizations, regardless of whether the devices are owned by individual employees, the company or government agency for which they work.

This week's top news and views: New legislation aims to get more support for cybersecurity initiatives, flaws found in air traffic control system and Verizon's 2011 data breach report. Don't miss our audio week-in-review podcast by Executive Editor Eric Chabrow

FICO's Mike Urban says more questions than answers surround the Durbin amendment's future impact on fraud prevention. But bankers and the Fed may get a two-year reprieve to evaluate the legislation, if a new bill now before the Senate passes.

From mobile devices to social media and cloud computing, IT governance is all about risk management. "You can't de-risk everything, but you can de-risk the majority of circumstances you will see in normal operations," says governance expert Robert Stroud.

The latest Verizon Data Breach Investigations Report is out, and the good news is: The number of compromised records is down. The troubling news is: The number of breaches is up. Bryan Sartin, one of the report authors, explains why.

This week's top news and views: Cutting funding for IT security could prove dicey, comments from DHS Undersecretary Philip Reitinger and Sen. Thomas Carper; year-long Texas breach exposed personal information of 3.5 million; bill unveiled to safeguard personal data online; and Google and Microsoft battle over cloud certification. And don't miss our audio week-in-review podcast by Executive Editor Eric Chabrow

As Congress and the White House look for ways to cut the federal budget, one area that could prove dicey is IT security, contends Department of Homeland Security's Philip Reitinger.

ID security expert Tim Rohrbaugh on phishing trends in light of Epsilon breach.

This week's top news and views: Federal shutdown's impact on IT security, zero percent unemployment for IT security analysts, 'tricked' RSA worker opened backdoor to advanced persistent threat attack and DHS's top infosec executive's quest for a safer Internet. And don't miss our week-in-review podcast by Executive Editor Eric Chabrow.

Philip Reitinger, the top cybersecurity official in the Department of Homeland Security, is on a mission to help create a new, secure computing ecosystem on the Internet.

When it comes to e-marketing and the reliance on third parties such as Epsilon, Nicolas Christin of Carnegie Mellon University says banks and merchants should "come clean" about the information they share with outside entities.

Privacy Attorney Lisa Sotto says the Epsilon e-mail breach is a warning about the state of data security employed by some third-party service providers. Strong contracts related to security practices must be the norm, not the exception.

When it comes to authentication and identity management, state governments face challenges and vulnerabilities of their own making, says Brent Crossland of Entrust.

March's top news and views: DOD officials explain how a WikiLeaks breach will not happen again, RSA chief technology officer discusses the challenges in dealing with advanced persistent threat attacks and how Ohio decided on a NIST framework. And don't miss our month-in-review podcast by Executive Editor Eric Chabrow.

EastNets' Paul Buelens says fraud-fighting is an international concern, as old schemes abound and new threats emerge. Fraud risks are some of the most challenging banks have ever faced.

A comprehensive bill to dramatically change the way the federal government addresses cybersecurity could pass the Senate as early as this summer, Sen. Thomas Carper, who chairs a Senate panel with IT security oversight, says in an interview with GovInfoSecurity.com.

RSA CTO Bret Hartman on advance persistent threats, before the breach; face of federal IT security leadership, putting IT security workforce in perspective, federal cyber incidents up 39 percent; and our special report on the RSA breach and its impact. And don't miss our audio week-in-review podcast by Executive Editor Eric Chabrow

Terrell Herzig, CISO at UAB Medicine, speaks out on steps steps he's taking in the wake of the RSA SecurID attack.

Terrell Herzig, information security officer at UAB Medicine, discusses the steps he's taking in the wake of the attack against RSA's SecurID two-factor authentication products.

Marcus Ranum isn't just a well-regarded information security expert. He's also a customer of the RSA SecurID product, and he's got some strong feelings about the RSA breach and how the industry has responded to it.