Info Risk Today Podcast

The CEO of Bit9 speaks from experience: His firm was hacked, sensitive data stolen and customers put at risk. And what's happened since represents his mission to fend off attackers, even as they refine their hacks.

Chris Buse, CISO for the state of Minnesota, says centralizing IT systems should make it easier to defend against cyber-attacks because there are fewer computing environments to protect.

Financial crimes, fraud and cybersecurity. These topics are quickly converging upon security organizations, and leaders must be prepared. FICO's Stuart Wells discusses the tools and skills needed for convergence.

Security leaders expect the new Union budget to give a needed boost to cybersecurity education, as well as increased investment in critical infrastructure, biometrics and surveillance to fight cybercrime.

This year could mark a turning point for the sharing of threat intelligence, but only if the government is able to build a framework that instills private-sector trust, says threat researcher Lance James.

As more patient records are digitized, that data is a rapidly growing target for cybercriminals intent on committing medical identity theft and fraud, says Ann Patterson of the Medical Identity Fraud Alliance, who analyzes a new report on the trends.

Were DDoS attacks against major American banks in 2012 waged in retribution for U.S. government actions? A recently leaked top-secret memo prepared in 2013 for Keith Alexander, who was then NSA director, seems to confirm that's the case.

As new cyberthreats emerge, medical device maker Philips Healthcare is implementing a four-prong strategy for ensuring the cybersecurity of its products. Michael McNeil, global product security and services officer, outlines the steps.

With white-hat security researchers gaining increasing mainstream recognition, hacking as a vocation is no longer taboo - and Indian researchers are flocking to the profession, says HackerOne's Katie Moussouris

Learning more about potential attackers and their preferred information targets is one of the best ways organizations can mitigate their cyber-attack risks, says Bank of the West's David Pollino, a featured speaker at ISMG's Fraud Summit LA.

Information sharing and analysis organizations being formed under President Obama's new executive order must avoid becoming silos that only share cyberthreat intelligence "within their own walls," warns Deborah Kobza, executive director of NH-ISAC.

Attacks are larger, adversaries more diverse, and damage is broader. These are characteristics of today's DDoS attacks, and organizations need a new approach to protection, says Verisign's Ramakant Pandrangi.

Elayne Starkey, the state of Delaware's chief security officer, no longer micromanages how cloud services providers secure state data. Find out why she's giving providers more leeway in defining security requirements.

In an exclusive interview, Sergey Golonvanov, a threat researcher at Kaspersky Lab, offers insights about the Russian cybercrime ring that over the weekend made headlines for defrauding banks of up to $1 billion.

The volume of spam messaging is down, but the bogus messages that are getting through? They're more malicious than ever, says Cisco's Jason Brvenik. He shares insights from Cisco's 2015 Security Report.

Mega-breaches, including the recent hacking attack on Anthem Inc. always result in an uptick of interest in cyber-insurance, but determining how much coverage to buy is an ongoing challenge, says data privacy attorney Marc Voses.

What are the top security priorities for healthcare's "CIO of the Year"? Bolstering defenses against phishing, malware and remote attacks head the list, says Sue Schade, CIO at the University of Michigan Hospitals and Health Centers.

A new federal cyberthreat intelligence center could help the government build more resilient networks and better identify cyber-attackers, leading to arrests and punishments, says Harry Raduege, a former top Defense Department IT leader.

The Anthem breach, which possibly started with a phishing campaign, is a prime example of how hackers are perfecting their schemes to target key employees who have access to valued information, says Dave Jevans of the Anti-Phishing Working Group.

As hack attacks, such as the breach of Anthem Inc., become more common, it's more critical than ever for organizations to carry out an "adaptive defense model" to protect sensitive information, says Dave Merkel, chief technology officer at FireEye.