Info Risk Today Podcast

In addition to adopting the right IT security standards to mitigate advance persistent threats, organizations need to pick the right people to carry out those standards, says Jon Long, a featured speaker at ISMG's Global APT Defense Summit on Oct. 22.

More healthcare entities might consider implementing NIST's cybersecurity framework if healthcare-specific guidance on putting the framework to use was available, says Lee Kim of the Healthcare Information and Management Systems Society.

"Cybercrime as a service" and the globalization of attacks are two of the trends noted by cyber-intelligence firm Group-IB in its third annual High-Tech Crime Report. Group-IB's Alexander Tushkanov explains the lessons that can be learned.

What advice does the first CISO have for today's security leaders? Steve Katz speaks up on top security threats, how to defend against them and what it takes to lead an effective security team.

Data analytics is reshaping the way financial institutions detect fraud by helping them track customer behavior in real time, says FICO's Anant Nambiar, who'll be a featured presenter at ISMG's Fraud Summit New York on Oct. 21.

Knowing how to manipulate a hacker's cultural values could help thwart - or at least slow down - cyber-attacks, says Garet Moravec, a cybersecurity expert who'll speak at ISMG's Global APT Defense Summit on Oct. 22.

In this post-Target era of "It's not a matter of if, but when," how prepared is your organization for a data breach? Michael Buratowski of General Dynamics Fidelis Cybersecurity Solutions offers tips for breach planning and response.

The U.S. government could be a year away from allowing citizens to use the same authentication credentials to get services from multiple departments and agencies, says Jeremy Grant, who oversees the National Strategy for Trusted Identities in Cyberspace.

Nearly two weeks since news of Shellshock broke, attacks that are taking advantage of the Bash vulnerabilities are grabbing headlines. But Michael Smith of Akamai warns that the battle against hackers capitalizing on Shellshock could go on for years.

Heartbleed, Shellshock, targeted attacks - the security threats to banking institutions are legion. And there are new banks can get better at detecting these evolving threats, says Solutionary's Jeremy Nichols.

The development of authentication technologies that could replace the password is "nearing a tipping point," but there's still several years of work to do, says Jeremy Grant, who oversees the National Strategy for Trusted Identities in Cyberspace.

As researchers scramble to learn more about Shellshock and the risks it poses to operating systems, servers and devices, Michael Smith of Akamai explains why not all patches are actually fixing the problem.

In a wide-ranging interview, the acclaimed expert on cybersecurity strategy addresses the cyberthreat posed by ISIS and explains why Congress is unlikely to enact significant cybersecurity legislation this year.

To mitigate the newly discovered Bash bug - AKA Shellshock - which may make millions of systems vulnerable to remote takeover, organizations must take several key steps, says security expert Alan Woodward.

One year after HIPAA Omnibus Rule enforcement began, why do so many healthcare entities and business associates continue to struggle with even the most basic requirements? Security expert Andrew Hicks offers insights.

Healthcare organizations are increasingly top targets for sophisticated data breaches. How can they improve their defenses? Paul Smith of Ascension Health and Mark Hanson of Fortinet offer tips.

When it comes to the evolution of machine data, security organizations now can improve protection and the top line. How can they maximize the business benefits? Jean-Francois Roy of Tibco shares tips.

What's the toughest challenge the U.S. faces when it comes to EMV? Randy Vanderhoof of the EMV Migration Forum points to getting POS software and terminals certified for EMV transactions. Find out what other hurdles he identifies.

Helping merchants deal with the growing threat of POS malware is one of the biggest challenges facing Troy Leach, CTO of the PCI Security Standards Council, who says the BlackPOS malware threat, in particular, "is keeping me up at night."

If the U.S. military awarded a decoration for hacking, Army Col. Gregory Conti would wear it proudly on his uniform. Hear Conti, director of the Army Cyber Institute, explain why ethical hacking helps drive America's innovation engine.