Info Risk Today Podcast

Neustar is about to release a new report on the DDoS threat landscape. What are some of the key trends to watch? Neustar's Jim Fink offers a preview of the study's findings.

With enhanced analytics, organizations and law enforcement are improving their ability to trace malware attacks and other advanced persistent threats, says Eward Driehuis of Fox-IT.

While much of the security focus is on online fraud and major data breaches, organizations of all sizes and sectors are seeing a rise in phone-based fraud, says Matt Anthony of Pindrop Security.

The application programming interface is now an attack vector, which creates new security issues, warns Travis Broughton, IT architect at Intel.

As organizations expand their use of encryption to help prevent breaches, they must improve their management of cryptographic keys, says Prakash Panjwani, senior vice president at SafeNet.

Among the biggest cyberthreats enterprises face comes from hacks on consumer mobile devices, says Caleb Barlow, a director of product management at IBM Security.

Too many businesses are worried about how security might adversely affect the user experience, even among their own workforce, says Bert Rankin, chief marketing officer of ThreatMetrix.

While massive DDoS attacks were dominant in 2013, this year, smaller application-layer attacks going after such things as log-in pages and password files are far more common, says Rich Bolstridge, chief strategist, financial services, at Akamai Technologies.

While January's seemingly isolated distributed-denial-of-service attacks against JPMorgan Chase and Bank of America may have been a blip, DDoS expert Barrett Lyon says stronger attacks are on the way.

While most organizations are focusing on compliance, they are ignoring basic human-factor security risks that technology cannot fix, says Hord Tipton, executive director of the International Systems Security Certification Consortium, better known as (ISC)².

The gateway security solutions provider iBoss Network Security is enhancing its offerings by incorporating analysis of behavioral movement of traffic in and out of the network.

The increasing use of cloud-based resources requires a new approach to protection against cyberthreats, says Ashley Stephenson, CEO at Corero Network Security.

Simple credentials, such as passwords, are a hacker's best friend, says Phillip Dunkelberger of Nok Nok Labs, a founding member of the FIDO Alliance. That's why the alliance is working to reduce reliance on passwords by enabling advanced authentication.

Cisco has launched a new open source initiative focused on application identification, says Scott Harrell, vice president of the company's security business group.

The recent merger of Bit9 and Carbon Black will eventually result in a single, merged product offering, says Benjamin Johnson, CTO at Carbon Black.

CipherCloud's Paige Leidig discusses a new offering that helps enable organizations rapidly adopt a cloud application as it protects sensitive data and ensures compliance to policies and regulations.

Although the growth of cloud-based data centers offers opportunities to more rapidly deploy applications, it also raises new security issues, says Steve Pao, senior vice president at Barracuda Networks.

Researchers at Dell SecureWorks have identified some 146 unique malware families that are targeting cryptocurrencies. Approximately 100 of those have emerged in just the last year, says Pat Litke, security analysis adviser for the company's CyberThreat unit.

Log analysis is often used for managed security, but are organizations going far enough with the information they have at their fingertips? Don Gray, chief security strategist for Solutionary, says there is much more organizations could be doing to predict breaches.

Advanced, ever-evolving threats call for security solutions vendors to counter with equally advanced and sophisticated solutions. JD Sherry of Trend Micro discusses new strategic alliances and product sets dedicated to creating new measures of threat defense.