Info Risk Today Podcast

As the overall number of "true exploits" have decreased, targeted ones - especially those initiated by criminals or nation states - are becoming harder to detect, say Rick Miller, director of IBM Managed Security Services.

DDoS attacks have existed for years. But the latest wave brings new threats to organizations. How should they defend against these attacks? Ashley Stephenson of Corero Network Security offers insights. DDoS attacks have existed for years. But the latest wave brings new threats to organizations. How should they defend against these attacks? Ashley Stephenson of Corero Network Security offers insights. In an interview about defending against the new, sophisticated DDoS attacks, Stephenson discusses: What's new about the attacks we're seeing; Why traditional defenses are insufficient; How organizations can mitigate their risks by deploying a new defensive strategy.

The gut feeling many people have about their physical security hasn't quite developed in the digital world, presenting a challenge for homeland security officials, says State of Delaware Homeland Security Adviser Kurt Reuther.

A cybergang threatens a blitz of Trojan attacks aimed at 30 U.S. banks, according to RSA. What steps should all banking institutions take now to prepare? RSA's Mor Ahuvia offers insight and advice.

Windows 8 is coming soon. What are the security updates in Microsoft's new operating system? Which questions should security leaders weigh before upgrading? Forrester's Chenxi Wang offers insight.

Website outages at leading U.S. banks have garnered global attention. But how concerned should European institutions be that they could be the next targets? A London-based security expert shares insight.

Connecticut Attorney General George Jepsen says he hopes an update to the state's data breach protection law that took effect Oct. 1 will help make its enforcement less difficult.

Worldwide, banking institutions face evolving fraud threats. What are some of the new strategies and solutions they employ to fight back? ACI Worldwide's Patrick Higgins and Andy Morris share insights.

Banks struck by the wave of DDoS attacks are communicating badly and missing a great opportunity to educate their customers about cybersecurity, says Gregory Nowak of the Information Security Forum.

Delaware Chief Security Officer Elayne Starkey leads, but does not supervise, hundreds of information security officers, many of whom have technical expertise in areas other than security.

Earlier this year, Bill Wansley of Booz Allen Hamilton warned of nation-state attacks against U.S. banks. Are his predictions now coming true? What should institutions expect in weeks ahead?

NIST's Ron Ross, one of the world's top information risk thought leaders, says new guidance he co-wrote doesn't dictate how organizations must approach risk assessment, but gives enterprises options on how to conduct risk appraisals.

Five pilot projects unveiled by the federal government, if successful, should build trust in online commerce, helping to boost the economy, says Jeremy Grant, head of the National Strategy for Trusted Identities in Cyberspace National Program office.

When it comes to cybersecurity in Delaware, Gov. Jack Markell sees his job as being the state's head cheerleader. In an interview, Markell discusses his role and the state's cybersecurity accomplishments.

The PCI Security Standards Council has issued new guidelines on mobile payment acceptance security. What are the key recommendations? The council's Bob Russo and Troy Leach discuss the new guidance.

Organizations mulling the purchase of cyber insurance should vet their brokers to see if they truly understand policies that provide breach protection, cyber liability lawyer Richard Bortnick says.

The iPhone 5 is coming, and so are a slew of new or upgraded smart phones and tablets. How should security leaders prepare for this new wave of mobility? Malcolm Harkins, CISO of Intel, offers advice.

Thor Ryan, chief security officer at the Alaska Department of Health and Social Services, offers lessons learned as a result of his organization's $1.7 million settlement following a HIPAA compliance investigation triggered by a small breach incident.

Visa's new end-to-end encryption service aims to eliminate payment card data at the merchant level. Eduardo Perez of Visa's Risk Group discusses the security value of this emerging solution.

The information security threat landscape has evolved considerably over the past six years, and it's time that organizations' defenses evolve to match them, says Tom Kellermann of Trend Micro.