Info Risk Today Podcast

Ramped up HIPAA enforcement is a big reason behind the No. 1 information security priority for the coming year: improving regulatory compliance, says attorney Adam Greene.

Bank of America's Keith Gordon says securing the mobile channel is much like securing any other banking channel: Controlling risks requires layers of security and controls. But educating customers plays a key security function, too.

Javelin's Mary Monahan says the mobile tablet will revolutionize banking and payments.

Giving back to the community. It's a civic responsibility, says Dan Waddell of Tantus Technologies. But it's also a necessity to help raise cyber awareness. Waddell explains how security pros can give back.

One reason why so many healthcare organizations are not well-prepared to counter security threats is that "key leadership has not bought into the whole process," says Bob Krenek of Experian® Data Breach Resolution.

Penetration tests that demonstrate how an unauthorized user could gain access to patient information can be effective in winning support for a bigger information security budget, says David Kennedy of Diebold, Incorporated.

In the near future, financial institutions will have new opportunities for service in emerging payments. How they define their roles, however, will depend greatly on steps they take now to put a stake in the ground.

Harry Raduege sees the nascent field of cyber intelligence as a way for governments and businesses to be proactive, and not reactive, to today's sophisticated digital threats.

"It is clear that Internet technology represents the moment of a change equivalent to the change brought on by the printing press and the steam machine," says Kosta Peric of SWIFT.

Honolulu CIO Gordon Bruce, bolstered by an international conference, is working energetically to expand digital and physical security.

ID theft expert Joanna Crane wonders whether banks, government agencies and healthcare providers do enough to assist consumers with ID theft recovery, saying consumer expectations are often loftier than what's being done to meet the demand.

The only way to improve card security is for banks and merchants to align their strategies, says Gray Taylor of NACS. "This is something that hurts both of our industries. Fraud hurts us all."

Pradeep Moudgal of California-based SVB says the bank's decision in June to migrate commercial credit cards over to EMV was easy. "The biggest advantage of the chip card, at the end of the day, is to reduce fraud," he says.

Roger Baker, CIO at the VA, says desktop computers will eventually phase out, as mobile devices become predominant channels for communication and work. That evolution has made plans for ongoing mobile security a priority for organizations that cross every business sector.

How much crossover should banking institutions rely upon as they evaluate authentication standards for retail vs. commercial accounts? Online security expert Christopher Beier offers insights.

Gray Taylor of NACS says retailers spend billions every year to fix a broken payments system. And the primary culprit is the lingering mag-stripe.

Roger Baker, CIO at the Department of Veterans Affairs, outlines the department's mobile device security strategy, providing details on the rollout of iPhones and iPads.

Mike Brown and Amry Junaideen see audits as great tools to promote heftier IT security budgets, substantiating where dollars should be spent to safeguard an organization's information systems and assets.

Winn Schwartau says the BlackBerry disruption this past week (see BlackBerry Disruptions: Where to Start?) hit at the heart of one of the fundamentals of IT security: availability.

When Mano Paul of (ISC)2 discusses today's top application security challenges, he draws an analogy with sharks. And what he views as the skills needed to tackle today's top threats might surprise you.