Info Risk Today Podcast

IT security expert Marcus Ranum says RSA's offer to replace its SecurID tokens is a deal worth taking.

Authentication expert Steve Dispensa says banking institutions need to realign their authentication infrastructures to include a mix of in-band and out-of-band measures.

For nearly two years, banks and businesses across the U.S. have been plagued by a wave of corporate account takeover. And while there's no one answer, Texas bank examiner Phillip Hinkle sees ways that institutions can better detect and prevent these crimes.

What's the top threat on the minds of global IT leaders? Employee-owned mobile devices - or BYOD (bring your own device), as the trend is known. The struggle: Do mobile device benefits outweigh the organizational risks?

Quantifying the safety or danger of cyberspace is tough. But a highly respected IT security practitioner and an experienced risk management consultant have teamed to develop an index they contend reflects the relative security of cyberspace by aggregating the views of information security industry professionals.

Payment card fraud. ACH and wire transfers. ATM skimming. And especially insider crimes. These are among today's top information security threats to institutions, says banking regulator Gigi Hyland in an exclusive interview.

New authentication guidance, when it is passed down, needs more attention on mobile, says Fraud Red Team's David Shroyer,a former Bank of America security executive.

The FDIC's Donald Saxinger says vendor management programs are getting more scrutiny from regulators, especially in areas of emerging technology such as cloud computing and mobile banking.

Adam Greene, the primary author of the proposed accounting of disclosures rule mandated under the HITECH Act, describes its major provisions and offers advice on how to prepare.

As the financial industry anxiously awaits the release of new online authentication guidance from the FFIEC, experts speculate about what steps banks and credit unions should be taking now to prepare.

After one commercial customer fell victim to corporate account takeover, this institution suffered significant losses and learned that legal disputes rarely favor the bank.

The same approach governments and businesses employ to protect individuals from the dangers of secondhand smoke could be applied to safeguard cyberspace, says Scott Charney, Microsoft's vice president of trustworthy computing, engineering excellence and environmental sustainability.

With the 2011 National Defense Authorization Act (NDAA), the DOD is taking a leadership position by defining policy that emphasizes the need to protect and defend the software layer.

"Ethical hacking" - is the term an oxymoron, or is it one of today's necessities in the fight against cybercrime? Jay Bavisi, president and co-founder of the EC Council, feels strongly about why we need ethical hackers more today than ever before.

From Epsilon to Sony, recent data breaches and legislative trends tell a dramatic story about the turbulent state of privacy worldwide, according to J. Trevor Hughes, head of the International Association of Privacy Professionals.

With so much critical information being exchanged today via e-mail, now is the time to deploy next-generation e-mail encryption solutions, says Bob Janacek, CTO and founder of DataMotion.

Kirk Herath, Chief Privacy Officer at Nationwide Insurance Companies, has been in privacy management for more than a decade, and he has two main concerns about today's enterprise: Mobile technology and cloud computing.

The recent data breaches at Epsilon and Sony should send a chilling message to privacy officers everywhere. "You can't prepare enough," says Kirk Herath, chief privacy officer of Nationwide Insurance Companies.

A new Chicago health information exchange will use a cloud computing architecture with security provisions, says Terri Jacobsen, who's directing the project.

One of the unexpected impacts of the global economic crisis is that many organizations have lost their business resiliency, says Lyndon Bird, director of The Business Continuity Institute, headquartered in the U.K.