Info Risk Today Podcast

Mobile banking and social networks are expected to pose new security threats in the payments space; and one small-business advocate says it's time for regulatory reform to solve the corporate account takeover problem.

This week's top news and views: Conscripting cybersecurity experts to protect IT, State battles data leakage and President Obama signs bill to reorganize the National Institute of Standards and Technology.

This week's top news and views: Permanent EHR Certification Plan Unveiled; HIPAA Enforcement: When?; A New Authentication Strategy.

To Brian Lapidus, COO of Kroll's Fraud Solutions group, the main threat to data security can be summed up in two words: social networking.

Attorney L.T. Lafferty: New schemes exploit hidden opportunities.

Gemalto's Jania says NFC on mobile devices is paving the way for EMV-like payments in the U.S., and 2011 is the year.

Geisinger Health System is changing its approach to user authentication for its various portals, says Dave Young, IT director of web services.

Researchers explore adapting geolocation technology to identify where data reside on the cloud so organizations can comply with IT security laws and regulations, RSA Chief Technology Officer Bret Hartman says.

This month's most compelling news and views: top 10 government IT security stories of 2010, four components on the insider threat, pragmatic optimist Howard Schmidt and failure to enact major cybersecurity bill foreseen. And don't miss our audio week-in-review podcast by Executive Editor Eric Chabrow

Dmitri Alperovitch, McAfee Labs threat research vice president, discusses the company's annual threat predictions, saying: "We are seeing an escalating threat landscape in 2011."

2011 will be the year of more -- more sophisticated malware, more WikiLeaks-style breaches and more regulatory compliance headaches.

Devising strategies for ensuring social media are not used in ways that violate patient privacy is one of the top trends for 2011, says Lisa Gallagher, senior director of privacy and security at the Healthcare Information and Management Systems Society.

"What's interesting is that the criminals are now using cryptographic technology to protect the card information they steal, and that's posing challenges for detection and law enforcement," says Jeremy King of the PCI Security Standards Council.

NIST's Ron Ross Tackles the Risk Management Framework

"As more channels connect to ACH, it will become the preferred route for banks to process transactions," says Steve Kenneally of the American Bankers Association.

This week's top news and views: Wire fraud costs a Missouri escrow company $440K, internal auditors add risk-management value.

This week's top news and views: Wire fraud costs a Missouri escrow company $440K, internal auditors add risk-management value.

Unfettered access to state data "is the kind of stuff that causes me to lose sleep at night," Delaware CSO Elayne Starkey says, in explaining new, stringent rules to let employees use their own smart phones to access state networks.

Aite Group's Julie McNelley says financial institutions cannot wait to invest in mobile payments innovations.

SAP's Norman Marks: Governance, risk, compliance can improve business.