Info Risk Today Podcast

Security spending - as a percentage of IT budgets - in recent years has been getting out of hand, says Chris Richter of Level 3 Communications, who offers suggestions for how to better keep costs under control.

In an in-depth interview, Ron Ross of the National Institute of Standards and Technology explains pending revisions of guidance on how organizations outside the U.S. government should protect sensitive federal data.

Medical device cybersecurity must be recognized as a critical public health issue so that all segments of the healthcare sector understand their roles in addressing the many complicated challenges involved, says Dale Nordenberg, M.D., of the Medical Device Innovation, Safety and Security Consortium.

Hear ISMG editors untangle the various elements in the Shadow Brokers-Equation Group saga, evaluate a new anti-ransomware tool and reflect on the 10th anniversary of the PCI Security Standards Council in this edition of the ISMG Security Report.

Sam Lodhi, director at niche services firm IBRS, speaks about adapting biological cybernetics to help management understand information security risk better and how cybernetics can be applied to other verticals.

As new schemes from hackers get more disruptive and harmful, it is critical to scale up defences, disrupt these attacks and make your organization a lesser target. Alex Holden, founder and CISO of Hold Security, tells how.

A lesson from down under: A report on unintentionally creating a distributed-denial-of-service attack aimed at oneself highlights the latest edition of the ISMG Security Report. Also, a report on interpreting HIPAA privacy standards more stringently.

The creation of sophisticated inventory systems is critical to ensuring the security of an organization's diverse medical devices, says Dale Nordenberg, M.D., who heads a medical device security consortium. Learn about the group's latest efforts in this arena.

The head of the nearly year-old ISAO Standards Organization, Greg White, describes how fledgling Information Sharing and Analysis Organizations can help create an information sharing ecosystem aimed at making IT more secure at enterprises of all sizes.

Granular patient consent policies - adopted despite HIPAA allowing certain data to be shared without explicit patient consent - can lead to less data being exchanged by healthcare entities, says researcher Julia Adler Milstein of the University of Michigan, who describes results of a new study.

A series of analytical reports on the threats posed by Russian hackers and how to create cyber defenses highlight the latest edition of the ISMG Security Report.

The legal obstacles to achieving the goal of national health information exchange can be overcome, attorney Valita Fredland, the new privacy officer of the Indiana Health Information Exchange, contends in this interview.

The FBI is investigating the compromise of the DNC and related party organizations. The big question is whether the FBI will be able to definitively attribute the various hacks to Russia. Former special agent Leo Taddeo offers investigatory insights.

Colin McKinty of security firm BAE Systems - hired by SWIFT in the wake of the $81 million heist from the Bank of Bangladesh - explains why BAE now believes the malware used in the SWIFT-related attacks is not unique.

A report on FBI Director James Comey seeking to reopen the debate over creating for law enforcement a bypass to encryption on mobile devices is among the stories featured in the latest ISMG Security Report.

The next president of the United States should establish a cabinet position focused on cybersecurity, and Congress should create a more focused approach to funding and authorizing IT security initiatives, says Larry Clinton, who heads the Internet Security Alliance.

A report calling for the United States electoral systems to be designated as critical infrastructure to enhance information security and integrity leads this episode of the ISMG Security Report.

A new survey shows 82 percent of organizations around the world are struggling with a shortage of staff with cybersecurity skills. Training expert Simone Petrella analyzes the survey results and spotlights the skills needed now to fight emerging cyber threats.

Swindlers trolling social media sites for customers' personally identifiable information play a critical role in facilitating banking fraud, says American Bankers Association economist Jane Yao.

This edition of the ISMG Security Report features Global Cyber Alliance CEO Phil Reitinger previewing his keynote address at ISMG's New York Fraud and Breach Prevention Summit. He explains why he believes today's approach to cyber risk management is stuck in the "Bronze Age."