Info Risk Today Podcast

Kevin Haley, a researcher at Symantec, says the moneymakers behind Dridex are successfully infecting thousands of users worldwide on a monthly basis, purely through spam - making Dridex the most dangerous banking Trojan on the market today.

When it comes to medical device security, healthcare organizations need to make some bold moves to improve the cybersecurity of devices used in their environments, says medical device cybersecurity expert Stephen Grimes. He'll be a featured speaker at the HIMSS 2016 Conference.

When it comes to responding to network security threats, it isn't just a matter of collecting and analyzing data. It's a question of how quickly you can put that data to work in your defenses, says Dan Holden of Arbor Networks.

Why should CISOs not report to CIOs? And why do CISOs need more direct lines of communication with CFOs? Chris Pierson, a cybersecurity attorney and CISO who'll be a speaker at RSA Conference 2016, provides answers.

Privacy looks to be one of the hottest topics at RSA Conference 2016. Cisco's Michelle Dennedy shares insights on encryption backdoors as well as the likely impact of newly revised EU privacy legislation.

It's the 25th anniversary of the RSA Conference. What's planned for this year's landmark security event? Britta Glade, senior content manager for the conference, and Informatica CISO Bill Burns offer a preview of the RSA Conference 2016 in San Francisco.

Even as the demand for security professionals grows, the outflow of practitioners from the profession is greater than the influx of fresh blood, says (ISC)² CEO David Shearer. How can this trend be effectively addressed?

In this audio report, hear Homeland Security Assistant Secretary Andy Ozment attempt to assuage concerns raised by some business leaders who fear revealing corporate secrets by participating in cyberthreat information sharing. Others also weigh in on the issues.

While the healthcare sector is finally becoming aware of the cyberthreats and risks facing medical devices, new Internet of Things health devices are quickly creating new vectors for cyberattacks, warns cybersecurity expert Tyler Cohen Wood.

It's the ultimate challenge for government agencies: How can they be both secure and compliant - especially when operating in a hybrid cloud environment? Trend Micro's Ed Cabrera offers insight into the unique challenges and emerging solutions.

Chris Rohlf, Yahoo's penetration testing and red team leader, describes how he helps the company take a proactive security approach - and the skills required to get the job done.

A new methodology for assessing whether a medical device cybersecurity issue is likely to pose a danger to patients should be available later this year, says cybersecurity researcher Billy Rios in this in-depth interview.

Mobility and IoT are acknowledged by security practitioners to be a whole different beast when it comes to management. MetricStream's French Caldwell says that GRC likewise needs to change its paradigm to accommodate this disruption.

Retailers have been at the center of high-profile breaches and an ongoing debate with banking institutions. But Brian Engle of the Retail Cyber Intelligence Sharing Center says cross-industry collaboration is helping retailers improve cybersecurity.

When is a breach not a breach? When you can prove that sensitive data has not been accessed - even off a lost or stolen device. And the way to ensure that, says former prosecutor Stephen Treglia, is through Absolute Data & Device Security.

Because cybercriminals are targeting the healthcare sector, organizations must regularly assess the security risks in all their applications, not just those containing protected health information, says risk management expert Angel Hoffman.

Despite their limited resources, smaller healthcare provider organizations must overcome "paralysis" and ramp up efforts to safeguard information systems or risk becoming potential gateways for breaches at larger organizations, says Michael Kaiser of the National Cyber Security Alliance.

A successful startup is fueled by passion, speed and innovation - all enabled by technology. Not securing this technology layer from day one can therefore have expensive consequences later. IEEE's Diogo Mónica shares security insight for startups.

Sophisticated phishing campaigns, increasingly targeted because of social media, are fueling business email compromises - a growing wire fraud scheme that is attacking businesses worldwide, says Jim Hansen of PhishMe.

Why is devising a reliable patient identifier such a critical issue? Because matching a patient to the wrong records creates serious safety risks as well as privacy problems, says CIO Marc Probst, who explains in an interview how he's tackling the issue at Intermountain Healthcare.