Banking Information Security Podcast

This edition of the ISMG Security Report analyzes the latest ransomware trends from the European Union Agency for Cybersecurity, findings from the first-ever Cyber Safety Review Board on the Log4j incident, and how security and privacy leaders are harmonizing new U.S. privacy laws.

Commodity markets have created a cryptocurrency bloodbath that may not be over, but Richard Bird of SecZetta says economic patterns in history show that crypto "is not invalidated as a mean of commerce and exchange." He discusses the blockchain and the possible future uses of crypto.

Data breaches in the healthcare sector cost about $10.1 million - more than double the average cost of breaches across other industries - once again ranking the sector as having the most expensive data breaches, says Limor Kessem, principal consultant of cyber crisis management at IBM Security.

The ISMG Security Report analyzes a settlement with the U.S. Justice Department, in which Uber accepts responsibility for a data breach cover-up to avoid criminal charges. It also discusses why early-stage startups are conserving cash and recent initiatives from the U.S. Federal Trade Commission.

The latest edition of the ISMG Security Report asks: Whatever happened to Russia's cyberwar against Ukraine? It also looks at the curious case of a cardiologist who's been accused of moonlighting as a developer of such notorious strains of ransomware as Thanos and Jigsaw.

Future quantum computers will decrypt encrypted data, so businesses feel pressure to find quantum-resistant security solutions for data transmission. Wells Fargo Bank's Peter Bordow discusses the state of quantum computing, approaches to quantum security, and privacy-enhancing technologies.

A new assessment framework aims to help patients, healthcare providers and others examine the various privacy, security and other risks of digital health technologies, says Tim Andrews of the nonprofit Organization for the Review of Care and Health Applications, which co-developed the framework.

The latest edition of the ISMG Security Report analyzes why the number of ransomware attacks and the amounts being paid in ransoms are both on the rise. It also discusses today's cyberthreat landscape and whether organizations should rely on user training to improve security.

Rui Ribeiro, the founder and CEO of Jscrambler, a company that monitors and obfuscates JavaScript code, discusses the proliferation of web applications that use third-party code, the liability risks that often exist, and how Jscramber's products can increase the security of all application code.

Many healthcare sector entities are undertaking projects involving the collection, analysis and sharing of large volumes of health data. But along with those efforts come critical privacy and security concerns, says attorney Iliana Peters of Polsinelli.

Moises Zagala is a 55-year-old cardiologist living in Ciudad Bolivar, Venezuela. He has a bald head and an earnest smile. In one photo, he wears a doctor's white overcoat and has a stethoscope around his neck. But U.S. prosecutors allege Zagala led a double life and claim he's also a cybercriminal.

Chaim Mazal, discusses the issues affecting CISOs, including how increased market share leads to increased problems and how having uniform, automated controls can provide security and enforce compliance.

Ransomware attackers executing double-extortion schemes very carefully choose which data to steal and leak based on victims' economic sector, says Erick Galinkin, artificial intelligence researcher at security firm Rapid7. He discusses the latest ransomware data theft trends.

How can you leverage artificial intelligence and make sense of data from different industries to determine whether a customer is creditworthy or whether an account is a mule account? Guy Sheppard, general manager of financial services at Aboitiz Data Innovation, discusses a case study.

The latest edition of the ISMG Security Report discusses how financial service organizations should respond to the new "fraud universe." It also shares how CISOs can incorporate social media into their threat intelligence programs and describes the skills required by today's security leaders.

Anneka Gupta, chief product officer at Rubrik, discusses embedding zero trust principles into how the security company provides data resilience, data observability and data recovery for organizations. She also describes the "software-first" approach of building immutability directly into software.

In today's extended enterprise, there are more endpoints than ever - and the adversaries will take advantage of any vulnerability. Nirav Shah of Cisco offers insights on the top five tips for defending these endpoints, as well as questions you need to be asking of prospective service providers.

OT security has been at the center of the security conversation ever since the Colonial Pipeline attacks. Scott Flower, the founder of Pareto Cyber and a former global intelligence officer at FS-ISAC, discusses the challenges in OT security and where the industry needs to go.

The latest edition of the ISMG Security Report describes why firewalls and VPNs don't belong in Zero Trust design. It also discusses cybercriminals' evolving ransomware tactics and the devastating price of responding to a ransomware attack, as experienced by Travelex in 2019.

The latest edition of the ISMG Security Report investigates the reboot of ransomware group Conti, which supports Russia's invasion of Ukraine. It also discusses why paying ransomware actors is a "business decision" and how to respond to the talent shortage in the financial sector.