Banking Information Security Podcast

Rebecca Herold, host of the podcast show "Data Security and Privacy with the Privacy Professor," weighs in on the state of cybersecurity and privacy education and gives her recommendations on how to remedy the many issues the security community faces today.

The latest edition of the ISMG Security Report features an analysis of how ransomware attackers share about their inclinations, motivations and tactics. Also featured: The rise of integrity attacks; dispelling vaccine myths.

David Brumley, CEO of ForAllSecure, is the creator of Mayhem, a machine that applies patching and continuous penetration testing autonomously and in real time. He discusses software flaw detection and more in this episode of "Cybersecurity Unplugged."

The latest edition of the ISMG Security Report features an analysis of the disappearance of ransomware-as-a-service groups, such as REvil and Darkside, and how that impacts the wider cybercrime ecosystem. Also featured: ransomware recovery tips; regulating cyber surveillance tools.

Macroeconomist Katheryn "Kadee" Russ analyzes how the deployment of 5G networks and technologies will lead to a change in the growth of the digital economy and digital trade.

Some 95% of today’s compromises are either zero-day exploits or malware-free attacks; that means that signature-based behavioral defenses only work for 5% of attacks, says Joe Head of Intrusion Inc. He discusses how to use massive lists of historical data to train AI to spot and stop malicious activity.

As ransomware continues to pummel organizations, if they do get hit, then from an incident response standpoint, what are the essential steps they should take to smooth their recovery? Veteran ransomware-battler Fabian Wosar, CTO of Emsisoft, shares essential steps and guidance for recovery.

This edition of the ISMG Security Report features an analysis of ongoing investigations into the use of NSO Group's Pegasus spyware to spy on dissidents, journalists, political rivals, business leaders and even heads of state - and discussion of whether the commercial spyware business model should be banned.

While some organizations are improving their ability to share threat intelligence with other entities within the same sector, cross-sector cyber info collaboration is still often a hurdle. But cyber fusion centers can help to automate that process, say Errol Weiss of the H-ISAC and Anuj Goel of Cyware.

This edition of the ISMG Security Report features an analysis of comments from the former head of Britain's GCHQ intelligence agency, Robert Hannigan, on the changing nature of ransomware attacks. Also featured: Disrupting the ransomware-as-a-service business model; supply chain security management tips.

Rob Clyde of ISACA discusses his ideas for how to raise up the next generation of "cyberwarriors" to serve on the front lines of active defense against cyberthreats.

Richard Bird of Ping Identity discusses IAM solutions and "zero trust" for the new world in which identity is the perimeter.

This edition of the ISMG Security Report features three segments on battling ransomware. It includes insights on the Biden administration's efforts to curtail ransomware attacks, comments on risk mitigation from the acting director of CISA, plus suggestions for disrupting the ransomware business model.

Since Friday afternoon, Mark Loman of Sophos has been immersed in studying the scope and impact of the ransomware attack spread through Kaseya VSA's remote management platform. And he's learned enough about it to say without reservation: This the largest ransomware attack he's seen.

This edition of the ISMG Security Report features a discussion about why the head of Britain's National Cyber Security Center says the No. 1 cyber risk is not nation-state attackers but ransomware-wielding criminals. Also featured: Western Digital IoT flaws; an FBI agent tracks cybersecurity trends.

Roger Lang, who has experience in SaaS and fintech and has invested in various cybersecurity companies, says that education is the key to making real progress on cybersecurity issues.

This edition of the ISMG Security Report features an analysis of CISA's finding that agencies could have prevented follow-on attacks after the SolarWinds supply chain attack by properly configuring firewalls. Also featured: Congressman discusses deterring nation-state attacks; insider threat mitigation tips.

Tal Kollender of Gytpol suggests a digital response comparable to the vaccine rollout in the physical world is needed to battle against the ransomware epidemic.

The number of data breach notifications jumped 140% in 2020 from the previous year, with a surge in attacks against less-regulated industries, according to Kroll's 2021 Data Breach Outlook. Brian Lapidus and Heather Williams of Kroll analyze the report's findings.

When seeking cyber insurance or other types of insurance policies that provide organizations with coverage for certain data security incidents, it's critical to carefully consider the "war exclusions" contained in those policies, says insurance attorney Peter Halprin.