Careers Information Security Podcast

Community banking institutions are at great risk of cyber-attack because they often don't think they're targeted, says Scott McGillivray of Pacific Continental Bank, who describes how to convey this risk to senior management.

Despite high-profile attacks and publicity, advanced persistent threats continue to strike organizations in all sectors. How can security leaders improve defenses? ThreatTrack's Usman Choudhary offers advice.

The way enterprises address information security will play an increasingly critical role in how cyber-insurance providers determine coverage and pricing, insurance experts told members of Congress at a recent hearing.

As data breaches continue to multiply, employers must not overlook how intrusions could lead to the theft of employees' identities, paving the way for fraud, says ID theft expert Johnny May. He will keynote the March 24 Fraud Summit Atlanta.

When Todd Davis helped found LifeLock in 2005, ID fraud was a niche consumer issue. Today it's a major enterprise risk. What are today's top fraud threats, and where are some of the surprising security gaps?

As the next wave of medical school graduates begins clinical training at healthcare organization across the U.S., it's critical these new clinicians be prepared to protect patient privacy, says healthcare attorney and professor Julie Agris.

During her first month on the job, former Secretary of State Hillary Clinton used a private email server that lacked a digital certificate that would have ensured encrypted and authenticated email communications, surmises security firm Venafi.

When IT veteran Branden Spikes founded his own company devoted to isolating browsers from attacks, he thought building the technology would be the top challenge. The venture capital community proved him wrong.

ID fraud reported by U.S. consumers dropped 3 percent in 2014 - the first decline since 2010, according to Javelin. But analyst Al Pascual says the decrease should have been much greater.

The CEO of Bit9 speaks from experience: His firm was hacked, sensitive data stolen and customers put at risk. And what's happened since represents his mission to fend off attackers, even as they refine their hacks.

Chris Buse, CISO for the state of Minnesota, says centralizing IT systems should make it easier to defend against cyber-attacks because there are fewer computing environments to protect.

Financial crimes, fraud and cybersecurity. These topics are quickly converging upon security organizations, and leaders must be prepared. FICO's Stuart Wells discusses the tools and skills needed for convergence.

This year could mark a turning point for the sharing of threat intelligence, but only if the government is able to build a framework that instills private-sector trust, says threat researcher Lance James.

Learning more about potential attackers and their preferred information targets is one of the best ways organizations can mitigate their cyber-attack risks, says Bank of the West's David Pollino, a featured speaker at ISMG's Fraud Summit LA.

Attacks are larger, adversaries more diverse, and damage is broader. These are characteristics of today's DDoS attacks, and organizations need a new approach to protection, says Verisign's Ramakant Pandrangi.

Elayne Starkey, the state of Delaware's chief security officer, no longer micromanages how cloud services providers secure state data. Find out why she's giving providers more leeway in defining security requirements.

The volume of spam messaging is down, but the bogus messages that are getting through? They're more malicious than ever, says Cisco's Jason Brvenik. He shares insights from Cisco's 2015 Security Report.

What are the top security priorities for healthcare's "CIO of the Year"? Bolstering defenses against phishing, malware and remote attacks head the list, says Sue Schade, CIO at the University of Michigan Hospitals and Health Centers.

A new federal cyberthreat intelligence center could help the government build more resilient networks and better identify cyber-attackers, leading to arrests and punishments, says Harry Raduege, a former top Defense Department IT leader.

The Anthem breach, which possibly started with a phishing campaign, is a prime example of how hackers are perfecting their schemes to target key employees who have access to valued information, says Dave Jevans of the Anti-Phishing Working Group.