Careers Information Security Podcast

Detecting and preventing advanced attacks isn't just a technology issue - it's a business risk that needs to be elevated to the highest levels of an organization. Trend Micro's Tom Kellermann shares strategies.

Vendors are rushing useful new "Internet of Things" products to market, but too often treat device security and data privacy as an afterthought, says Forrester Research analyst Andrew Rose.

Financial institutions feel the pain of recent retail breaches, and they seek new ways to secure payments and fight fraud. But how can security leaders influence changes within their own organizations?

Privacy attorney Tanya Forsheit, founding partner of the InfoLawGroup, has just joined the LA office of national firm BakerHostetler. What is her focus, and what advice does she offer attorneys entering the field?

A new impersonation scheme is taking aim at business executives to perpetuate ACH and wire fraud, says Bank of the West's David Pollino, who explains steps institutions should take now to protect their customers.

As a customer, Delaware Chief Security Officer Elayne Starkey has seen the evolution of cloud computing over the past three years to a point where she has more sway over the security terms of cloud services contracts.

Big data has been the recent buzz in security circles, but what are organizations missing by overlooking the power of "small data?" Verizon's Jay Jacobs discusses how to get the most from data analytics.

Attackers increasingly focus on software vulnerabilities in what application security expert Anthony Lim calls "the invisible onslaught." How can the CISO exert more control over software development?

When is it time to make that big move to a new job? And what's the smartest strategy? Matthew Speare of Regions, a bank holding company, talks about how to read and respond to signs that it's time for a major career change.

Attacks are more frequent, severe and complex. How can security pros defend against the entire attack continuum - before, during and after? Cisco's Bret Hartman describes a threat-centric approach.

To detect and deter today's threats, security teams need new and dynamic data analytics capabilities. Haiyan Song of Splunk discusses the analytics-enabled SOC and how to improve incident response.

"United we stand; divided we fall." That's the message from Art Coviello to kick off the 2014 RSA Conference Asia Pacific & Japan in Singapore. What advice does the RSA chair offer to global security leaders?

Enterprises should test the processes they establish to respond to advanced persistent threat attacks, just as they vet their business continuity plans, ISACA International President Robert Stroud says.

Check fraud remains the No. 3 source of losses for financial institutions, Information Security Media Group's soon-to-be-released Faces of Fraud survey shows. But fraud expert Wesley Wilhelm says behavioral analytics can help mitigate the risks.

Mobile banking brings new opportunities to institutions and customers alike - but also a host of new security risks. Jim Anderson of BAE Systems Applied Intelligence discusses the emerging landscape.

Julie Conroy once was a financial services practitioner who subscribed to Aite Group's research. Today she is one of Aite's top fraud researchers. What was her career path, and what tips can she share?

From Neiman Marcus to P.F. Chang's, 2014 has shaped up to be the 'Year of the Data Breach.' What lessons can be gleaned from the trenches of breach investigation? Experian's Michael Bruemmer shares tips.

FireEye has just appointed a privacy officer and handed him a big mission: Launch a new global privacy program. What is Shane McGee's strategy for this new role, and what will be his top challenges?

Many IT security practitioners see their work as a game, one in which they try to outsmart attackers, says Eric van Ommeren, co-author of the just-published book, Staying Ahead in the Cyber Security Game: What Matters Now.

To protect their privacy, organizations should get their IT security staffs involved in vendor-requested audits conducted to verify software licensing agreement compliance, says Gartner Research Director Victoria Barber.