Careers Information Security Podcast

A George Mason University research fellow says the cybersecurity framework, issued earlier this year by the National Institute of Standards and Technology, is likely to cause more problems than it solves.

Verizon's latest annual breach report shows that Web application attacks increased more than malware-fueled point-of-sale intrusions in 2013, says analyst Dave Ostertag, who provides an overview of the report's findings.

Dennis Simmons, retiring CEO of SWACHA, says new career paths are being forged for IT professionals as well as legal experts who have good understandings of cybersecurity and cross-channel fraud in the world of e-commerce.

Privacy and security are vital components of all major projects that the Office of the National Coordinator for Health IT has under way, says Karen DeSalvo, M.D., the new head of the office.

Malcolm Harkins has a unique role. He oversees both security and privacy for global technology vendor Intel. What tips does he offer individuals who seek to build careers in either discipline - or both?

A notion emerging from the Heartbleed bug is that organizations can't determine if the vulnerability caused data to be exfiltrated. But CERT's Will Dormann says that may not always be the case.

Symantec's 2014 Internet Security Threat Report calls 2013 the year of the mega breach. Why? Because it's getting far too easy for the bad guys to pull off these breaches, says Symantec's Kevin Haley.

The FFIEC just issued new guidelines on DDoS risks to U.S. banking institutions. What is the substance of these guidelines, and how must banks and credit unions respond? Rodney Joffe of Neustar offers advice.

To boost cybersecurity, senior leaders - whether a CEO, a board member or a government agency director - need to think of information as a critical asset worthy of protection, risk management experts Val Rahmani and Malcolm Harkins say.

Increasingly, organizations are seeing attacks migrate from the network to the application level. How can security leaders ensure they are prepared to handle this shift? Kunal Anand of Prevoty offers insight.

Even so-called minor breaches can cost organizations nearly $200,000, according to one finding from NTT Group's annual Intelligence Report. Rob Kraus of Solutionary shares the study's insights and advice.

Years before she helped put fraudster Albert Gonzalez behind bars, Kim Peretti was an attorney who had dual interests in law and technology. How did she channel her interests into a prominent career?

Advanced threats are like the weather. Everyone talks about them, but few have a solid defense plan - or even a solid understanding of the threat landscape. Mike Nichols of General Dynamics Fidelis Cybersecurity Solutions offers insight.

(ISC)² is celebrating its silver anniversary as a global organization educating and certifying information security professionals. What are the key threats and trends driving the profession's future growth?

Retail point-of-sale breaches at Target Corp. and Neiman Marcus have put a spotlight on payment card security and encryption. But achieving true end-to-end encryption isn't easy, says data protection specialist Richard Moulds.

There have never been more career options for privacy professionals. But what are the essential skills and experience for advancement? Michelle Dennedy of Intel Security discusses her career path.

One key factor in efforts to reduce reliance on passwords for authentication will be international acceptance of the FIDO Alliance's soon-to-be released protocol for advanced authentication, says Michael Barrett, the alliance's president.

A problem federal agencies face in deploying effective continuous monitoring is that there's just too much guidance, former federal chief information security officer Patrick Howard says.

Phyllis Schneck, the Department of Homeland Security's deputy undersecretary for cybersecurity, equates the department's continuous diagnostics and mitigation initiative with a medical probe detecting an infection in the human body.

By automating data analysis, organizations can enhance their threat intelligence and lessen their workloads, says Flint Brenton, president and CEO of AccelOps.