Careers Information Security Podcast

In the wake of high-profile breaches and data leaks, the government will pay a lot more attention to information security. Are security pros ready for this scrutiny? Professor Eugene Spafford has his doubts.

Everyone is talking about threat intelligence, but what are the characteristics that make it useful? David Duncan of Webroot offers insights on new solutions and partnerships.

Traditional fraud has evolved in complexity, changing the threat landscape dramatically. Greg Maudsley and Preston Hogue of F5 discuss new strategies to mitigate evolving threats.

As content sharing via mobile devices becomes more common, organizations must make sure security issues are adequately addressed, says Hormazd Romer, senior director of product marketing at Accellion.

Neustar is about to release a new report on the DDoS threat landscape. What are some of the key trends to watch? Neustar's Jim Fink offers a preview of the study's findings.

With enhanced analytics, organizations and law enforcement are improving their ability to trace malware attacks and other advanced persistent threats, says Eward Driehuis of Fox-IT.

While much of the security focus is on online fraud and major data breaches, organizations of all sizes and sectors are seeing a rise in phone-based fraud, says Matt Anthony of Pindrop Security.

The application programming interface is now an attack vector, which creates new security issues, warns Travis Broughton, IT architect at Intel.

As organizations expand their use of encryption to help prevent breaches, they must improve their management of cryptographic keys, says Prakash Panjwani, senior vice president at SafeNet.

Among the biggest cyberthreats enterprises face comes from hacks on consumer mobile devices, says Caleb Barlow, a director of product management at IBM Security.

Too many businesses are worried about how security might adversely affect the user experience, even among their own workforce, says Bert Rankin, chief marketing officer of ThreatMetrix.

While massive DDoS attacks were dominant in 2013, this year, smaller application-layer attacks going after such things as log-in pages and password files are far more common, says Rich Bolstridge, chief strategist, financial services, at Akamai Technologies.

While January's seemingly isolated distributed-denial-of-service attacks against JPMorgan Chase and Bank of America may have been a blip, DDoS expert Barrett Lyon says stronger attacks are on the way.

While most organizations are focusing on compliance, they are ignoring basic human-factor security risks that technology cannot fix, says Hord Tipton, executive director of the International Systems Security Certification Consortium, better known as (ISC)².

The gateway security solutions provider iBoss Network Security is enhancing its offerings by incorporating analysis of behavioral movement of traffic in and out of the network.

The increasing use of cloud-based resources requires a new approach to protection against cyberthreats, says Ashley Stephenson, CEO at Corero Network Security.

Simple credentials, such as passwords, are a hacker's best friend, says Phillip Dunkelberger of Nok Nok Labs, a founding member of the FIDO Alliance. That's why the alliance is working to reduce reliance on passwords by enabling advanced authentication.

Cisco has launched a new open source initiative focused on application identification, says Scott Harrell, vice president of the company's security business group.

The recent merger of Bit9 and Carbon Black will eventually result in a single, merged product offering, says Benjamin Johnson, CTO at Carbon Black.

CipherCloud's Paige Leidig discusses a new offering that helps enable organizations rapidly adopt a cloud application as it protects sensitive data and ensures compliance to policies and regulations.