Careers Information Security Podcast

Although the growth of cloud-based data centers offers opportunities to more rapidly deploy applications, it also raises new security issues, says Steve Pao, senior vice president at Barracuda Networks.

Researchers at Dell SecureWorks have identified some 146 unique malware families that are targeting cryptocurrencies. Approximately 100 of those have emerged in just the last year, says Pat Litke, security analysis adviser for the company's CyberThreat unit.

Log analysis is often used for managed security, but are organizations going far enough with the information they have at their fingertips? Don Gray, chief security strategist for Solutionary, says there is much more organizations could be doing to predict breaches.

Improving the security of medical devices requires the collaboration of healthcare organizations, manufacturers, regulators and patients, says researcher Ryan Kastner, who outlines action items.

Advanced, ever-evolving threats call for security solutions vendors to counter with equally advanced and sophisticated solutions. JD Sherry of Trend Micro discusses new strategic alliances and product sets dedicated to creating new measures of threat defense.

Two critical steps that banking institutions need to take in 2014 to help prevent fraud are implementing big data analytics and adopting far more sophisticated customer and employee authentication, says Gartner analyst Avivah Litan.

In a groundbreaking effort to boost security, HSBC Bank USA is now requiring its retail banking customers to use dual-factor authentication for certain sensitive online banking transactions, says LuAnne Kingston, senior vice president.

Distributed generation and plug-in motor vehicles are among the emerging security challenges to the smart grid. In an RSA 2014 preview, Gib Sorebo of Leidos discusses the threats to utilities and consumers.

What is the venture capital view of the security trends and technologies that will have the most impact on careers in 2014? Alberto Yépez of Trident Capital weighs in with his insights and predictions.

Editor's Note: Excerpts of this interview appear in ISMG's Security Agenda magazine, distributed at RSA Conference 2014. Privacy should be built into the design of all healthcare information technology and related processes, says Michelle Dennedy, who's writing a book on the concept of "privacy by design."

Employing quantum physics, Yi-Kai Liu, a computer scientist at the National Institute of Standards and Technology, is attempting to devise a way to create a one-shot memory device that could help secure transactions or administrative passwords.

Organizations in all sectors can improve their compliance with the PCI Data Security Standard by taking five critical steps, says Rodolphe Simonetti of Verizon Enterprise Solutions, which just issued a new PCI compliance report.

A new identity fraud study shows that consumers who are victims of a payment card breach are at greater risk of fraud than victims of other types of breaches, says Al Pascual of Javelin.

Expanded with more educational tracks and sessions on emerging hot topics, the 2014 edition of the RSA Conference will be the largest ever, says Hugh Thompson, program committee chair.

The PCI Security Standards Council has no plans to modify its standards for payment card data security in response to high-profile payment card breaches at Target and Neiman Marcus, says Bob Russo, the council's general manager.

Now that he's taken on the job of CISO of a software vendor, Jennings Aske, the former info security and privacy officer at Partners HealthCare, talks about dealing with compliance issues from the new vantage point of a business associate.

Amidst draft legislation and the fallout of large-scale breaches, now is both the best and worst of times for privacy, says Trevor Hughes of the IAPP. What are the best career opportunities for privacy pros?

Cybercriminals exploiting weaknesses in how users employ passwords is a significant factor behind an increase in records exposed in breaches during 2013, says Craig Spiezle of the Online Trust Alliance.

A new, free iPhone app is designed to help organizations navigate 46 state data breach notification laws as well as federal statutes, such as HIPAA, attorney Scott Vernick says.

Technology is the biggest challenge to ethics and compliance in organizations today, says Deloitte's Keith Darcy. "We have the capacity to do things before we ever consider the ethical consequences ..."