Careers Information Security Podcast

Hurricane Sandy threatened buildings, staff and data alike. But it also challenged business continuity pros to be leaders. Disaster recovery expert Regina Phelps discusses seven critical skills.

It's been compared to the 'perfect storm,' but Hurricane Sandy is unlike any storm we've seen, says Alan Berman of DRI. He believes organizations have planned well for recovery.

CISOs increasingly are asked to manage both information security and risk. What new skills and tools do they need to juggle the dual role? David Sherry, CISO of Brown University, shares his views.

Top executives must be transparent with their stakeholders when their IT systems get attacked. Otherwise, their enterprises' reputations could be more severely damaged, says IBM Fellow Luba Cherbakov.

As mobile computing grows, security pros must prepare to face a new threat landscape that includes rogue marketplaces, insecure public Wi-Fi and proximity-based hacking, says Dan Hubbard, lead contributor the Cloud Security Alliance's new report, Top Threats to Mobile Computing.

Healthcare security professionals often fail to conduct comprehensive, timely risk assessments, as required by regulators. But security expert Kate Borten says they can leverage new guidance to help get the job done.

Cybersecurity thought-leader Ira Winkler has been appointed new international president of the Information Systems Security Association. What are his goals to grow the organization and its influence?

Infosec pros take note: As the overall number of "true exploits" have decreased, targeted ones - especially those initiated by criminals or nation states - are becoming harder to detect, say IBM's Rick Miller.

The gut feeling many people have about their physical security hasn't quite developed in the digital world, presenting a challenge for homeland security officials, says State of Delaware Homeland Security Adviser Kurt Reuther.

Windows 8 is coming soon. What are the security updates in Microsoft's new operating system? Which questions should security leaders weigh before upgrading? Forrester's Chenxi Wang offers insight.

Worldwide, banking institutions face evolving fraud threats. What are some of the new strategies and solutions they employ to fight back? ACI Worldwide's Patrick Higgins and Andy Morris share insights.

Delaware Chief Security Officer Elayne Starkey leads, but does not supervise, hundreds of information security officers, many of whom have technical expertise in areas other than security.

NIST's Ron Ross, one of the world's top information risk thought leaders, says new guidance he co-wrote doesn't dictate how organizations must approach risk assessment, but gives enterprises options on how to conduct risk appraisals.

Five pilot projects unveiled by the U.S. federal government, if successful, should build trust in online commerce, helping to boost the economy and create new career opportunities, says Jeremy Grant, head of the National Strategy for Trusted Identities in Cyberspace National Program office.

The iPhone 5 is coming, and so are a slew of new or upgraded smart phones and tablets. How should security leaders prepare for this new wave of mobility? Malcolm Harkins, CISO of Intel, offers advice.

The information security threat landscape has evolved considerably over the past six years, and it's time that organizations' defenses evolve to match them, says Tom Kellermann of Trend Micro.

William Henley of the FDIC has just returned to banking regulation after a two-year stint working in the private sector. How did his business experience influence his approach to enforcing compliance?

The PCI Council has released a new certification program aimed at training employees, not companies. What makes this program unique, and why is the council coming out with it now? Bob Russo explains.

To address the security and privacy challenges magnified by the velocity, volume and variety of big data, the Cloud Security Alliance has formed a big data working group. What are the group's objectives?

Which employees are most apt to commit cyberfraud, and how can organizations detect and prevent their crimes? Researcher Randy Trzeciak shares insights and tips from a new insider threat study.