Careers Information Security Podcast

A two-year-old California law requires each of some 120 state agencies to have an information security officer, but not every agency ISO is well-versed in IT security.

The role of identity and access management is as critical as ever. But the demands of the role? They are radically different, says Sam Curry, CTO of RSA, who discusses the new skills needed.

The UK Information Commissioner's Office has released a new security guide for small and midsized businesses. Simon Rice of the ICO discusses the guide and how to use it to avoid being breached.

Gartner's Tom Scholtz doesn't see a shortage of technically skilled IT security practitioners. But he perceives a dearth of infosec pros who truly understand how security links to an enterprise's business goals.

June has been declared National Internet Safety Month. What is the mission behind the designation, and how can individuals and organizations contribute to the "Stop, Think, Connect" campaign?

What is one of the most challenging job positions to fill in information security organizations today? Ask U.K. recruiter Ruth Jacobs of Barclay Simpson. Her answer just may surprise you.

Relating risk to information security initiatives can help IT security managers persuade their bosses to fund these projects, sponsors of a new survey contend.

What are the top challenges with the bring-your-own-device trend? Stephen Midgley, vice president of global marketing at Absolute Software, says the top issue is organizations not knowing where their data is located.

As BYOD continues to become more commonplace, mobile application risk management aids in identifying the risks on those devices and implementing policy to protect enterprise data, says Domingo Guerra, president and founder of Appthority.

What are the top concerns around identity and access management within organizations? Avatier Chief Innovation Officer Ryan Ward says compliance, governance and audit issues are top-of-mind.

What is business-driven identity and access management and how can it help organizations improve their security? Jason Garbis of Aveksa explains.

What's top of mind for the federal government when it comes to cloud security? David Berman of Centrify explains.

What are the top bring-your-own-device concerns enterprises are facing today? Russell Rice of Cisco explains.

Cyber-attacks are becoming increasingly difficult for organizations to defend against, says Ashar Aziz of FireEye.

The bring-your-own-device trend is a huge issue for organizations today, says Rob Ayoub of Fortinet, who offers recommendations to address the security challenges involved.

What are the top GRC concerns within organizations? John Ambra of Modulo explains.

Organizations looking to leverage multi-factor authentication should consider mobile devices for their unique capabilities, says Sarah Fender of PhoneFactor.

The attack space is changing, with more enterprise users accessing data from their mobile device, leading to a new focus on data-centric security, says Jeremy Stieglitz of Voltage Security.

A dramatic reduction in processing requirements for encryption may mean increased utilization of the technology, says Todd Thiemann of Vormetric.

Georgia Tech Research Institute is beta testing a malware intelligence system that research scientist Chris Smoak contends will help corporate and government security officials share information about the attacks they confront.