Careers Information Security Podcast

Jason Clark, CSO of Websense, has met recently with 400 CSOs. In a pre-RSA Conference interview, he discusses how security leaders can be more effective when facing mobile security and other challenges.

NIST's Ron Ross will be quite busy at RSA Conference 2012, not only promoting revised guidance on security and privacy controls to be unveiled at the securing conclave, but also participating in a panel on one of his favorite topics: continuous monitoring.

What are the top emerging fraud threats to banking institutions via mobile banking, and how must security leaders respond? Julie McNelley of the Aite Group offers tips for fighting the newest threats.

To build an effective information security program, organizations and leaders need to take seven essential steps, including updating a risk assessment, says consultant Tom Walsh.

When Google amended its policy, suddenly everyone was talking about privacy. How do privacy officers turn these discussions to their advantage? Kirk Herath of Nationwide Insurance has some ideas.

What does a U.S. patent protect, and why should security leaders care? Attorney James Denaro details the risks and the questions you need to ask about the cybersecurity technologies you use.

What are the critical steps that IT security professionals should take in the aftermath of a breach? CEO Micky Tripathi of The Massachusetts eHealth Collaborative offers eight practical lessons based on his breach resolution experience.

You know your company's social media policy is a good one when it starts sounding less like a checklist and more like common sense, says Sherrie Madia, social media expert and author.

Identifying the insider who could pose a threat to your organization's IT assets must be a team effort among non-technology, IT and information security managers, Carnegie Mellon University's Dawn Cappelli and Mike Hanley say.

Criminal background checks for prospective employees - smart move, or discriminatory practice? Attorney Lester Rosen answers this question and details 2012's top 10 trends in background checks.

Securing senior management buy-in from the top of the organization is significant for executives managing the myriad of privacy laws in different regions of the world, says attorney Miriam Wugmeister.

When it's time to stand up in court and discuss forensic evidence in a legal matter, you need someone who knows your business best, says Greg Thompson, VP enterprise security services at Scotiabank Group.

Malcolm Harkins, CISO of Intel was quick to embrace BYOD as a means to cut costs and improve employee productivity. His advice to leaders struggling with the trend: "Don't shy away from the risk issues."

Complexity is among the most significant information risk challenges IT security practitioners face. Mobile and cloud computing, new technologies, outsourcing and growing threats from malware and people make managing risk more complex.

Security leaders will need to tackle the top technology trends of big data, consumerization and mobile growth in 2012. Robert Stroud from ISACA offers tips to help manage the risks presented by these trends.

How can government agencies protect against new and trending cyber attacks? What are today's top application security trends and threats? Robert Haas of HP has expert insight and tips.

Fraud threats have changed little in the past decade. But their global scale has, and James Ratley, president of the ACFE, details how fraud examiners must change their approach to fighting these crimes in 2012.

Information risk management, at its core, is about tradeoffs, says NIST Senior Scientist Ron Ross.

If management awareness of information security issues increases, will an organization's commitment to securing practices and policies also increase? This is the question answered by an eye-opening new study.

Every organization likes its business continuity/disaster recovery plan before a disaster, says Al Berman of DRI International. But in the aftermath? Different story - and one that must be addressed in 2012.