Careers Information Security Podcast

To Brian Lapidus, COO of Kroll's Fraud Solutions group, the main threat to data security can be summed up in two words: social networking.

Researchers explore adapting geolocation technology to identify where data reside on the cloud so organizations can comply with IT security laws and regulations, RSA Chief Technology Officer Bret Hartman says.

Dmitri Alperovitch, McAfee Labs threat research vice president, discusses the company's annual threat predictions, saying: "We are seeing an escalating threat landscape in 2011."

"The environment that started by supporting whistleblowers ... is essentially morphing into 'Gee, we as an organization need to be completely transparent, whether we want to or not,'" says Cal Slemp, managing director of Protiviti.

Thwarting the insider threat entails more than knowing an individual with access to a computer, but to recognize the synergy between the individual, organization, technology and environment, I3P Research Director Shari Lawrence Pfleeger says.

2011 will be the year of more -- more sophisticated malware, more WikiLeaks-style breaches and more regulatory compliance headaches.

NIST's Ron Ross Tackles the Risk Management Framework

If Marcus Ranum were your CISO, this would be his 2011 resolution: To launch a "War Games" style exercise.

Hemu Nigam says WikiLeaks founder Julian Assange has become akin to a "cyber messiah" And Assange's followers have proven: "If you turn your back on our messiah, we are going to take you down."

No one knows risk better than the internal auditor, and so no individual has a better opportunity to add risk management value to organizations, says Richard Chambers, president of the Institute of Internal Auditors.

"Until they personally suffer pain, they don't think it is something that can happen to them," says Eric Cole, an insider threat expert and SANS Institute faculty fellow.

Will the U.S. be a leader or a follower in cyberspace in the year 2020?

The recent WikiLeaks release of thousands of sensitive government documents puts security leaders on notice: The breach threat is real, and no organization is immune.

The complexity of global compliance may be the biggest task IT security organizations face of 2011, IBM's Kristin Lovejoy says.

The information security profession is seeing a transition, as organizations focus more on filling roles related to business and information risk management.

SAP's Norman Marks: Governance, risk, compliance can improve business.

ISACA's Mark Lobel says risky online behavior is the holiday shopper's -- as well as the merchant's and financial institution's -- biggest threat.

"The purpose and needs for these is to establish those same business tools for information security professionals to enable them to make better business decisions," Center for Internet Security Chief Security Officer Steven Piliero says.

Could schools, businesses and government finally be coming together?

Neal O'Farrell: The newly created ID Theft Council aims to provide local support for victims.