Careers Information Security Podcast

The secure access service edge model, or SASE, treats identity as the new perimeter, says Lee Dolsen Singapore-based chief architect for Zscaler in the Asia Pacific region, who offers implementation insights.

The eHealth Initiative and the Center for Democracy and Technology are seeking feedback on their draft privacy framework that addresses gaps in legal protections for consumer health data falling outside of HIPAA's regulatory umbrella, says eHI CEO Jennifer Covich Bordenick.

Recent hacking incidents, including one targeting Twitter, are raising awareness of the importance of privileged access management, says David Boda, group head of information security for Camelot Group, operator of the U.K. National Lottery. He describes PAM best practices.

What privacy and security issues are raised by patients using smartphone apps to access health records? Attorney Helen Oscislawski and security expert Jarrett Kolthoff offer an analysis.

The latest edition of the ISMG Security Report features a discusssion with Equifax CISO, Jamil Farshchi, on the lessons learned from the credit reporting firm's massive data breach three years ago. Also featured: Australians' driver's licenses leaked; privileged access management tips.

Contact-tracing apps are continuing to take shape around the world as the COVID-19 pandemic continues. Using privacy-by-design principles is critical to building trust in these apps, says privacy expert Ann Cavoukian.

Enterprises globally recognize the challenge of third-party cyber risk, but they still struggle with the risk management. Dave Stapleton of CyberGRX discusses the elements of a mature program, including the role of risk ratings.

Hospitals and other healthcare organizations can help prevent Medicare fraud by "having robust processes in place for employees to report fraud," says fraud mitigation expert Louis Rossignuolo, managing director of investigations at Altomonte Advisory Group.

The latest edition of the ISMG Security Report analyzes the unusual case against former Uber CSO, Joe Sullivan, who was charged in connection with allegedly covering up a data breach. Also featured: CISA director on election security; insights on preventing healthcare fraud.

Many of the business continuity steps taken during the COVID-19 pandemic should be considered when crafting broader disaster recovery plans, such as those used after a hurricane, two risk management and compliance experts say.

The latest edition of the ISMG Security Report analyzes why ransomware gangs continue to see bigger payoffs from their ransom-paying victims. Also featured: Lessons learned from Twitter hacking response; security flaw in Amazon's Alexa.

Criminals are devising ways to circumvent fraud-fighting measures that use artificial intelligence, says Avivah Litan, a vice president at Gartner Research, who discusses mitigation strategies.

The growing use of biometric technology is raising concerns about privacy as well as identity theft and fraud, says attorney Paul Hales, who reviews recent legal and legislative developments.

Implementing an adaptive, risk-based authentication process for remote system access is proving effective as more staff members work from home during the COVID-19 pandemic, says Ant Allan, a vice president and analyst at Gartner.

With the surge in telehealth use during the COVID-19 pandemic, healthcare organizations must be prepared to deal with cloud security and privacy risks, says Jim Angle of Trinity Health, who is the author of a recent report from the Cloud Security Alliance.

The latest edition of the ISMG Security Report analyzes why Barclays is being investigated for allegedly spying on its employees. Also featured: How the pandemic is affecting CISOs; an FBI assessment of nation-state threats to U.S. election.

Fortinet's FortiGuard Labs is out with its latest Global Threat Landscape Report, and it tracks cyber adversaries exploiting the COVID-19 pandemic at a worldwide scale. The best response? A shift to proactive defense, says FortiGuard's Derek Manky, Chief, Security Insights & Global Threat Alliances.

The latest edition of the ISMG Security Report analyzes the hijacking of a virtual court hearing in the Twitter hacking case. Also featured: Why network segmentation is more important than ever; update on Windows print spooler vulnerability.

Too many companies that are implementing behavioral biometrics to combat fraud lack a complete understanding of how to make the most of the technology, says David Lacey, managing director at IDCARE, Australia and New Zealand's not-for-profit national identity and cyber support service.

Christopher Leone, assistant special agent in charge, United States Secret Service, offers advice to organizations on forging relationships with law enforcement as part of their cybersecurity incident preparedness plans.