Careers Information Security Podcast

The latest edition of the ISMG Security Report offers an update on how Russian bots and trolls are spreading misinformation on vaccines via social media - and the public health impact of the campaign. Plus: Tips on disaster recovery, internet of things security.

U.S. consumers now own about 870 million IoT devices. In an interview, Al Pascual of Javelin Strategy & Research, discusses the challenges involved in securing the exploding IoT landscape.

Industry analysts first coined the term Identity-as-a-Service, IDaaS in 2006. But today, the vast majority of IDaaS implementations still focus on the "A" - access management - leaving organizations to piece together the rest. IBM's Michael Bunyard discusses how to put "Identity" back in IDaaS.

Companies that want to continue doing business globally will need to take privacy much more seriously, especially in light of increasingly strict new laws, ranging from the California Consumer Privacy Act to the EU's GDPR, says privacy and security expert Michelle Robles.

The March SamSam ransomware attack in Atlanta is reported to have cost the city $17 million to resolve. The attackers had asked for a $51,000 bitcoin ransom, which the city refused to pay. But Gartner Research analyst Avivah Litan stresses that paying ransoms has more cons than pros.

Unsupervised machine learning is essential to mitigate the sophisticated cross-channel fraud techniques attackers are using to take advantage of the multiple silos and security gaps at financial institutions, says ThetaRay's James Heinzman

Leading the latest edition of the ISMG Security Report: An analysis of why it may be too late to secure the 2018 U.S. midterm elections. Also: A close look at the Anthem breach lawsuit settlement and a report on ransomware recovery lessons learned.

Although the outlook for advancing interoperable, secure national health information exchange is promising, many significant challenges still must be overcome, says David Kibbe, M.D., founding president and outgoing CEO of DirectTrust.

Tom Field and Naresh Persaud of CA Technologies reflect on key findings from their recent Executive Roundtable on Modern IAM.

Some terms of the recent $115 million settlement in the class action lawsuit against health insurer Anthem tied to a 2015 cyberattack appear underwhelming for the victims, says attorney James DeGraw, who explains why.

Kaspersky Lab has discovered a new form of malware it calls Dark Tequila that has been targeting users in Mexico and stealing bank credentials and other personal and corporate data. The malware can move laterally through a computer while it's offline, says Dmitry Bestuzhev, a Kasperksy researcher.

Tom Field and Ben Smith of RSA Security reflect on key findings from their recent Executive Roundtable on business-driven security.

A phishing attack on Wednesday fueled by the Necurs botnet targeted at least 2,700 banking institutions of various sizes in the U.S. and around the world, explains Aaron Higbee of Cofense, which detected the attack.

Leading the latest edition of the ISMG Security Report: Chris Morales of the cybersecurity firm Vectra discusses how the industrial internet of things is changing the nature of industrial espionage and disruption.

Artificial intelligence and machine learning will have a significant impact on lowering the cost of securing an organization because it will reduce the need for advanced skillsets, predicts Rapid7's Richard Moseley.

Nick Holland and Chris Mizell of Arxan Technologies reflect on key findings from their recent Executive Roundtable on mobile security

Many medical device makers appear to building better cybersecurity into their products, but some manufacturers are still avoiding fixing vulnerabilities in legacy devices that pose potential safety risks, says security researcher Billy Rios, who discusses the latest flaws in some Medtronic cardiac devices.

With the rise of the industrial internet of things comes a far broader attack surface in the manufacturing sector. Chris Morales of Vectra outlines findings of a new report on cyberattack trends in the manufacturing sector.

Ransomware. Phishing. Credential stuffing. These are among the top threats to financial institutions of all sizes. But small-to-midsized ones are particularly challenged to detect and respond to threats. Arctic Wolf's Todd Thiemann discusses the value of managed detection and response.

As the HIPAA security rule turns 20, it's time for regulators to make updates reflecting the changing cyberthreat landscape and technological evolution that's happened over the past two decades, says security expert Tom Walsh.