Careers Information Security Podcast

The recent proposed settlement of a class action lawsuit against health insurer Anthem following a 2015 cyberattack impacting about 79 million individuals is significant for several reasons, says attorney Steven Teppler of the Abbott Law Group, who analyzes the deal.

Ransomware attacks are increasingly using multiple proven techniques to spread quickly and achieve the maximum impact before being thwarted. They are going to get bigger and target other platforms in the future, warns Justin Peters at Sophos APAC.

The latest edition of the ISMG Security Report leads with an analysis exploring how artificial intelligence can be used by hackers to threaten IT systems and by organizations to defend critical digital assets. Also, a deep dive into the NotPetya ransomware attack.

Only about half of medical device manufacturers say they follow FDA guidance for addressing cybersecurity risks, says security expert Mike Ahmadi. What about healthcare providers?

Many security leaders argue over whether their incident response posture needs to be proactive or reactive. But Rsam CISO Bryan Timmerman says it isn't either or - that organizations need both. Here's why.

Traditionally in cybersecurity, technology is the central focus. Adversaries act; security controls respond. But Richard Ford of Forcepoint says it is time to change the dynamic with a shift to human-centered security.

The latest ISMG Security Report leads off with a look at the growing industry of mobile spyware designed exclusively for governments, but often misused to track citizens and activists. Also, Australia's push to get allies to adopt tools to counter encryption.

Midway through 2017, phishing attacks are very much on the rise, namely because they are too easy to launch and far too lucrative for the attackers, says Brooke Satti Charles of IBM Security Trusteer.

In an in-depth interview, Guru Bhat, head of engineering at PayPal, describes how the online payments provider has used a mix of sophisticated automation, including machine learning, and human insight to maintain a fraud loss rate of just 0.32 percent.

The latest edition of the ISMG Security Report leads off with a look at why organizations turn to paper when critical systems can't be secured. Also, how to hack air-gapped systems over the internet.

Writing the obituary for the lifeless Neutrino exploit kit leads the latest edition of the ISMG Security Report. Also, judging the value of the Department of Health and Human Services' wall-of-shame website of healthcare sector breaches.

Data breaches will continue to plague the healthcare sector until the security mindset among senior leadership radically changes, says security and privacy expert Kate Borten.

Sixty-five percent of security leaders consider their organizations' security postures to be above average or superior. But only 29 percent are very confident in their security controls. Neustar's Tom Pageler analyzes results of Strategic Cybersecurity Investments Study.

Former U.S. CISO Gregory Touhill says the federal government must rethink how it hardens its workforce to prevent cyberattackers from succeeding. Organizations, he says, should regularly conduct cybersecurity exercises to help build their cyber defense.

Despite the efficiencies of cloud services, security remains a significant barrier of entry for many organizations. Mark Urban of Symantec offers advice to help security leaders navigate past cloud complexity and chaos.

The CEO of the company that crippled WannaCry's ransomware component explains to Congress how the worm continues to attack unpatched systems at increasing rates. Also, creating a healthcare cybersecurity framework.

Bad security habits of consumers whose use of apps is skyrocketing is leading to increased risks for businesses as they ramp up their use of apps as well, says Neil Wu Becker, a global vice president at A10 networks, who emphasizes the need to enforce best practices.

A report on security flaws found in mainframe computers leads the latest edition of the ISMG Security Report. Also, the tale of how a hacker launched his career; insights on new EU data protection regulations.

A discussion that explores the predicament many information security managers face when deciding which security technologies to buy in a glutted market leads the latest edition of the ISMG Security Report. Also: An update on cyber flaws in connected vehicles and the latest from Infosecurity Europe.

A just released update to the FFIEC's Cybersecurity Assessment Tool helps make meeting regulators' demands for "baseline" cybersecurity more attainable, says Amy McHugh, a bank adviser and former IT examination analyst for the Federal Deposit Insurance Corp.