Careers Information Security Podcast

Given the rapid spread of malware and difficulties with detection, what actions should organizations take? In this interview, Chris Novak of Verizon and Stephen Orfei of the PCI Security Standards Council offer insights.

In this latest edition of the ISMG Security Report, you'll hear an explanation why estimates from the Ponemon Institute and The Rand Corp. on typical enterprise data breach costs vary so widely. Also, analyses of a car hack, SWIFT's latest initiative to help banks mitigate fraud and the Yahoo breach.

Ransomware attacks are surging because attackers have perfected their techniques while enterprises in all sectors have failed to address critical security shortcomings, says Raimund Genes, CTO at Trend Micro.

A report on a new self-assessment tool that's intended to show whether an enterprise's cyber-risk initiative aligns with its goals and strategy leads the latest edition of the ISMG Security Report.

Because many law enforcement agencies lack cybercrime expertise, it's important for companies that have been attacked to provide as much technical and forensic information as possible to authorities to help ensure that investigations lead to arrests and prosecutions, a panel of experts says.

A roundup of the just-concluded ISMG Fraud and Breach Prevention in Toronto leads the latest edition of the ISMG Security Report. Also, how one CISO gets his security message across to the board and the challenges CISOs face during their first 100 days on the job.

The paradigm shift in security from prevention to detection and response has finally arrived in Asian markets, says Sid Deshpande, Gartner principal analyst, who shares insights on 2016 trends.

Bank watchdog Sen. Elizabeth Warren is going after Wells Fargo for violating the privacy of bank customers. This news leads the latest edition of the ISMG Security Report.

The first 100 days on the job can be daunting for security leaders as they work toward understanding the organization's posture, while at the same time defending it around the clock. Gartner's Tom Scholtz shares insights on meeting key milestones.

An analysis of U.S. Republican presidential candidate Donald Trump's understanding of cybersecurity leads the latest edition of the ISMG Security Report. Also, the U.S. federal government gets its first chief information security officer.

Cyber threat information sharing in the healthcare sector urgently needs to be standardized so organizations can take appropriate action based on the intelligence, says Jeffrey Vinson, CISO of Harris Health System, who discusses findings emerging from ongoing federally funded research.

In an interview, Greg Temm, the first chief information risk officer at the Financial Services Information Sharing and Analysis Center, says he'll focus on helping members analyze cyberthreats and expand global threat intelligence sharing.

Based on Lockheed Martin's experience in the aftermath of a data breach, the company advises organizations to diligently gather threat intelligence internally to support development of an effective mitigation strategy, says Chris Coryea, cyber intelligence specialist.

Everybody talks about threat intelligence today, but how well are they distinguishing raw data from actionable intelligence? Stephen Gates of NSFOCUS discusses cybersecurity and the new threat intelligence ecosystem.

The ISMG Security Report leads with a report on Federal CIO Tony Scott partly blaming the way Congress funds agencies for the 2015 breach of computers at the Office of Management and Budget that exposed 21.5 million records.

A report on the implications of failing to notify manufacturers of security flaws in their medical devices and a conversation with internet co-founder Vint Cerf highlight the latest edition of the ISMG Security Report.

At least some of the alleged cybersecurity vulnerabilities in St. Jude Medical cardiac devices that were found by research firm MedSec Holdings don't necessarily translate to serious clinical risks for patients, says medical device security expert Kevin Fu.

Data centers are difficult to defend, and securing the perimeter is important but of little consequence if attackers get inside. But there are ways to lock down data centers, former White House strategist Nathaniel Gleicher explains in this interview.

The way the U.S. federal government funds information technology served as a major contributor to last year's breach of computers at the Office of Personnel Management that exposed 21.5 million records, says Federal Chief Information Officer Tony Scott.

Intelligence agencies sometimes seek out and develop exploits for the very technology that their nation's organizations rely on to secure their data. In an interview, cybersecurity expert Alan Woodward offers insights on how information security professionals should respond.