Careers Information Security Podcast

A report calling for the United States electoral systems to be designated as critical infrastructure to enhance information security and integrity leads this episode of the ISMG Security Report.

A new survey shows 82 percent of organizations around the world are struggling with a shortage of staff with cybersecurity skills. Training expert Simone Petrella analyzes the survey results and spotlights the skills needed now to fight emerging cyber threats.

Swindlers trolling social media sites for customers' personally identifiable information play a critical role in facilitating banking fraud, says American Bankers Association economist Jane Yao.

This edition of the ISMG Security Report features Global Cyber Alliance CEO Phil Reitinger previewing his keynote address at ISMG's New York Fraud and Breach Prevention Summit. He explains why he believes today's approach to cyber risk management is stuck in the "Bronze Age."

Cybersecurity has emerged as a key risk factor to be weighed during the due diligence process of any merger and acquisition. How should organizations on both sides approach the process? Steve Chabinsky of CrowdStrike share strategy.

The Democratic Party platform calls for balancing privacy and security concerns, and vice presidential nominee Tim Kaine endorses the formation of a commission to advise Congress on developing digital security and encryption laws.

The new "No More Ransom" portal is designed to emphasize that police and security firms are doing whatever they can to disrupt ransomware gangs, as well as to help more victims get their data back for free, says Intel Security's Raj Samani.

CISOs face the continuing challenge of how to clearly communicate information security risk to the board and senior management. But now they can take advantage of a free metrics framework designed to help evaluate an organization's cybersecurity readiness. Phil Cracknell of ClubCISO describes the effort.

The Global Cyber Alliance is taking on small projects to come up with solutions to big cyber risk problems. "It's essentially using a startup approach to a much bigger problem," CEO Phil Reitinger, who will keynote the upcoming ISMG New York Fraud and Breach Summit, says in this interview.

A Congressional proposal that would allow HHS to offer technical assistance to private-sector efforts aimed at solving the problem of matching the right records to the right patient could pave the way for a significant breakthrough, says Lynne Thomas Gordon, CEO of AHIMA, which represents records professionals.

CISOs must be empowered to define the security architecture for smart cities. How? By securing endpoints of known and unknown device categories in the network, says David Dufour, head of security architecture for smart cities at Webroot.

Implementing a successful cybersecurity strategy in light of advanced threats calls for operationalizing three key principles: visibility, identity and risk, says Zulfikar Ramzan, chief technology officer at RSA.

Leading the latest ISMG Security Report, some security experts expect the United States government to retaliate against Moscow for interfering in the American presidential election if the Obama administration determines the Russian government was behind the hack of Democratic Party computers.

Neither ransomware nor social engineering is new, but both are more advanced and effective than ever. How can organizations improve how they detect and respond to the latest threats? James Lyne of Sophos shares insight and advice.

In light of the surge of ransomware attacks in the healthcare sector this year, security risk adviser John Pironti of ISACA offers in-depth technical advice on preparing for - and reacting to - such attacks.

Bruce Schneier, CTO of Resilient Systems, is busy exploring how IoT - the name given to computerization of everything in our lives - is changing the security world. "We're building a world-sized robot, and we don't even realize it."

Too many organizations have too many disjointed security controls, says Vijay Bharti of Happiest Minds. What do they need? An integrated cybersecurity approach that includes analytics, machine learning and a higher degree of automation.

An analysis of the GOP platform, which takes a tough stand against Chinese and Russian hackers and suggests 'hack back' as a suitable cyber defense, highlights this edition of the ISMG Security Report. Also featured: reports on mitigating Pokémon Go risks and the growth of the IT security workforce.

Security vendor Novetta recently led an independent investigation into the 2014 Sony breach. What lessons were learned, and how do they apply to today's threat landscape? Novetta's Peter LaMontagne shares key findings.

While enterprises rebuild or upgrade their security programs, they must guard against over emphasizing technology investments while neglecting staffing issues, says Ben Johnson, chief security strategist at Carbon Black.