Info Risk Today Podcast

What advice does the new CISO of fast-food giant McDonald's, who has served as CISO at two other major corporations, have for how to communicate with the board of directors? Tim Youngblood offers insights in this exclusive interview.

In the latest edition of the ISMG Security Report: a look at the former Equifax chief information security officer and whether her lack of academic credentials in IT or IT security is relevant to the massive breach at the credit reporting agency.

In the move to a cashless economy in India and elsewhere, improving user authentication is critical, but users are demanding ease of use, says Singapore-based Tom Wills, director at Ontrack Advisory. He describes the roles that biometrics and artificial intelligence will play.

Top IT security and information risk experts, including former RSA Executive Chairman Art Coviello, analyze the struggles Equifax faces in the wake of a massive data breach in the latest edition of the ISMG Security Report.

An ongoing series of Healthcare Security Readiness workshops reveals some key gaps in how healthcare organizations defend against cybercrime hacking. How should entities assess and mitigate these gaps? David Houlding of Intel shares insights.

A former cybersecurity analytics specialist at health insurer Anthem, which experienced a massive data breach, offers insights on key steps organizations should take to avoid becoming the next breach victim in the headlines.

A detailed analysis of the Equifax breach highlights the latest edition of the ISMG Security Report. Also, an update on Russia exploiting social media to influence the 2016 presidential vote.

In the age of ubiquitous mobility, customers' expectations have evolved - and so must an organization's approach to authentication and transaction security, says Will LaSala of VASCO Data Security.

The Equifax breach revealed on Thursday is more significant that other mega-breaches because of the nature of the data that was potentially exposed, says cybersecurity attorney Imran Ahmad. He'll be a featured speaker at ISMG's Toronto Fraud & Breach Prevention Summit on Tuesday.

Leading the latest edition of the ISMG Security Report: Observations about America's standing as a global cybersecurity leader from Christopher Painter, who until earlier this summer served as the United States' top cyber diplomat. Also, threats posed by IoT devices.

When it comes to ransomware defense, "backup, backup, backup" is the go-to strategy. But are organizations backing up the right data at the right time to enable the best ransomware recovery? Ali Mahmoud of SolarWinds MSP shares new insight on secure backup.

Cory Mazzola, a cybersecurity leader at Las Vegas Sands Corp., says recruiting security pros amid a talent shortage requires putting aside expectations about degrees and backgrounds. Instead, he says companies need to be willing to develop new skills in their new hires.

"We've been ducking bullets" when it comes to cybersecurity incidents impacting patient safety, says consultant Brian Selfridge, a former healthcare CISO, who discusses today's emerging risks.

This special edition of the ISMG Security Report features the observations of top cybersecurity experts featured at Information Security Media Group's recent Fraud and Breach Prevention Summit in New York.

A report on advances in authentication to secure a cashless economy leads the latest edition of the ISMG Security Report. Also, we analyze the record-shattering Anthem data breach settlement.

The ISMG Security Report leads with views on a novel way to fund the growth of the United States military's Cyber Command by seizing assets such as digital currencies from hackers and other criminals. Also, we offer tips on how to recruit scarce IT security pros.

Yes, malware commonly targets the Windows operating system. But if you limit malware analysis to Windows OS, you're leaving gaping vulnerabilities, says Christopher Kruegel of Lastline Inc. Here's how to maximize your analysis.

Analyzing Donald Trump's cybersecurity policy seven months into his administration highlights the latest edition of the ISMG Security Report. Also, Cybersecurity Coordinator Rob Joyce disses Kaspersky Lab on network TV.

Could proposed legislation force manufacturers and healthcare entities to put more effort into bolstering the cybersecurity of medical devices? In an interview, cybersecurity expert Joshua Corman provides in-depth analysis on the movement to improve the state of medical device security.

The latest ISMG Security Report leads with information security guru Ron Ross discussing changes coming to the National Institute of Standards and Technology's catalog of IT security and privacy controls. Also, challenges facing an upgraded U.S. Cyber Command.

The latest edition of the ISMG Security Report leads with a closer look at a new exploit kit and whether it represents a resurgence in these types of criminal packages. Also featured: a discussion of new vehicle security concerns and communications advice for CISOs.

Healthcare organizations need to consider a number of legal issues when it comes to cybersecurity incidents involving medical devices, attorney Thomas Barnard explains in an in-depth interview.

From zero-day exploits to IoT vulnerabilities to the sheer number of prospective adversaries, the threat landscape is ever-shifting. And global regulatory pressures are only mounting. How must security leaders respond? Symantec's Renault Ross offers insight.

Communication consultant Michael Santarcangelo outlines three key questions CISOs should ask at the outset of any project to convey security's value and clearly set expectations

How could the private sector benefit from steps federal agencies are taking to improve the cybersecurity of the internet of things and medical devices? In an in-depth interview, two experts at UL who are working closely with the agencies explain the potential impact.

In this latest edition of the ISMG Security Report we learn more about certain Siemens medical devices containing vulnerabilities that could allow hackers to remotely execute arbitrary code. Also: a report on Kaspersky Lab dropping its complaint against Microsoft and part 2 of an election security interview.

Healthcare organizations can learn important lessons - including the need for granular data access control - from the costly proposed settlement of the breach lawsuit against health insurer Anthem, says Bill Fox, a former federal prosecutor.

As the GDPR enforcement date edges closer, organizations remain unprepared to comply, says BitSight's Elizabeth Fischer - especially when it comes to vendor risk management. What - beyond contracts - do organizations need?

Leading the latest edition of the ISMG Security Report: An interview with the head of a new cyber initiative to help political campaigns and local, state and federal election officials safeguard America's electoral process. Also, analyzing the evolving characteristics of the healthcare breach.

The latest edition of the ISMG Security Report leads with a report on the charges brought against Marcus Hutchins, the "accidental hero" who stoped the WannaCry malware outbreak. Also featured: reports on advances in attribution and new legislation to secure vulnerable medical devices.

Mitigation efforts only go so far when it comes to breach prevention. Why are some organizations still resistant to cyber insurance? Tim Francis of Travelers Business Insurance explains.

The front line to battle Russian hackers is shifting to American courts, according to the lead story in the latest edition of the ISMG Security Report. Also, malware targets Apple's operating system and a preview of the ISMG Fraud and Breach Prevention Summit in New York.

The Medical Device Innovation, Safety and Security consortium is hoping its new network of labs operated by healthcare entities across the globe for the standardized cyber testing of medical devices will help to greatly reduce risks, say MDISS leader Dale Nordenberg, M.D., and Benjamin Esslinger of Eskenazi Health., who describe the effort.

Gartner's Avivah Litan, a featured speaker at ISMG's Fraud and Breach Prevention Summit in New York on Aug. 8, says hacker attribution is taking on new importance, as traditional methods of determining attack risk and detection linked to indicators of compromise are no longer effective.

As financial organizations deploy artificial intelligence and machine learning in the fight against money-laundering fraud, David Stewart of SAS offer tips to help separate fact from market hype when reviewing new data analytics tools.

A look by DataBreachToday Executive Editor Mathew J. Schwartz at the human element behind malware leads the latest edition of the ISMG Security Report. Also, changes in the U.S. government's healthcare breach reporting website known as the "Wall of Shame."

While the power grid malware unleashed against Ukraine could be repurposed to attack other grids, "it's not to the point yet where people should be freaking out or building bunkers or anything silly like that," says Robert M. Lee, who heads industrial cybersecurity firm Dragos.

A look at why the market for cyber insurance among small business struggles leads the latest edition of the ISMG Security Report. Also, how adware evolves into more troubling malware.

Remote access has been a concern since the dial-up days of the internet's infancy. But ubiquitous connectivity only increases enterprise security concerns, says Bomgar's Sam Elliott, who outlines six steps to secure remote access.

In an in-depth interview, two security experts go head-to-head over the appropriateness of the White House engaging the Kremlin on cybersecurity matters in light of Russia's hacking of the 2016 U.S. presidential election.

The ISMG Security Report leads with an analysis of when it would be appropriate for the United States and Russia to engage in cybersecurity negotiations. Also, how NotPetya malware attack victims continue to struggle weeks later.

How will ransomware-as-a-service develop? What IoT exploits await the enterprise? Dan Schiappa of Sophos weighs in on how the cybersecurity threat landscape is likely to develop over the next five years.

A deep dive into the takedowns of AlphaBay and Hansa, and their impact on the secretive illicit darknet marketplace, leads the latest edition of the ISMG Security Report. Also, a puzzling breach at Ricoh Australia.

A discussion on the latest happenings in the darknet marketplace leads the latest edition of the ISMG Security Report. Also, getting to the bottom of Russia's Democratic Party hack could be the ultimate goal of a lawsuit filed against the Donald Trump presidential campaign.

In an exclusive in-depth interview, Genevieve Morris of the Office of the National Coordinator for Health IT discusses the agency's plans for ramping up its efforts to advance the secure exchange of health data to improve care - and seeks feedback.

Organizations need to take a well-considered, structured approach to integrating IoT into existing information risk management processes to address security, Gartner's Ganesh Ramamoorthy explains in an in-depth interview.

Leading the latest edition of the ISMG Security Report: a report on FBI Director-Designate Christopher Wray's admission that he faces a steep cybersecurity learning curve. Also, the U.S. government restricts use of Moscow-based Kaspersky Lab Software. Is that a smart move?

The latest edition of the ISMG Security Report leads off with a multi-part report explaining why President Donald Trump sought to create a joint U.S.-Russian cybersecurity unit and then backed off. Also, ransomware's impact on emergency services providers.

The latest edition of ISMG Security Report leads with a conversation with DataBreachToday Executive Editor Mathew J. Schwartz on how the NotPetya malware spread from its Ukraine origins. Also, why tech users can't secure their systems.

The recent proposed settlement of a class action lawsuit against health insurer Anthem following a 2015 cyberattack impacting about 79 million individuals is significant for several reasons, says attorney Steven Teppler of the Abbott Law Group, who analyzes the deal.