BankInfoSecurity.com public
[search 0]
Best BankInfoSecurity.com podcasts we could find (updated November 2019)
Best BankInfoSecurity.com podcasts we could find
Updated November 2019
Join millions of Player FM users today to get news and insights whenever you like, even when you're offline. Podcast smarter with the free podcast app that refuses to compromise. Let's play!
Join the world's best podcast app to manage your favorite shows online and play them offline on our Android and iOS apps. It's free and easy!
show episodes
Exclusive, insightful audio interviews by our staff with banking/security leading practitioners and thought-leaders. Transcripts are also available on our site!
Loading …
show series
Many companies around the world that accept card payments are failing to continually maintain compliance with the PCI Data Security Standard, according to the new Verizon 2019 Payment Security Report. Verizon's Rodolphe Simonetti, who contributed to the report, explains the findings.By BankInfoSecurity.com
One key step for preparing to comply with the California Consumer Privacy Act, which goes into effect in January, is determining how best to verify the identity of users, say two leaders of the Sovrin Foundation, who discuss the key issues.By BankInfoSecurity.com
Bala Kumar of iovation, a TransUnion company, sees a marked spike in identity fraud in general, and at account origination in particular. How does this increase manifest across industry sectors, and how should organizations re-think their defenses?By BankInfoSecurity.com
In December, PCI SSC plans to publish a new standard for solutions that enable "tap and go" transactions on merchant smartphones and other commercial off-the shelf mobile devices. Troy Leach, the council's CTO, offers insights on the role the standard will play in enhancing security for smaller merchants.…
Sprawling computing environments - from cloud to containers to serverless - are posing challenges in maintaining visibility and determining if data is secure, says Mike Adler of RSA.By BankInfoSecurity.com
The latest edition of the ISMG Security Report offers an analysis of how Twitter allegedly was used to spy on critics of the Saudi Arabian government. Also featured: A preview of the new NIST Privacy Framework and an update on business email compromise attacks.By BankInfoSecurity.com
Organizations should develop a comprehensive strategy for managing third-party security risks and avoid over-reliance on any one tool, such as vendor security risk assessment, monitoring or ratings services, says analyst Jie Zhang of Gartner.By BankInfoSecurity.com
By year's end, the National Institute of Standards and Technology should be ready to publish the first version of its privacy framework, a tool to help organizations identify, assess, manage and communicate about privacy risk, says NIST's Naomi Lefkovitz, who provides implementation insights.By BankInfoSecurity.com
The Sophos 2020 Threat Report is out, and among the key findings: Ransomware attackers continue to leverage automated active attacks that can evade security controls and disable backups to do maximum damage in minimal time. John Shier of Sophos analyzes the trends that are most likely to shape the 2020 cybersecurity landscape.…
The latest edition of the ISMG Security Report offers an in-depth analysis of how to prevent data exposure in the cloud. Plus: why PCI's new contactless payment standard lacks PINs, and how to go beyond the hype to accurately define "zero trust."By BankInfoSecurity.com
Mobile devices are attractive targets for attackers because of messages, call logs, location data and more. State-sponsored groups are digging ever deeper into mobile hacking, says Brian Robison of BlackBerry Cylance.By BankInfoSecurity.com
It's one thing to know your attackers. It's another to emulate some of their techniques so you can improve your own enterprise defenses. Craig Harber, CTO of Fidelis Cybersecurity, is an advocate of this "think like an attacker" defensive strategy.By BankInfoSecurity.com
Agile environments benefit from development platforms and open-source software, but that also raises the risks of attacks seeded in those supply chains, says Chet Wisniewski of Sophos, who describes steps that organizations can take to mitigate the risks.By BankInfoSecurity.com
Big data analytics and search tools give organizations the ability to analyze information faster than ever before. But too many organizations deactivate security controls built into Elasticsearch, Amazon S3 buckets and MongoDB when they deploy, leaving their data exposed, says Elastic's James Spiteri.…
The latest edition of the ISMG Security Report analyzes how the Russian hacking group Turla has been coopting Iranian hacking tools. Plus: Avast's CCleaner hit by second attack; sizing up draft regulations for the California Consumer Protection Act.By BankInfoSecurity.com
Al Pascual, former head of fraud and security practices at Javelin Strategy & Research, has taken on a new role as COO of a start-up company, Breach Clarity, which is offering consumers a free tool to determine the severity and implications of a data breach and what steps they should take to mitigate risk.…
Draft regulations to carry out the California Consumer Privacy Act do not go far enough to clarify ambiguities in the law, which goes into effect Jan. 1, 2020, says privacy attorney Sadia Mirza of the law firm Troutman Sanders, who encourages organizations to submit comments on the proposed regs.By BankInfoSecurity.com
What is the risk of having too many cybersecurity tools? Compromised visibility because of "tool sprawl," say Brian Murphy and Seth Goldhammer of ReliaQuest. Enterprises are now awakening to this challenge and attempting to overcome it.By BankInfoSecurity.com
The latest edition of the ISMG Security Report discusses the shutdown of DeepDotWeb. Plus, dealing with breach fatigue and the Pitney Bowes ransomware attack.By BankInfoSecurity.com
Organizations are accepting that the network perimeter no longer serves as the "ultimate defense" and thus adapting zero-trust principles, including least privilege, based on the understanding that they may already have been compromised, says Darran Rolls of SailPoint.By BankInfoSecurity.com
Robotic process automation aims to use machine learning to create bots that automate high-volume, repeatable tasks. But as organizations tap RPA, they must ensure they take steps to maintain data security, says Deloitte's Ashish Sharma.By BankInfoSecurity.com
According to Ricardo Villadiego, Lumu Technologies' Founder and CEO, organizations are "sitting on a gold mine: their own data". Under the single premise that organizations should assume they are compromised and prove otherwise, Lumu seeks to empower enterprises to answer the most basic question: Is your organization talking with adversary infr ...…
The threat and risk surface of internet of things devices deployed in automobiles is exponentially increasing, which poses risks for the coming wave of autonomous vehicles, says Campbell Murray of BlackBerry. Large code bases, which likely have many hidden software bugs, are part of the problem, he says.…
Large or small, enterprises from all sectors are dealing with the same vulnerabilities in open source code. The difference: the scale of the problem. DJ Schleen of Sonatype discusses insights from the latest ISMG roundtable dinner.By BankInfoSecurity.com
In the wake of a federal appeals court ruling last year vacating a Federal Trade Commission enforcement action against LabMD, the FTC's data security consent orders are becoming far more detailed and rigorous, says former FTC attorney Julie O'Neill.By BankInfoSecurity.com
What's the purpose of ISO 27701, the new privacy extension to the ISO 27001 information security management standard? Matthieu Grall, CISO and DPO at SodiFrance, a French IT services company, who participated in development of 27701, explains the standard and discusses "privacy by design" compliance issues.…
Law enforcement success inevitably sparks criminals to become more innovative, including shifting from centralized markets - such as Hansa and Wall Street Market - to encrypted and distributed marketplaces, says the University of Surrey's Alan Woodward.By BankInfoSecurity.com
The latest edition of the ISMG Security Report analyzes Twitter's repurposing of user phone numbers for targeted advertising. Plus: A discussion of 5G security issues and findings of the Internet Organized Crime Threat Assessment.By BankInfoSecurity.com
To ensure privacy is protected, governments need to make sure standards and regulations keep pace with the latest technology developments, including facial recognition and other forms of artificial intelligence, says Steven Feldstein, an associate professor at Boise State University.By BankInfoSecurity.com
What is a "reasonable" response to a cyber incident? Following a recent roundtable dinner discussion of the topic, Jonathan Nguyen-Duy of Fortinet discusses getting cyber right.By BankInfoSecurity.com
When it comes to identifying and stopping malicious and even accidental insider threats, organizations are often overlooking a significant gap. Nathan Hunstad of Code42 discusses how to plug this costly leak.By BankInfoSecurity.com
As part of a multi-city tour, ISMG and Sonatype visited Atlanta recently for an engaging discussion on how to mitigate risks introduced by open source code. Here's a conversation with DevOps advocate Derek Weeks.By BankInfoSecurity.com
Amidst a multi-city tour, ISMG and Sonatype visited Boston for an engaging discussion on how to mitigate risks introduced by open source software. Sonatype CMO Matt Howard discusses how the conversation highlights the offense vs. defense approaches to securing critical applications.By BankInfoSecurity.com
The latest edition of the ISMG Security Report analyzes concerns about the use of Huawei equipment by U.S. telecommunications firms. Also featured: A Huawei executive discusses 5G security, plus an update on an Australian ransomware attack.By BankInfoSecurity.com
What's it like to serve in the dual roles of CISO and DPO? Gregory Dumont, who has both responsibilities at SBE Global, a provider of repair and after-sales service solutions to the electronics and telecommunication sectors, explains how the roles differ.By BankInfoSecurity.com
ISMG and Rapid7 kicked off a roundtable dinner series in San Francisco, where Rapid7's Scott King says the conversation showcased the challenges security leaders face in engaging business leaders to discuss risk.By BankInfoSecurity.com
Microsoft's Remote Desktop Protocol is one of the most widely used utilities for connecting to remote machines. But it poses risks if organizations don't actively monitor how it's used, says Chris Morales of the security firm Vectra.By BankInfoSecurity.com
With all of the tools deployed for endpoint detection and response, enterprises today are often overwhelmed by threat intelligence, says J.J. Thompson of Sophos. To alleviate "analysis paralysis," Sophos has just launched its Managed Threat Response service. Thompson details its offerings. With all of the tools deployed for endpoint detection a ...…
What are some of the most important aspects in managing vendor security risk when taking on third parties to handle sensitive data? Mitch Parker, CISO of Indiana University Health, explains the critical steps his organization is taking in its approach to vendor risk.By BankInfoSecurity.com
Data protection officers are assuming a more strategic role that goes beyond ensuring compliance with laws and regulations, including GDPR, says Rob Masson, CEO of the DPO Center.By BankInfoSecurity.com
The latest edition of the ISMG Security Report features an analysis of Donald Trump's comments about "the server" in a discussion with the president of Ukraine. Also: insights on "privacy by design" and highlights of ISMG's Cybersecurity Summit in Toronto.By BankInfoSecurity.com
Technology companies often don't build in controls to protect privacy during the application development process, says Jason Cronk, a lawyer and privacy engineer. But using "privacy by design" principles during software development can help avoid trouble, he says.By BankInfoSecurity.com
Barracuda is out with its latest Spear Phishing Update, and among the key findings: a rise in email account takeover and lateral phishing. Why are enterprise defenses failing to detect these strikes? What new solutions will improve defenses? Barracuda's Michael Flouton shares insights.By BankInfoSecurity.com
The latest edition of the ISMG Security Report features a discussion of the controversies surrounding the release of whistleblower Edward Snowden's memoir. Also featured: An update on Lumen PDF's breach disclosure; insights on financial services identity management issues.By BankInfoSecurity.com
Deception technology has emerged as a hot practice - but not one that is necessarily on every enterprise's budgeting radar. Don Gray, CTO of PacketViper, talks about the emergence of deception technology and how security leaders can make the case - and find the budget - for its usage.By BankInfoSecurity.com
Artificial intelligence is playing an important role in the fight against payment card fraud, says Gord Jamieson, senior director of Canada risk services at Visa. He'll offer a keynote presentation on the latest fraud trends at Information Security Media Group's Cybersecurity Summit in Toronto Sept 24-25.…
Even with the uptake of cloud services, many large enterprises still hold data on mainframes, says Philip MacLochlainn of IBM. But the diversity of computing environments around mainframes is rapidly changing, which increases the risk of data breaches, he explains.By BankInfoSecurity.com
Ransomware-wielding attackers treat infecting endpoints as a business and put customer relationship management principles to work, says Bill Siegel, CEO of ransomware incident response firm Coveware. He notes criminals "go after the low-hanging fruit because it's cheap and the conversion rate is high."…
Cybercriminals are "upping their game" by stealing and then auctioning off on the dark web administrative access credentials to healthcare organizations' clinician and patient portals, says Etay Maor of IntSights.By BankInfoSecurity.com
This week's ISMG Security Report analyzes the cost of business email compromise attacks and the recent arrest of dozens of suspects. Also featured: updates on the easy availability of low-cost hacking tools and the latest payment card fraud trends.By BankInfoSecurity.com
Google login Twitter login Classic login