Inforisktoday com public [search 0]
Best inforisktoday com podcasts we could find (Updated October 2019)
Join millions of Player FM users today to get news and insights whenever you like, even when you're offline. Podcast smarter with the free podcast app that refuses to compromise. Let's play!
Join the world's best podcast app to manage your favorite shows online and play them offline on our Android and iOS apps. It's free and easy!
show episodes
Exclusive, insightful audio interviews by our staff with info risk/security leading practitioners and thought-leaders
Loading …
show series
What's the purpose of ISO 27701, the new privacy extension to the ISO 27001 information security management standard? Matthieu Grall, CISO and DPO at SodiFrance, a French IT services company, who participated in development of 27701, explains the standard and discusses "privacy by design" compliance issues.…
The latest edition of the ISMG Security Report analyzes Twitter's repurposing of user phone numbers for targeted advertising. Plus: A discussion of 5G security issues and findings of the Internet Organized Crime Threat Assessment.By
To ensure privacy is protected, governments need to make sure standards and regulations keep pace with the latest technology developments, including facial recognition and other forms of artificial intelligence, says Steven Feldstein, an associate professor at Boise State University.By
What should healthcare organizations know about complying with the breach notification and data security requirements of New York's SHIELD Act? And how does the new law compare with HIPAA? Jon Moore, chief risk officer at consulting firm Clearwater, explains.By
What is a "reasonable" response to a cyber incident? Following a recent roundtable dinner discussion of the topic, Jonathan Nguyen-Duy of Fortinet discusses getting cyber right.By
When it comes to identifying and stopping malicious and even accidental insider threats, organizations are often overlooking a significant gap. Nathan Hunstad of Code42 discusses how to plug this costly leak.By
As part of a multi-city tour, ISMG and Sonatype visited Atlanta recently for an engaging discussion on how to mitigate risks introduced by open source code. Here's a conversation with DevOps advocate Derek Weeks.By
Amidst a multi-city tour, ISMG and Sonatype visited Boston for an engaging discussion on how to mitigate risks introduced by open source software. Sonatype CMO Matt Howard discusses how the conversation highlights the offense vs. defense approaches to securing critical applications.By
Organizations must take a number of critical steps to prepare a response to ransomware attacks before they hit, says Caleb Barlow, the new president and CEO of security consulting firm CynergisTek, who offers a guide.By
Healthcare organizations can take steps to start mitigating risks while awaiting vendor software patches to address URGENT/11 IPnet vulnerabilities in their medical devices, says researcher Ben Seri of security firm Armis, which identified the flaws.By
The latest edition of the ISMG Security Report analyzes concerns about the use of Huawei equipment by U.S. telecommunications firms. Also featured: A Huawei executive discusses 5G security, plus an update on an Australian ransomware attack.By
What's it like to serve in the dual roles of CISO and DPO? Gregory Dumont, who has both responsibilities at SBE Global, a provider of repair and after-sales service solutions to the electronics and telecommunication sectors, explains how the roles differ.By
ISMG and Rapid7 kicked off a roundtable dinner series in San Francisco, where Rapid7's Scott King says the conversation showcased the challenges security leaders face in engaging business leaders to discuss risk.By
Microsoft's Remote Desktop Protocol is one of the most widely used utilities for connecting to remote machines. But it poses risks if organizations don't actively monitor how it's used, says Chris Morales of the security firm Vectra.By
With all of the tools deployed for endpoint detection and response, enterprises today are often overwhelmed by threat intelligence, says J.J. Thompson of Sophos. To alleviate "analysis paralysis," Sophos has just launched its Managed Threat Response service. Thompson details its offerings. With all of the tools deployed for endpoint detection a ...…
What are some of the most important aspects in managing vendor security risk when taking on third parties to handle sensitive data? Mitch Parker, CISO of Indiana University Health, explains the critical steps his organization is taking in its approach to vendor risk.By
Data protection officers are assuming a more strategic role that goes beyond ensuring compliance with laws and regulations, including GDPR, says Rob Masson, CEO of the DPO Center.By
The latest edition of the ISMG Security Report features an analysis of Donald Trump's comments about "the server" in a discussion with the president of Ukraine. Also: insights on "privacy by design" and highlights of ISMG's Cybersecurity Summit in Toronto.By
A new resource designed to help healthcare organizations of all sizes engage in cybersecurity information sharing is now available. Errol Weiss, who helped create the "cybersecurity matrix," describes how to use it.By
Technology companies often don't build in controls to protect privacy during the application development process, says Jason Cronk, a lawyer and privacy engineer. But using "privacy by design" principles during software development can help avoid trouble, he says.By
Barracuda is out with its latest Spear Phishing Update, and among the key findings: a rise in email account takeover and lateral phishing. Why are enterprise defenses failing to detect these strikes? What new solutions will improve defenses? Barracuda's Michael Flouton shares insights.By
The latest edition of the ISMG Security Report features a discussion of the controversies surrounding the release of whistleblower Edward Snowden's memoir. Also featured: An update on Lumen PDF's breach disclosure; insights on financial services identity management issues.By
Deception technology has emerged as a hot practice - but not one that is necessarily on every enterprise's budgeting radar. Don Gray, CTO of PacketViper, talks about the emergence of deception technology and how security leaders can make the case - and find the budget - for its usage.By
Artificial intelligence is playing an important role in the fight against payment card fraud, says Gord Jamieson, senior director of Canada risk services at Visa. He'll offer a keynote presentation on the latest fraud trends at Information Security Media Group's Cybersecurity Summit in Toronto Sept 24-25.…
Even with the uptake of cloud services, many large enterprises still hold data on mainframes, says Philip MacLochlainn of IBM. But the diversity of computing environments around mainframes is rapidly changing, which increases the risk of data breaches, he explains.By
Ransomware-wielding attackers treat infecting endpoints as a business and put customer relationship management principles to work, says Bill Siegel, CEO of ransomware incident response firm Coveware. He notes criminals "go after the low-hanging fruit because it's cheap and the conversion rate is high."…
Cybercriminals are "upping their game" by stealing and then auctioning off on the dark web administrative access credentials to healthcare organizations' clinician and patient portals, says Etay Maor of IntSights.By
This week's ISMG Security Report analyzes the cost of business email compromise attacks and the recent arrest of dozens of suspects. Also featured: updates on the easy availability of low-cost hacking tools and the latest payment card fraud trends.By
Insider threats are difficult to counter. What happens when an employee goes rogue, and how do you catch them? Charles Carmakal of Mandiant, who says his firm is dealing with more insider threat investigations, shares tips for better defenses.By
In the past year, cybercriminals behind two of the biggest ransomware attacks have abandoned other techniques in favor of exploiting remote desktop protocol. Matt Boddy of Sophos explains why RDP attacks are so popular - and what you can do to discourage them.By
This week's ISMG Security Report takes a close look at whether an iPhone hacking campaign may be linked to Android spying campaigns by China. Plus: Do ransomware gangs target organizations that have cyber insurance?By
ISMG and Cybereason visited Dallas on their "Indicators of Behavior" roundtable dinner tour. And Cybereason CSO Sam Curry says the discussion validated the notion that it's time to reimagine incident detection and response.By
Security needs to be reinvented for the internet of things, and start-up companies can play a critical role, says Robin Saxby, the former CEO and founder of Arm Holdings, a U.K.-based semiconductor company, who now invests in start-up firms.By
What role does security play in an enterprise's digital transformation? ISMG and Nominet recently raised this question to a group of security leaders in Las Vegas. The answers were eye-opening. Stuart Reed of Nominet shares his reaction to the roundtable discussion.By
The latest edition of the ISMG Security Report offers an analysis of how French cyber police disrupted a cryptomining malware gang. Also featured: Apple's botched patching of a jailbreaking vulnerability; an industry veteran's insights on battling payment card fraud.By
Artificial intelligence and machine learning must be judiciously used, such as when monitoring internet of things devices, says David De Roure, professor of e-research at the University of Oxford, who offers insights on IoT risk management.By
The latest edition of the ISMG Security Report analyzes the ransomware attack on Texas municipalities as part of a broader trend. Also featured: An initiative designed to safeguard the 2020 presidential elections and a CIO's third-party risk management efforts.By
Hunterdon Healthcare in New Jersey is shifting applications to cloud providers in order to tap into security capabilities and innovation that doesn't run as deep in the integrated healthcare delivery system's own technology team, says Jason Tahaney, the organization's director of IT.By
As the healthcare industry undergoes its own digital transformation, security is more important than ever. Okta's Nick Fisher says a zero trust model can keep hospitals and patients healthy when it comes to protecting their data.By
Account takeover continues to be a lucrative path for fraudsters across all industry sectors. But Scott Olson of iovation says there are different levels of defense that can be deployed, based on the risk of specific types of transactions.By
Inspira Health has taken several key vendor risk management steps to help ensure patient data is protected, says CIO Tom Pacek, who describes the effort in this interview.By
Organizations looking to implement behavior-centric security must set clear goals for the business outcomes, says David Coffey, senior vice president of engineering at Forcepoint, who offers tips.By
What are some of the moves that organizations can make to improve their identity and access management? Veda Sankepally, an IT security manager at managed care company Molina Healthcare, describes critical steps in this case study interview.By
Why is fraud that originates on mobile devices growing at such a rapid rate? Brooke Snelling and Melissa Gaddis of iovation offer an analysis in this joint interview.By
An A-list of cyber experts, including former Homeland Security Secretary Jeh Johnson, has put its weight behind U.S. CyberDome, a nonpartisan initiative to protect presidential campaigns against foreign influence. Matthew Barrett, a former NIST leader and co-founder of CyberDome, outlines how this group is gearing up.…
This edition of the ISMG Security Report discusses the latest improvements in deception technology and how best to apply it. Also featured: a report on the growth of mobile fraud, plus insights on Merck's experience recovering from a NotPetya attack.By
A new professional credential aims to help healthcare organizations bolster their security leadership bench strength, says William Brad Marsh, co-chair of a committee that developed the certification.By
IoT, the cloud, third-party risk - we hear a lot about how the cybersecurity risk surface and threat landscape have evolved. But what about the new business demands on cybersecurity leaders? Christopher Hetner, former global CISO at GE Capital, shares insights.By
Fortinet's FortiGuard Labs global threat research team is creating research playbooks that provide deep-dive analysis of not only threat trends, but also cybercriminal and adversary tools and techniques. Derek Manky and Tony Giandomenico discuss the playbook model and how it can help in the fight against cybercrime.…
Former Secret Service agent Jeff Dant now heads fraud operations and intelligence for the financial crimes unit at BMO Financial Group. Which threats and threat actors does he focus on, and how does his law enforcement experience help? Dant previews a session at the upcoming Cybersecurity Summit in New York.…
Google login Twitter login Classic login