Data Breach Today Podcast



Exclusive, insightful audio interviews by our staff with data breach/security leading practitioners and thought-leaders


  • Ukraine Cyber Attacks: A Case of Hacktivism?


    The latest edition of the ISMG Security Report features an analysis of whether the cyberattacks that hit Ukraine's government agencies last week are attributable to any group or nation-state along with updates to the cybersecurity executive order and illicit cryptocurrency trends.

  • How Medical Device 'Ingredient Labels' Could Bolster Security


    Among the simplest things that vendors can do to help improve the cybersecurity of their products is providing better transparency, especially regarding the third-party components contained in their technology, says Rob Suárez, CISO of medical device maker Becton Dickinson.

  • Why SBOMs in the Healthcare IT Supply Chain Are Critical


    Because healthcare IT environments are so complicated, it will become essential for all suppliers to provide and maintain a software bill of materials for their products to remain relevant, says Curt Miller of the Healthcare Supply Chain Association.

  • Ransomware Gatecrashes the Apache Log4j Attack Party


    The latest edition of the ISMG Security Report features an analysis of how attackers are distributing Night Sky crypto-locking malware to exploit Log4j vulnerabilities, lessons learned from Log4j and a security flaw that affects some Tesla-built vehicles.

  • Coming Invasion? Russian Cyber Activity in Ukraine Escalates


    The latest edition of the ISMG Security Report features an analysis of the recent surge in Russian cyber interference in Ukrainian government and civilian networks, the impact of China's privacy law, and the battle against cryptocurrency cybercrime.

  • 2021 End-of-Year Special: Examining Biden's Executive Order


    The latest edition of the ISMG Security Report features highlights from interviews in 2021 and examines President Joe Biden's executive order on cybersecurity, ransomware response advice and assessing hidden business risks.

  • How Evolving Privacy Regulations Affect Consumer Health Apps


    Health technology providers - including makers of mobile health apps, personal health records, fitness devices and other related products - must keep a watchful eye on critical evolving privacy and regulatory issues in the months ahead, says attorney Brad Rostolsky of the law firm Reed Smith.

  • DevSecOps in Healthcare: Critical Considerations


    As healthcare entities set out to better secure cloud application development and management, there are several critical considerations they must not overlook. Key among these: "the need to move to a DevSecOps model in the first place," says Adrian Mayers, CISO of health insurer Premera Blue Cross.

  • Preventing 'Rogue Device' Attacks: A Case Study


    Preventing rogue device attacks is a critical component of Baptist Health's zero trust strategy, says Michael Erickson, CISO of the healthcare delivery system, which operates nine hospitals and other care facilities in Kentucky and Indiana.

  • Why Healthcare Will Remain a Top Cyberattack Target in 2022


    Two years into the pandemic, pharmaceutical firms remain a top target for cybercriminals, and that trend will undoubtedly persist in 2022, says Paul Prudhomme, a former Department of Defense threat analyst who is now a researcher with cybersecurity threat intelligence firm IntSights.

  • Medical Device Incident Response: Patient Safety Concerns


    The Cloud Security Alliance's new medical device incident response playbook aims to help healthcare entities plan for security incidents involving different types of devices, taking into consideration varying patient safety issues, say co-authors Christopher Frenz of Mount Sinai South Nassau and Brian Russell of TrustThink.

  • Fighting the Serious Apache Log4j Flaw: What's the Latest?


    The latest edition of the ISMG Security Report features an analysis of the most recent developments in the Log4j security flaw crisis, ransomware-era incident response essentials and what to expect from cybersecurity in 2022.

  • Making Cybersecurity Marketing People-Centric


    Sherry Lowe, who has been in senior leadership in the marketing space for over a decade, focuses on not letting metrics kill marketing. She discusses injecting more creativity into cybersecurity marketing strategy and standing out in a market full of look-alikes.

  • Log4j Special: What You Need to Know


    The latest edition of the ISMG Security Report features an analysis of the Log4j security flaw, including the risks and mitigation techniques, how to patch Log4j, and CISO Dawn Cappelli on Log4j response.

  • Log4j Zero-Day: 'It's About as Serious as It Gets'


    How serious is the Apache Log4j zero-day vulnerability that was announced to the world on Friday? "It's big," says Sam Curry, chief security officer at Cybereason, which has developed a "vaccine" to help. "I hate hyperbole generally," Curry says. "But it is a 10 on the criticality scale."

  • Western Governments Gunning for Ransomware Infrastructure


    The latest edition of the ISMG Security Report features an analysis of how the U.S. military has been "imposing costs" on ransomware groups. Also featured: a twist in the case of the Missouri governor vs. an alleged "hacker," and CyberTheory's Steve King on "why Zero Trust?"

  • The 'Doctor of Zero Trust' Says 'Change and Get Better'


    With the support of the recent executive order on improving the nation's cybersecurity, Zero Trust strategy is gaining greater recognition. But there is still a degree of resistance to Zero Trust adoption. Dr, Chase Cunningham, CSO of Ericom, discusses this and other issues around Zero Trust.

  • The Ransomware Files, Episode 3: Critical Infrastructure


    Cybersecurity experts worry about attacks and ransomware directed at the 70,000 water and wastewater facilities in the U.S. In November 2020, the Hampton Roads Sanitation District was infected with Ryuk ransomware. Fortunately, its operational technology systems were unaffected, and it recovered.

  • Need to Negotiate a Ransomware Payoff? Newbies: Start Here


    The latest edition of the ISMG Security Report features an analysis of best practices for negotiating a ransom payment. Also featured: Busting Zero Trust myths and the dangers of mythologizing defenders.

  • Cybersecurity Unplugged: Improving Healthcare Security


    In this episode of "Cybersecurity Unplugged," Dan Bowden, CISO at Sentara Health, discusses telemedicine, IoMT, and explains why we’re lagging so far behind in healthcare security. "It’s because of how the data is managed, data standards, data integrity."

página 1 de 124