Data Breach Today Podcast

From Neiman Marcus to P.F. Chang's, 2014 has shaped up to be the 'Year of the Data Breach.' What lessons can be gleaned from the trenches of breach investigation? Experian's Michael Bruemmer shares tips.

Many IT security practitioners see their work as a game, one in which they try to outsmart attackers, says Eric van Ommeren, co-author of the just-published book, Staying Ahead in the Cyber Security Game: What Matters Now.

To help defend their organizations, security professionals should devote more attention to attack vectors rather than specific threats, says Stephen Pao of Barracuda Networks.

A common framework for communicating threats and alerts among security vendors' systems would bolster efforts to protect consumers' information, says David Duncan of Webroot.

Despite recent high-profile breaches, organizations are not buying cyber-insurance policies at explosive rates. But Gartner's cyber-insurance expert Juergen Weiss says that might not be a bad thing.

Using big data to fight fraud is a challenge for most organizations. Andreas Baumhof of ThreatMetrix explains how context-based authentication combines fraud and security to leverage the use of big data.

Not all malware strains pose equal threats to an organization. So, how does one distinguish the most dangerous forms? Through layered security controls, says Julian Waits, CEO of ThreatTrack Security.

IT and security groups may know the same technical terms, but they don't always speak the same language. Don Gray of Solutionary discusses how security leaders can help bridge the communications gap.

Security is built into most applications developed today. But how does one go back and secure legacy apps in one's environment? Kunal Anand of Prevoty shares insight on this often-overlooked challenge.

Does BYOD really stand for Bring Your Own Disaster? JD Sherry of Trend Micro discusses the latest mobile security trends and threats, including the evolution of ransomware and the Internet of Things.

Following Target and other high-profile breaches, CEOs and boards have three key questions for security leaders. Coalfire's Rick Dakin reveals those questions - and how CISOs must be ready to respond.

Users' fear of data loss on personal devices must be balanced with an organization's need to protect sensitive information, says ZixCorp's Nigel Johnson. He explains the evolution of mobile device management.

Under assault by advanced threats, organizations must change their approach, says Damballa's Stephen Newman. Detection is out; response is in. How do organizations deal with 'a constant state of infection?'

Organizations are careful when granting privileged access to critical systems. But they struggle to govern these privileged identities. Merritt Maxim of CA Technologies shares new strategies.

Infrastructure security used to be more manageable. But it's far more complex in today's cloud environment. Carson Sweet of CloudPassage shares insight and strategies to improve cloud infrastructure security.

Banking institutions must improve how they analyze cyber-threat intelligence. But without better tools, security leaders can't adequately anticipate new attacks, says Greg Garcia, the new executive director of the FSSCC.

To help prevent data breaches involving business associates, healthcare organizations need to develop vendor management programs with razor-sharp requirements, says risk management expert Rocco Grillo.

Identity fraud is one of consumers' most feared crimes, and at banks those schemes translate into application fraud. FICO's Adam Davies discusses today's common application fraud scams and how to stop them.

Continuous monitoring is helping Freddie Mac reduce the number of security controls it uses to safeguard its information systems, says CISO Patricia Titus, who summarizes lessons that can apply to government and private-sector entities.

Imagine a cyber-attack that disables an electricity distribution center. What's the role of the U.S. military, government or the utility company in defending and retaliating? That's a question on the mind of Army Col. Gregory Conti.