Data Breach Today Podcast

Customers increasingly use digital channels to interact with organizations. But these interactions raise new security concerns that must be addressed by IAM solutions, says David Gormley of CA Technologies.

Poor Internet hygiene, not increased cybercrime, is what's really to blame for the increased botnet traffic the online world is battling, say cybersecurity experts Tom Kellermann and Rod Rasmussen.

The folks at PricewaterhouseCoopers, after surveying 500 U.S. business, law enforcement and government executives, conclude that the vast majority of cybersecurity programs fall very short of the federal government's cybersecurity framework goals.

Healthcare organizations are becoming a bigger target for cybercriminals because so much more clinical and financial information is now stored in potentially vulnerable information systems, says security expert Mac McMillan.

High-profile retail breaches, such as the one suffered by Target Corp., could spur more merchants to promote increased use of mobile payments to boost security, says Thad Peterson, a new analyst at Aite Group.

Fighting fraud tied to synthetic identities requires revamping the credit infrastructure to improve detection of fraudsters' activities, says risk management specialist Richard Parry.

What does "IT security as a business enabler" mean? For a definition, Gartner's Paul Proctor looks to the way IT managers at a European car maker translate security problems into a language a CEO can understand.

A multi-layered approach known as "context-aware security" is the most effective strategy for fighting both insider and external cyberthreats, says Gartner analyst Avivah Litan, who explains how this strategy works.

Embedding some information security practitioners within business units could help improve IT security awareness in many enterprises, reducing security risk, says Steve Durbin, global vice president of the Information Security Forum.

Timely analysis of data residing in an organization's information systems is a critical element of IT security, say Haiyan Song and Joe Goldberg of the security firm Splunk.

Today's cybercriminals are perfecting the use of advanced-persistent-threat attacks to pilfer valuable information from precisely targeted victims, says Greg Day of security provider FireEye.

A leader of ISACA, Sarb Sembhi, defends President Obama's cybersecurity framework, which critics contend lacks sophistication. He says detractors miss the point about how frameworks evolve.

Too many organizations have a device-centric BYOD policy that fails to look at big picture issues, including building a comprehensive strategy for protecting corporate information no matter how it's accessed, says Ian Evans of AirWatch.

As members of the workforce increasingly rely on mobile devices to access corporate data, secure sharing of files becomes more challenging, says Accellion's Vidhya Ranganathan, who describes an effective strategy.

On the day Target's CEO resigned in the aftermath of a massive data breach, the Ponemon Institute issued its 2014 Cost of Data Breach Study, which Chairman Larry Ponemon says helps explain why CEOs should be more involved in breach preparedness and response.

A behavioral analysis approach to fighting malware can be more effective than a signature-based approach in the current threat environment, contends Webroot's Patrick Kennedy.

Voltage Security's Mark Bower contends data-centric security can help break down barriers to the widespread use of encryption and help protect sensitive information, including credit card numbers.

Network "situational awareness" can help organizations in all business sectors improve regulatory compliance by identifying networks and devices that need protection, says Lumeta's Reggie Best.

Hurt the criminals and cyberthreats will decrease. That's how organizations in all sectors, working with law enforcement, should approach cybersecurity, says Juniper Networks' Kevin Kennedy.

Individuals resort to lying about themselves to protect their identities when accessing systems in today's imperfect cyber world, says Peter Tapling, president of Authentify, an out-of-band authentication service.