Data Breach Today Podcast

Automating governance, risk and compliance reduces vulnerabilities that can have an adverse impact on the bottom line, says Sergio Thompson-Flores, chief executive of Modulo, a provider of GRC offerings.

Hewlett-Packard's John Diamant points out most enterprises invest little in the area with the greatest vulnerabilities: application security.

Most organizations have more data than they know what to do with, much less understand how they can use that data in a meaningful way, say NopSec's Lisa Xu and Steven Leonard. Having the ability to aggregate that data is key.

Debate over cybersecurity bills last year coupled with recent, highly publicized attacks have raised the visibility of the threat, and that could push Congress to enact IT security legislation in 2013, White House Cybersecurity Coordinator Michael Daniel says.

Most organizations are challenged by having too much information in too many places. But Dieter Schuller of Radiant Logic says centralizing data can improve identity management.

Paige Leidig, chief marketing officer of CipherCloud, says information protection requirements continue to be the primary hurdle for enterprise adoption, despite explosive growth in the cloud content and collaboration market and its evident advantages to productivity and cost efficiencies.

Organizations in all industries can embrace the bring-your-own-device trend if they take adequate steps to authenticate mobile users, says Soumya Das of SecureAuth.

How is the six-hospital Barnabas Health delivery system tackling the challenge of complying with the new HIPAA Omnibus rule? Hussein Syed, director of IT security, explains.

Call center fraud is increasing, and it's not just financial institutions feeling the pain, says Pindrop Security's Matt Anthony. Now, a database of phone numbers aims to help organizations mitigate risks.

Because managing identities is a global problem, it requires a global solution, says Paul Simmonds of the Jericho Forum. A new organization has been established to address global identity. Simmonds offers insight.

We are no longer facing a global IT security staffing shortage - it's a full-blown crisis. This is the conclusion of new research conducted by (ISC)². Julie Peeler and Bruce Murphy offer insight.

More than merely a phishing incident, a targeted attack is part of an advanced persistent threat. How can organizations defend against these attacks? Kevin Epstein of Proofpoint offers insight.

The PATCO fraud case shows why banking institutions cannot rely on compliance to ensure security. In an RSA 2013 preview, attorney Joseph Burton discusses legal lessons from the PATCO settlement.

An information risk management framework isn't implemented in a vacuum, as National Institute of Standards and Technology Fellow Ron Ross points out.

Risk management is an art, not a science. That is the contention of Andy Ellis, CSO of Akamai and a keynote speaker at RSA Conference 2013. How can psychology change one's approach to risk and security management?

Intrusion detection is challenging for most organizations, and hackers' ever-increasing skill to evade monitoring tools only compounds the problem. But Zions Bank's Michael Fowkes says big data can help.

Mobile security, advanced persistent threat and DDoS attacks on banks have been among the hottest security stories. How have they influenced RSA Conference 2013? Program Chair Hugh Thompson previews the event.

From sophisticated malware to socially-engineered schemes, banking institutions of all sizes are under constant, multi-channel attack. How can they respond? Daniel Ingevaldson of Easy Solutions shares ideas.

Mobile malware, jailbroken devices and unpatched systems are three of the top security threats to mobile workers. How can organizations mitigate the risks? Dave Jevans of Marble Security offers tips.

Malware, DDoS and mobile security aside, one of the biggest risks is organizations' lack of visibility into specific threats. Don Gray of Solutionary explains the need for actionable threat intelligence.