Data Breach Today Podcast

When it comes to mobile security, users say the right things, but still indulge in risky behavior. Javelin's Al Pascual tells how security leaders can create better partnerships and practices in 2013.

A breach that resulted in a $1 million HIPAA settlement led Partners Healthcare in Boston to take many significant steps, including merging its privacy and security efforts, says CISO Jennings Aske. More changes are planned for 2013.

McAfee researchers have uncovered new information about a Gozi variant, which RSA in October named Prinimalka. The Trojan, part of a blitzkrieg-like attack, is expected to hit 30 institutions in spring 2013.

From point-of-sale hacks to malware and DDoS attacks, the top cyberthreats of 2012 have been aggressive and strong. Is it time for organizations to adopt a "hack back" strategy against perceived attackers?

Former FBI cyber unit chief Tim Ryan sees mounting dangers from the insider, acknowledging undiscerning employees who don't follow proper processes can cause devastation. But he says the actions of those with malicious intent can be more catastrophic.

Eurograbber is more than just another banking Trojan. It's an exploitation of fundamental online banking authentication practices that could strike any institution, says Check Point's Darrell Burkey.

Because many merchant compromises result from badly installed or configured applications, payments acquirers, such as Chase Paymentech, are stepping up to help address point-of-sale security.

McAfee CPO Michelle Dennedy and Intel CISO Malcolm Harkins work for the same company, but in some ways they are worlds apart. How must privacy and security leaders bridge gaps to face challenges ahead?

What are the key skills and tools forensics pros use in probing a data breach? What can we learn from recent breaches? Rob Lee of SANS Institute walks us through a typical forensics investigation.

As missiles and bombs do real damage in Israel and Gaza, a veteran Israeli cybersecurity expert, Amichai Shulman, downplays the significance of the assaults waged against Israeli websites, contending any damage has been minimal.

Cloud-based botnets and mobile malware are two of 2013's top cyberthreats. What other threats make the list? Georgia Tech's Paul Royal tells how security pros and organizations can prepare.

To know how best to respond to IT and communications failures, incident response pros first must collect information on such incidents, says Marnix Dekker, who co-authored a new report for ENISA.

One of the biggest IT security challenges enterprises will face in the coming years will be assuring the integrity of the computer products they purchase, says Gartner Fellow Neil MacDonald.

Distributed-denial-of-service attacks on U.S. banking institutions will continue, says Akamai's Mike Smith. And he believes the attackers aren't out just to embarrass the banks, but to commit fraud.

The big breaches make the headlines, but the smaller attacks on merchants are the ones that ultimately benefit the fraudsters and hurt banking institutions most, says Wade Baker of Verizon.

A group of highly respected IT security thought leaders is calling on the Obama administration to exercise existing powers to strengthen the processes the federal government employs to secure its information systems.

Employing cloud computing services could help organizations defend against the type of distributed denial of service attacks that have temporarily crippled the online service of major American banks, says NIST's Matthew Scholl.

Download the transcript of this interview in PDF format (sponsored by Corero Network Security) As DDoS attacks on banks continue, institutions can take immediate steps to lessen the impact on customer experience and reduce fraud risks. Jason Malo of CEB TowerGroup offers insight.

As mobile computing becomes ever-present, enterprises face a new threat landscape that includes rogue marketplaces, insecure public Wi-Fi and proximity-based hacking, says Dan Hubbard of the Cloud Security Alliance.

Google and Facebook are in the mobile payments arena. But consumers still expect their banking institutions to secure the mobile wallet, says Alphonse Pascual of Javelin. What role must banks play?