Data Breach Today Podcast

Organizations typically secure data where it resides and is transmitted. Data-centric security strategies focus on securing the data itself. Mark Bower of Voltage Security explains.

A proposed directive requiring the reporting of serious cyber-attacks to national authorities could add complexity to organizations operating online in the European Union, says IT security lawyer François Gilbert.

Some of the largest banks in the U.S. were unable to ward off sophisticated DDoS attacks, so what can smaller organizations do? Plenty, says Marty Meyer, President of Corero Network Security.

We've seen user-driven trends such as BYOD before, says Kevin Flynn of Fortinet. And if organizations remember past security lessons, they will avoid falling prey to mistakes that could lead to breaches.

Security threats to healthcare organizations are on the rise - and so are regulatory requirements. Kim Singletary of McAfee discusses the top breach prevention and response challenges for healthcare organizations in 2013.

Outsourcing to the cloud poses new risks, especially for card data. The PCI Council addresses those risks in its just-released cloud security guidance, and Bob Russo offers exclusive insights.

How can security pros help organizations prevent breaches and data loss? The Online Trust Alliance has released its latest guide to data protection and breach readiness, and OTA founder Craig Spiezle offers tips.

Although hacktivists announced suspension of DDoS attacks against banks, other industries are now getting hit, and banks can't afford to get complacent because of the fraud risk, says security specialist Bill Stewart.

The new, much more objective guidance for reporting breaches that's included in the HIPAA omnibus rule will result in an increase in notifications, predicts privacy law expert Marcy Wilder.

Containerization - it's the latest strategy for securing the critical data accessed by remote workers and mobile devices. How is the concept deployed? David Lingenfelter of Fiberlink offers insight.

As enterprises move more applications to the cloud, continuous monitoring will play a greater role in assuring the software is patched in a timely manner, says John Streufert, DHS director of federal network resilience.

It's not malware, crime rings or hacktivists. What, then, are among the threats that concern security leaders most? CISO Tom Newton offers new insight on today's top threats and strategies to combat them.

ENISA, the European Union cyber-agency, is out with its first-ever Threat Landscape report. What are the emerging threats and vulnerabilities, and how should organizations globally respond to them?

It isn't so much the changing threat landscape that causes security leaders to re-assess their approach to incident response. Mobility and the expanding perimeter are the real factors driving change.

With Congress facing $1.2 trillion in budget cuts, Federal Chief Information Officer Steven VanRoekel says funding for cybersecurity initiatives will likely be affected. But with smart planning, government information technology should not be placed at risk.

Kathryn Marchesini, a privacy adviser at the Office of the National Coordinator for Health IT, outlines the three most important steps healthcare organizations should take to avoid breaches of information on mobile devices.

ID theft is a growing global problem. Eva Velasquez, head of the ITRC, outlines how public and private organizations in 2013 can update approaches to ID theft prevention.

Which fraud trends need the most attention from U.S. banking institutions in 2013? Distributed-denial-of-service attacks and account takeover, says FS-ISAC's Bill Nelson, who offers fraud-fighting tips.

Does cyber defense competition help prepare college students for real-world jobs in information security and risk management? Dan Likarish and Rick Cisneros of Regis University say yes. Here's why.

Tom Ridge, the first Homeland Security secretary, questions the wisdom of granting the Department of Homeland Security greater authority to influence IT security within the federal government and the nation's critical IT infrastructure.