Data Breach Today Podcast

Because winning the support of CEOs for any new project requires demonstrating a return on investment, information security professionals need to more precisely quantify the potential payoff of their suggested spending on technologies and training, according to a new report.

Imperva would neither confirm nor deny it helped defend the Vatican website from a hacktivist assault last year, but the IT security provider's director of security, Rob Rachwald, explains how such an attack was constructed and defended.

What are the top global breach trends and threats that organizations should be watching? Wade Baker of Verizon offers insights gleaned from a new study of his group's latest investigations.

White House Cybersecurity Coordinator Howard Schmidt, in an exclusive interview, expresses optimism that Congress could enact significant cybersecurity legislation this year even if President Obama doesn't get all that he wants in an IT security bill.

A consortium of eight major information technology companies is continuing development of a free framework designed to make it easier to exchange information about security vulnerabilities.

The U.S. Treasury is asking banking institutions to play a more active role in the fight against organized crime. Fraud experts at Ernst & Young share what the Treasury's new demands mean for future investments banks have to make.

No one - not even a security vendor - is immune to cyber attacks. "It's not a question of if or when companies will face an attack, but how they're going to defend against it," says Symantec's Francis deSouza.

This is the first RSA Conference since 2011's high-profile security breaches. How did those incidents influence this year's agenda? Hugh Thompson explains in an exclusive event preview.

Mobile security is a new discussion track at RSA Conference, but it's long been a hot topic for CISOs. Entrust's Dave Rockvam discusses BYOD and how organizations are securing personally-owned devices.

The insider threat: It's a top challenge for any organization, and it's a hot topic for RSA Conference attendees. Dawn Cappelli and Randy Trzeciak preview their new book, The CERT Guide to Insider Threats.

IT security practitioners who employ the RSA public-private key cryptography needn't lose sleep about its efficacy, despite new research that raises questions on how it creates large prime numbers to generate secret keys, IT security authority Gene Spafford says.

Data breaches are under-reported, and breached organizations aren't giving consumers the information they need about these compromises, says Karen Barney of the Identity Theft Resource Center.

High-profile class action lawsuits filed in the wake of major health information breaches will prove to be a strong catalyst for ramped up data security, a panel of attorneys says.

Jason Clark, CSO of Websense, has met recently with 400 CSOs. In a pre-RSA Conference interview, he discusses how security leaders can be more effective when facing mobile security and other challenges.

Getting forensics help should be one of the first steps an organization takes after a breach occurs, says IT security and privacy lawyer Miriam Wugmeister.

From mobile malware to the Anonymous hacktivist attacks, how can organizations tackle the changing threat landscape? In an RSA Conference preview, Joe Rogalski of First Niagara Bank shares ideas.

What are the top emerging fraud threats via mobile banking, and how must security leaders respond? In an RSA Conference preview, Julie McNelley of the Aite Group offers tips for fighting the newest threats.

NIST's Ron Ross will be quite busy at RSA Conference 2012, not only promoting revised guidance on security and privacy controls to be unveiled at the securing conclave, but also participating in a panel on one of his favorite topics: continuous monitoring.

What are the top emerging fraud threats to banking institutions via mobile banking, and how must security leaders respond? Julie McNelley of the Aite Group offers tips for fighting the newest threats.

Healthcare breach statistics reflect an unfortunate trend: "IT security has not really kept pace with the progress that's been made in the adoption of electronic health records," says Dan Berger, CEO of Redspin.