Data Breach Today Podcast

The latest edition of the ISMG Security Report features an analysis of whether courts can trust evidence collected by Cellebrite's mobile device forensic tools. Also featured: Report shows attackers' dwell times plummeting; a call for partnership with law enforcement.

With all the talk of sophisticated adversaries and evolving threats to users and devices – what about threats to building management systems? Jeremy Morgan of Industrial Defender discusses this threat landscape and the role of automated tools to defend it.

The latest edition of the ISMG Security Report features an analysis of British spy chief Jeremy Fleming’s "cybersecurity call to arms." Also featured: Insights on COVID-19 business continuity planning; the wisdom of the late Dan Kaminsky.

Phishing, online fraud, cryptocurrency scams – they are coming at lightning speed, threatening enterprises and their brands. And just as fraudsters rely on automation to deliver these attacks, defenders can use automated tools to protect their brands. Jeff Baher of Bolster tells how.

The federal ban on funding for a national unique patient identifier adds to the complexity of customer identity and access management, especially when dealing with new patients during the COVID-19 pandemic, says Aaron Miri, CIO at UT Health Austin.

The latest edition of the ISMG Security Report features an analysis of ransomware gang REvil’s threat to release stolen Apple device blueprints unless it receives a massive payoff. Also featured: discussions of the importance of a “shift left” strategy and efforts to secure cryptocurrencies.

“Work from anywhere” is a game changer, and it has significant impacts on certificate lifecycle management. Patrick Nohe of GlobalSign discusses the new, strategic approach security leaders need to take for CLM.

A proposed privacy framework from the eHealth Initiative & Foundation and the Center for Democracy and Technology aims to set standards for the collection, disclosure and use of health data that falls outside the protection of HIPAA, says attorney Andrew Crawford of CDT.

Traditionally, data management has not received the attention it deserves. But with the advent of Kubernetes and cloud-native technologies, this conversation becomes a game-changer. Michael Cade of Kasten by Veeam explains why, how and where to take advantage.

The latest edition of the ISMG Security Report features an analysis of whether the FBI removing malicious web shells from hundreds of compromised Microsoft Exchange Servers could set a precedent. Also featured is a description of an unusual fraud scam plus an update on security product development trends.

In a joint interview, Mike Ferris and Mike Brooks of Abacode, a managed cybersecurity and compliance provider, discuss how the MCCP model helps businesses implement a holistic, framework-based cybersecurity program that provides continuous security and compliance.

Dave DeWalt, former CEO of FireEye and McAfee, has been appointed vice chair of the board of LogDNA, a log management company, and he’s committed to the popular “shift left” movement. But he’s also got a keen eye on the broader cybersecurity marketplace and shares insights on its seismic changes.

More precise and pervasive cybersecurity threat modeling during manufacturers' development of medical devices - and also during the regulatory product review process - is critical for risk mitigation, says Kevin Fu, new acting director of medical device cybersecurity at the FDA.

The latest edition of the ISMG Security Report features an analysis of why transparent communication in the aftermath of a data breach pays off. Also featured: Mastercard on digital identity issues; building a more diverse and inclusive cybersecurity workforce.

Andy Purdy, the chief security officer for Huawei Technologies USA who formerly worked on the White House staff and in the Department of Homeland Security, discusses cybersecurity best practices.

The latest edition of the ISMG Security Report features an analysis of retailer Fat Face’s awkward "strictly private and confidential" data breach notification. Also featured: Discussions on the ethics of buying leaked data and the rise of central bank digital currencies.

Quantum computing eventually could break existing cryptographic methods with brute force attacks, so organizations need to prepare now, says Evangelos Rekleitis of ENISA.

Digital transformation makes the headlines. But behind the scenes, many enterprises are struggling with the effects of cloud migration and the “shift left” movement. Knox Anderson of Sysdig shares tips for approaching the modern cloud.

The latest edition of the ISMG Security Report features an analysis of recent “tell-all” interviews with members of ransomware gangs. Also featured: insights on securing IoT devices and mitigating insider threat risks.

Unemployment fraud incidents have spiked in the past year, and high-salaried senior executives are often the fraudsters’ victims. Dr. Christopher Pierson of BlackCloak describes how these scams are pulled off, what impact they have and how the CISO can bolster defenses.