Data Breach Today Podcast

Insurance fraud schemes are growing in scale and sophistication. But at the same time, insurance companies - and their customers - are losing their appetite to accept fraud losses. IBM's Brian Banigan offers insight on the latest counter-fraud solutions.

The surge in data breaches has left millions of consumer records compromised. As a result, fraudsters have all they need to open bogus accounts, which cost banks huge losses linked to what Greg Shelton of LexisNexis Risk Solutions calls "sleeper fraud."

LabMD's recent victory in its long legal battle with the Federal Trade Commission will be short-lived, the medical testing lab's CEO predicts. Find out why, and what changes Michael Daugherty hopes the case will bring to FTC's enforcement practices.

NICE's Rodney Petersen sees too many government agencies and businesses using old-school methods to identify and recruit IT security professionals. Consequently, they often fail to build their cybersecurity staffs.

The ruling to dismiss the FTC's data security case against medical lab LabMD will result in FTC staff more carefully vetting the enforcement cases the agency pursues against all other companies in the future, predicts former FTC attorney Reed Freeman.

In the wake of the Paris attacks, cybersecurity expert Brian Honan argues that now is not the time to make snap public policy decisions that attempt to promote or restrict either cryptography or surveillance.

The terrorist attacks in Paris likely would have occurred even if intelligence and law enforcement agencies could have broken encryption Islamic State attackers used in their communications to plan the assault that killed at least 129 people.

The massive cyberattacks that struck Chase and other leading U.S. financial services firms illustrate just how vulnerable larger institutions can be to cyber-attacks. They also show why organizations must encrypt customer data, says security and forensics expert Chuck Easttom.

Because hackers often find a way to stick around or repeat their network intrusions after remediation efforts are completed, organizations need to ramp up their "continuous detection" efforts, says security expert Wendi Whitmore of CrowdStrike.

Banks need to prepare for many more massive cyberattacks along the lines of the sophisticated campaign that hit JPMorgan Chase and other financial services organizations, says Javelin Strategy & Research's Al Pascual, who offers risk management insights.

An upcoming Verizon report on health data breaches illustrates that the data is at risk at organizations outside of the healthcare sector, and not just at hospitals, clinics, insurers and their business associates, says security expert Suzanne Widup of Verizon Enterprise Solutions.

Tinba, which has been linked to attacks in the U.S., Canada and Europe, is now targeting bank accounts in Russia, according to a new report from Dell SecureWorks. Researcher Brett Stone-Gross tells why Tinba is unusual and can be tough to detect.

Now that it has issued a 10-year roadmap for secure, interoperable health information exchange, the Office of the National Coordinator for Health IT has a number of privacy-related projects planned for 2016, says Lucia Savage, ONC's chief privacy officer. She spells those out in this in-depth interview.

A quiet life in retirement? Not for Art Coviello, former executive chairman of RSA. He's just joined the boards of two new security ventures, Bugcrowd and Cylance, and he's got big ideas for how to influence the 2016 cybersecurity agenda.

Many CEOs and boards of directors are failing their companies by not truly understanding their cybersecurity risks, says Steve Durbin of the Information Security Forum. He stresses that senior leaders must ensure their organizations provide adequate funding to manage risks.

Mergers and acquisitions create challenges for CISOs, including allocating resources to meet the information security needs of newly united companies, says Joey Johnson, CISO of Premise Health.

Everyone's talking about business email compromise, but what they aren't talking enough about is what's at the root of these attacks - spear phishing. Joseph Opacki of PhishLabs discusses how security leaders must respond to the threat.

The recent data breach at U.K.-based telecom company TalkTalk illustrates that breach risk mitigation is a critical issue worldwide. PCI's Jeremy King, who will be a featured speaker at ISMG's Fraud Summit London on Oct. 27, explains why European data security is getting more scrutiny.

Building a strong platform to secure enterprise email systems is like piecing together a puzzle by joining existing technologies from various sources. NIST is readying a guide to do just that.

In an exclusive interview, Harris Health System CISO Jeffrey Vinson explains how his team is spearheading an effort to help the federal government and the healthcare industry improve cyber threat intelligence sharing.