Government Information Security Podcast

The smart grid is unlike any other type of critical information infrastructure, and its complexity creates a heightened challenge to secure it, says ENISA's Konstantinos Moulinos.

A two-year-old California law requires each of some 120 state agencies to have an information security officer, but not every agency ISO is well-versed in IT security.

Too many organizations that experience a data breach fail to reveal information on the cause of the incident so that consumers can take appropriate action, one consumer advocacy group contends.

Acquiring information security wares gets more complicated every day - some 1,000 vendors offer 150 categories of products - so it's unreasonable to expect even the most informed chief information security officers to know everything about them.

The role of identity and access management is as critical as ever. But the demands of the role? They are radically different, says Sam Curry, CTO of RSA, who discusses the new skills needed.

The Zeus Trojan is frightening because of its agility, evolution and success at stealing banking credentials. How can institutions fight back? Malware expert Andreas Baumhof offers new ideas.

Local and state governments improving their cyberthreat awareness could be the main benefit from a new program designed to help them save money in acquiring IT security products and services, says Center for Internet Security Chief Executive William Pelgrin.

Gartner's Tom Scholtz doesn't see a shortage of technically skilled IT security practitioners. But he perceives a dearth of infosec pros who truly understand how security links to an enterprise's business goals.

June has been declared National Internet Safety Month. What is the mission behind the designation, and how can individuals and organizations contribute to the "Stop, Think, Connect" campaign?

Gartner's Peter Firstbrook, to illustrate the vulnerability of IT systems, cites research that pegs at about 400 days the average time a targeted virus remains undetected on a computer. And, he says, that doesn't speak highly of the current offerings from security vendors.

Relating risk to information security initiatives can help IT security managers persuade their bosses to fund these projects, sponsors of a new survey contend.

Federal action to set aside broadband spectrum for wireless patient monitoring systems has the potential to improve treatment without increasing risks, says medical device expert Dale Nordenberg, M.D.

What are the top challenges with the bring-your-own-device trend? Stephen Midgley, vice president of global marketing at Absolute Software, says the top issue is organizations not knowing where their data is located.

As BYOD continues to become more commonplace, mobile application risk management aids in identifying the risks on those devices and implementing policy to protect enterprise data, says Domingo Guerra, president and founder of Appthority.

What are the top concerns around identity and access management within organizations? Avatier Chief Innovation Officer Ryan Ward says compliance, governance and audit issues are top-of-mind.

What is business-driven identity and access management and how can it help organizations improve their security? Jason Garbis of Aveksa explains.

What's top of mind for the federal government when it comes to cloud security? David Berman of Centrify explains.

What are the top bring-your-own-device concerns enterprises are facing today? Russell Rice of Cisco explains.

Cyber-attacks are becoming increasingly difficult for organizations to defend against, says Ashar Aziz of FireEye.

The bring-your-own-device trend is a huge issue for organizations today, says Rob Ayoub of Fortinet, who offers recommendations to address the security challenges involved.