Government Information Security Podcast

Organizations and leaders seeking to assure the privacy of their customers should implement privacy by design in the development process, privacy lawyer Alan Friel says.

The average per capita cost of a data breach has declined from $214 to $194, according to the new Cost of a Data Breach study. But there are still plenty of causes for concern, says Dr. Larry Ponemon.

Verizon's 2012 Data Breach Investigations Report shows dramatic increases in attacks linked to hacktivist groups like Anonymous and LulzSec. How should organizations respond to this evolving threat?

Protecting the availability, confidentiality and integrity of information are the core tenets of IT security. But an FBI cybersecurity leader, Steve Chabinsky, suggests the central theme of IT security needs to be broadened to include assurance and attribution.

Cloud-computing service provider contracts, for most businesses and government customers, are take-it-or-leave it propositions, so organizations must approach a services agreement cautiously, IT security lawyer Françoise Gilbert says.

Apple's introduction of its third iteration of the iPad e-tablet, coupled with the growing popularity of cloud computing, could lead to new methods of enterprise computing and IT security, Delaware Chief Security Officer Elayne Starkey says.

Apple's release of the new iPad will affect business. How should organizations incorporate new mobile concerns into their BYOD policies? Joe Rogalski of New York's First Niagara Bank weighs in.

Imperva would neither confirm nor deny it helped defend the Vatican website from a hacktivist assault last year, but the IT security provider's director of security, Rob Rachwald, explains how such an attack was constructed and defended.

Commerce Undersecretary for Standards and Technology Patrick Gallagher sees the private sector, not government, taking the lead to develop tools, processes and standards to help safeguard IT systems and data in and out of government.

What are the top global breach trends and threats that organizations should be watching? Wade Baker of Verizon offers insights gleaned from a new study of his group's latest investigations.

White House Cybersecurity Coordinator Howard Schmidt, in an exclusive interview, expresses optimism that Congress could enact significant cybersecurity legislation this year even if President Obama doesn't get all that he wants in an IT security bill.

A consortium of eight major information technology companies is continuing development of a free framework designed to make it easier to exchange information about security vulnerabilities.

No one - not even a security vendor - is immune to cyber attacks. "It's not a question of if or when companies will face an attack, but how they're going to defend against it," says Symantec's Francis deSouza.

This year's HIPAA compliance audit program will come up somewhat short of the target of 150 audits, says Leon Rodriguez, the nation's lead HIPAA enforcer.

The need for qualified security pros is growing - but so is the Scholarship for Service Program, which helps students train for roles in government. Victor Piotrowski of the National Science Foundation discusses the opportunities.

The Obama administration's Consumer Privacy Bill of Rights should be seen as a vital document to help shape an expansive and globally accepted privacy framework in the United States, privacy and data security lawyer Lisa Sotto says.

This is the first RSA Conference since 2011's high-profile security breaches. How did those incidents influence this year's agenda? Hugh Thompson explains in an exclusive event preview.

Mobile security is a new discussion track at RSA Conference, but it's long been a hot topic for CISOs. Entrust's Dave Rockvam discusses BYOD and how organizations are securing personally-owned devices.

The insider threat: It's a top challenge for any organization, and it's a hot topic for RSA Conference attendees. Dawn Cappelli and Randy Trzeciak preview their new book, The CERT Guide to Insider Threats.

IT security practitioners who employ the RSA public-private key cryptography needn't lose sleep about its efficacy, despite new research that raises questions on how it creates large prime numbers to generate secret keys, IT security authority Gene Spafford says.