Government Information Security Podcast

Organizations' biggest obstacles to privacy protection are the organizations themselves - specifically, their silos - says Dr. Ann Cavoukian, proponent of the new concept, Privacy by Redesign.

SafeNet CEO Chris Fedde says top executives, not chief information or chief information security officers, should have final say on what data to encrypt.

Leigh Williams says preventing online data breaches requires cooperation within the online ecosystem from domestic and international organizations. Spearheading and maintaining that cooperation requires federal oversight, he contends.

Sen. Robert Menendez says regulators should have the power to compel banks to toughen IT security and offer timely customer notification of a breach. But if they don't, the Banking Committee member says in an interview, they should come to Congress to get that authority.

Northrop Grumman Cybersecurity Research Consortium's Robert Brammer says IT security researchers should think like Wayne Gretzky, the National Hockey League hall of famer: Skate to where the puck will be.

The latest component of the U.S. Department of Veterans Affairs' ongoing effort to protect medical devices from malware is the creation of a centralized patch management system, says Randy Ledsome, the VA's acting director of field security operations.

FDIC examiner Donald Saxinger says cloud computing can pose challenges when it comes to business continuity during disasters. Proactive vendor management, he says, is the best way to address potential hiccups before they become big problems.

IT security expert Marcus Ranum says RSA's offer to replace its SecurID tokens is a deal worth taking.

What's the top threat on the minds of global IT leaders? Employee-owned mobile devices - or BYOD (bring your own device), as the trend is known. The struggle: Do mobile device benefits outweigh the organizational risks?

Quantifying the safety or danger of cyberspace is tough. But a highly respected IT security practitioner and an experienced risk management consultant have teamed to develop an index they contend reflects the relative security of cyberspace by aggregating the views of information security industry professionals.

Adam Greene, the primary author of the proposed accounting of disclosures rule mandated under the HITECH Act, describes its major provisions and offers advice on how to prepare.

The same approach governments and businesses employ to protect individuals from the dangers of secondhand smoke could be applied to safeguard cyberspace, says Scott Charney, Microsoft's vice president of trustworthy computing, engineering excellence and environmental sustainability.

With the 2011 National Defense Authorization Act (NDAA), the DOD is taking a leadership position by defining policy that emphasizes the need to protect and defend the software layer.

"Ethical hacking" - is the term an oxymoron, or is it one of today's necessities in the fight against cybercrime? Jay Bavisi, president and co-founder of the EC Council, feels strongly about why we need ethical hackers more today than ever before.

From Epsilon to Sony, recent data breaches and legislative trends tell a dramatic story about the turbulent state of privacy worldwide, according to J. Trevor Hughes, head of the International Association of Privacy Professionals.

Kirk Herath, Chief Privacy Officer at Nationwide Insurance Companies, has been in privacy management for more than a decade, and he has two main concerns about today's enterprise: Mobile technology and cloud computing.

The recent data breaches at Epsilon and Sony should send a chilling message to privacy officers everywhere. "You can't prepare enough," says Kirk Herath, chief privacy officer of Nationwide Insurance Companies.

One of the unexpected impacts of the global economic crisis is that many organizations have lost their business resiliency, says Lyndon Bird, director of The Business Continuity Institute, headquartered in the U.K.

Chris Painter knows that the United States must determine what are the standard behavioral practices on the Internet before achieving substantial international agreements on cybersecurity.

Timathie Leslie and Kristine Martin Anderson of Booz Allen Hamilton share insights on how to ensure the success of health information exchanges.