Government Information Security Podcast

Corporate espionage appears to be the motive behind cyberattacks targeting a variety of medical-related equipment and systems, researcher Jon DiMaggio of Symantec says in an in-depth interview about the activities of a hacker group the company has dubbed "Orangeworm."

To stay ahead of evolving cyber threats, healthcare entities need to deploy a defense-in-depth strategy that includes tapping more advanced tools, including deception technology, says security expert Elie Nasrallah of HITRUST.

What's the difference between artificial intelligence, machine learning, deep learning and neural networks? Don't trust vendors' marketing materials to help you find a workable, accurate definition, says Kris Lovejoy, CEO of the security firm BluVector.

In this in-depth interview, Daniel Cohen of RSA discusses how open banking, also known as banking as a service, will affect the fight against fraud and offers insights on the security steps banks should be taking.

Verizon's latest Data Breach Investigations Report shows that half of data breaches in 2017 worldwide were orchestrated by organized cybercriminal groups, says Verizon's Ashish Thapar, who offers an in-depth analysis of the findings.

Leading the latest edition of the ISMG Security Report: A preview of our extensive coverage of the 2018 RSA Conference, which will include dozens of video interviews with thought leaders.

Deception technology has been gaining traction as a way for organizations to get a view on how attackers are targeting their assets. Rik Turner, principal analyst at the consultancy Ovum, says he expects MSSPs to incorporate deception technology, making it more accessible to smaller organizations.

A new version of the FIDO authentication standard is designed to enable the elimination of passwords for a broader range of devices, says Phil Dunkelberger, CEO of Nok Nok Labs, who describes the latest developments.

Technology, regulations and customer expectations all have evolved. What does this mean for how organizations secure identities? Baber Amin of the Office of the CTO of Ping Identity offers strategic insight.

While CISOs in India are fighting off threats from technologically adept cyberattackers, they are also grappling with the challenge of effectively communicating cyber risk to management in the business terms that they can understand, says K.K. Mookhey, founder of Mumbai-based NII consulting.

The recent data breach impacting 150 million user accounts of Under Armour's MyFitnessPal application and website offers important lessons for mobile app developers, security expert Joan Pepin explains in this interview.

With Alabama and South Dakota recently becoming the last two states to adopt breach notification laws, notification processes become more complicated, says privacy attorney Adam Greene, who offers an in-depth analysis.

Leading the latest edition of the ISMG Security Report: Assessing cryptocurrencies' role in the latest ransomware and malware attacks. Plus: Facebook's revised estimate on account details accessed by Cambridge Analytica.

The high-profile breaches of Fortune 100 companies are the ones that get the headlines, but small and midsized businesses should not breathe any sighs of relief. They are very much still targets, says Austin Murphy of CrowdStrike. He offers cybersecurity advice to SMBs.

Processing and parsing intelligence from all sources - external and internal, structured and abstract - across three important categories is essential to a proactive, predictive threat intelligence framework, says Verizon's Ashish Thapar

CISOs increasingly are summoned to present to their Boards of Directors. But too often these presentations fail to frame the right topics with the right metrics, says Jacob Olcott of BitSight. He offers advice for maximizing the opportunity in front of the Board.

Organizations need to carefully assess - and then verify - the data security controls their existing - and prospective - vendors have implemented, says privacy and security expert Rebecca Herold, who offers a range of vendor management tips in an in-depth interview.

Cyber SOCs, the next generation of security operations centers, need to use a new approach to detecting emerging attacks, says Aadesh Gawde of the IT risk consultancy ProVise Consulting, who offers implementation tips.

What impact with the Facebook data privacy controversy have on the social media company, and other tech giants, eventually competing with banks? James Wester of IDC sizes up the open banking implications.

Leading the latest edition of the ISMG Security Report: Ransomware hits the city of Atlanta, Baltimore's 911 system as well as aviation giant Boeing. Plus, WikiLeaks and its Julian Assange get taken for a ride by Russian intelligence.