Info Risk Today Podcast

It's an increasingly common question from CEOs. "How is our security program protecting the business?" Pamela Gupta of OutSecure shares insight on what CISOs should demonstrate when they answer that question.

The best ideas to secure the Internet do not come from the top-down government approach imposed by some foreign governments, but from the openness derived by a multi-stakeholder process, says Christopher Painter, America's top cyber diplomat.

The hotline, the communications link established between Washington and Moscow during the Cold War to avert a nuclear war, is being used to warn of potential cyber and environmental crises, the State Department's Christopher Painter says.

Kim Peretti, the ex-prosecutor who helped nab Heartland hacker Albert Gonzalez, says recent indictments offer insights into the actors behind global fraud schemes that affected 160 million cardholders.

Organizations increasingly engage with customers via social media, but managers often fail to incorporate or enforce key policies. Attorney David Adler offers tips to improve social media management.

Because state HIEs vary in connectivity and interoperability levels, secure e-mail based on the Direct Project offers a dependable way of sharing patient data during a disaster, says Tia Tinney of the Southeast Region Collaborative for HIT.

As social media use grows, so do the risks of organizations getting caught up in costly legal disputes over ownership and assets. Alan Brill of Kroll advises on how to mitigate such risks.

At a time of heightened cybersecurity threats, few organizations have processes for employees at all levels to report breaches. It's time for accelerated breach response, says attorney Ellen Giblin.

A new incident response publication coming from the National Institute of Standards and Technology will include guidance on how to form circles of trust - networks of IT security experts spanning multiple organizations, says NIST's Lee Badger.

Securing mobile devices in the enterprise is just half the challenge. The other is ensuring that employees are able to work productively. A panel of experts from Attachmate offers new strategies.

Losses linked to retail breaches have fueled class action lawsuits on behalf of consumers. But Javelin's Al Pascual says banks are soon likely to take legal action, too, in breach cases that expose cards and lead to fraud.

One of the biggest security challenges the Washington state health insurance exchange faces as it prepares for its Oct. 1 launch is building interfaces with its partners, says CIO Curt Kwak.

Recent DDoS attacks on banks are prime examples of the new age of ideological threats to organizations across all industries. Who are the threat actors, and how can organizations best manage risks?

Getting critical infrastructure operators involved is the biggest challenge the federal government faces in creating a cybersecurity framework, says NIST's Adam Sedgewick, who leads efforts to create the framework ordered by President Obama.

What are the top three cybersecurity game changers, and what negative impact can they have on organizations if security leaders do not manage them properly? Rolf von Roessing of ISACA shares insight.

Patent infringement lawsuits that involve security practices are becoming more common in heavily-regulated industries. Organizations need to take several steps to be well-prepared, advises patent attorney James Denaro.

Whether or not Congress enacts cyberthreat intelligence sharing legislation, the IT security community is moving forward with its own information sharing initiatives, MS-ISAC Chairman William Pelgrin says.

Most organizations rate their mobile device security efforts as poor, in need of improvement or just adequate, according to the latest ISMG survey. So where are the security gaps? Malcolm Harkins of Intel offers insights.

RSA Chief Information Security Officer Eddie Schwartz is heading a new task force that he hopes will help develop the next generation's well-trained, rightly skilled cybersecurity workforce.

Cyberthreats, including distributed-denial-of-service attacks, are growing worldwide. So FS-ISAC is expanding its information sharing efforts internationally to help financial institutions counter the threats, says Bill Nelson, the organization's president.