Info Risk Today Podcast

In 2012, we saw the rise of state-sponsored malware, as well as the evolution of Trojans and ransomware. What new threats will 2013 bring? Adam Kujawa of Malwarebytes offers insights.

It's not malware, crime rings or hacktivists. What, then, are among the threats that concern security leaders most? CISO Tom Newton offers new insight on today's top threats and strategies to combat them.

Sharing information about physical and cyber threats needn't be segregated under the U.S. federal government's National Strategy for Information Sharing and Safeguarding, says Kshemendra Paul, who manages the implementation of the strategy.

ENISA, the European Union cyber-agency, is out with its first-ever Threat Landscape report. What are the emerging threats and vulnerabilities, and how should organizations globally respond to them?

The idea of the U.S. federal government and industry jointly developing IT security best practices will do little to help critical infrastructure operators defend against cyber-risk, says Business Roundtable Vice President Liz Gasster.

Smart phones that give many IT security managers headaches in developing security policies are being used in increasing numbers to help safeguard systems and applications, thanks to more muscular biometric features, says Steve Vinsik of Unisys.

It isn't so much the changing threat landscape that causes security leaders to re-assess their approach to incident response. Mobility and the expanding perimeter are the real factors driving change.

With Congress facing $1.2 trillion in budget cuts, Federal Chief Information Officer Steven VanRoekel says funding for cybersecurity initiatives will likely be affected. But with smart planning, government information technology should not be placed at risk.

How will new guidance on criminal background checks change the way organizations approach employment screening? This is one of the key trends to watch in 2013, says screening expert Les Rosen.

ID theft is a growing global problem. Eva Velasquez, head of the ITRC, outlines how public and private organizations in 2013 can update approaches to ID theft prevention.

Which fraud trends need the most attention from U.S. banking institutions in 2013? Distributed-denial-of-service attacks and account takeover, says FS-ISAC's Bill Nelson, who offers fraud-fighting tips.

Does cyber defense competition help prepare college students for real-world jobs in information security and risk management? Dan Likarish and Rick Cisneros of Regis University say yes. Here's why.

The evolution of threats and rise of mobility are leading organizations to improve user authentication. What are the new strategies and solutions security leaders in all sectors will employ this year?

Tom Ridge, the first Homeland Security secretary, questions the wisdom of granting the Department of Homeland Security greater authority to influence IT security within the federal government and the nation's critical IT infrastructure.

Arlan McMillan, the chief security officer for Chicago's government, says the city employed processes established by the federal government to assure its new cloud computing initiative is secure.

With different nations establishing different privacy standards, organizations face adopting the most stringent regulations in order to be compliant everywhere they operate, says Marc Groman, a director of the International Association of Privacy Professionals.

Cloud computing and mobility are areas likely to see new regulatory attention in the year ahead. But what are the other hot topics that leading attorneys believe will be addressed in new legislation worldwide?

What are the top account takeover threats to banking institutions in 2013? Ken Baylor of NSS Labs discusses Zeus variants, mobile malware and how institutions can protect themselves from fraudsters.

When it comes to mobility, how do leaders balance security needs with employees' BYOD desires? The easy answer: Just say no. But that's also the wrong answer. What security tips do these leaders offer?

Members of the U.S. Congress may be more sensitive to cyberthreats than they were in the past, but that doesn't mean they truly all appreciate the risk key government and private-sector IT systems face, says House Cybersecurity Caucus Co-Chair Jim Langevin.