Info Risk Today Podcast

An executive at a bank in New Jersey that was battered by Hurricane Sandy offers lessons learned, including the importance of having a well-tested, detailed business continuity plan.

Cloud-based botnets and mobile malware are two of 2013's top cyberthreats. What other threats make the list? Georgia Tech's Paul Royal tells how security pros and organizations can prepare.

The kind of detailed data analysis that helped statistician Nate Silver predict accurately the outcome of the U.S. presidential election could help enterprises using cloud-based SIEM to identify vulnerabilities, says Cloud Security Alliance's Jens Laundrup.

To know how best to respond to IT and communications failures, incident response pros first must collect information on such incidents, says Marnix Dekker, who co-authored a new report for ENISA.

Social media platforms are ever-evolving. But organizations' and individuals' use of social media has not evolved and may create new risks, says educator Sherrie Madia. How should we manage these risks?

The FDA's proposed Unique Device Identification System could help the agency and healthcare providers more easily identify medical device safety issues, including malware threats, says agency official Jay Crowley.

To know how best to respond to IT and communications failures, organizations first must collect information on such incidents, says Marnix Dekker, who co-authored a just-issued report on incidents for ENISA.

One of the biggest IT security challenges enterprises will face in the coming years will be assuring the integrity of the computer products they purchase, says Gartner Fellow Neil MacDonald.

How big of a role did health information exchanges play in providing access to records during Superstorm Sandy, and what lessons can be learned? Federal officials will address these questions, says HIE expert Lee Stevens.

Kris Rowley feels she can take Sandy's punch. Having survived the battering Irene gave Vermont in 2011, the state's CISO knows how better to defend state IT as the remnants of Hurricane Sandy take aim at the Green Mountain State.

It's been compared to the 'perfect storm,' but Hurricane Sandy is unlike any storm we've seen, says Alan Berman of DRI. He believes organizations have planned well for recovery.

Hurricane Sandy threatens buildings, staff and data alike, posing a daunting challenge to business continuity pros. Disaster recovery expert Regina Phelps offers tips for weathering the storm.

Human genome sequencing can support groundbreaking research leading to improved treatments. But before genetic testing can become common, privacy issues need to be tackled, says Lisa M. Lee, who heads a presidential advisory panel.

Distributed-denial-of-service attacks on U.S. banking institutions will continue, says Akamai's Mike Smith. And he believes the attackers aren't out just to embarrass the banks, but to commit fraud.

The big breaches make the headlines, but the smaller attacks on merchants are the ones that ultimately benefit the fraudsters and hurt banking institutions most, says Wade Baker of Verizon.

Talks among IT security experts from 40 nations meeting in New Delhi could lead to treaties on cybersecurity, including, perhaps, a cyber détente between the United States and China, Deloitte Center for Cyber Innovation's Harry Raduege says.

A group of highly respected IT security thought leaders is calling on the Obama administration to exercise existing powers to strengthen the processes the federal government employs to secure its information systems.

CISOs increasingly are asked to manage both information security and risk. What new skills and tools do they need to juggle the dual role? David Sherry, CISO of Brown University, shares his views.

Employing cloud computing services could help organizations defend against the type of distributed denial of service attacks that have temporarily crippled the online service of major American banks, says NIST's Matthew Scholl.

Top executives must be transparent with their stakeholders when their IT systems get attacked. Otherwise, their enterprises' reputations could be more severely damaged, says IBM Fellow Luba Cherbakov.