Info Risk Today Podcast

Current Analysis' Bernt Ostergaard describes using massive amounts of information, or big data, to help secure information systems.

Companies should hire a breach resolution vendor before they experience a data breach to help ensure rapid, appropriate response, says security consultant Robert Peterson.

Gartner Analyst Avivah Litan, one of the first fraud experts to report the Global Payments Inc. data breach, says the latest revelations raise more questions than answers about the incident's impact.

IPv6, known to some as the new Internet, is architected to be safer than IPv4, but that doesn't mean organizations shouldn't take steps to assure the security in Internet Protocol version 6, American Registry for Internet Numbers' John Curran says.

In the wake of the Global Payments Inc. card breach, ID theft expert Neal O'Farrell says banks and credit unions must be proactive with outreach to customers. What should institutions' messages include?

As enterprises spend frugally on IT security, cybercriminals aren't, and that presents big problems for organizations working feverishly to secure their digital assets, says Steve Durbin, global vice president of the Information Security Forum.

From 2010: When he first learned of the full magnitude of the Heartland Payment Systems data breach, Heartland CEO Bob Carr had one overriding thought: "Can we survive this?"

Mobile device management systems are relatively immature, so shoppers need to ask probing questions about the systems' functionality, advises security consultant J. David Kirby.

Organizations and leaders seeking to assure the privacy of their customers should implement privacy by design in the development process, privacy lawyer Alan Friel says.

"Many financial institutions have watched for years as cybercrime has escalated, and now we are shutting it down," says Greg Garcia, describing Operation B71 and how it's helping combat ACH/wire and other forms of fraud.

The average per capita cost of a data breach has declined from $214 to $194, according to the new Cost of a Data Breach study. But there are still plenty of causes for concern, says Dr. Larry Ponemon.

Verizon's 2012 Data Breach Investigations Report shows dramatic increases in attacks linked to hacktivist groups like Anonymous and LulzSec. How should organizations respond to this evolving threat?

Protecting the availability, confidentiality and integrity of information are the core tenets of IT security. But an FBI cybersecurity leader, Steve Chabinsky, suggests the central theme of IT security needs to be broadened to include assurance and attribution.

Cloud-computing service provider contracts, for most businesses and government customers, are take-it-or-leave it propositions, so organizations must approach a services agreement cautiously, IT security lawyer Françoise Gilbert says.

One important way to prepare for Stage 2 of the HITECH Act electronic health record incentive program is to take steps toward eliminating storage of patient records on mobile devices, says privacy expert Deborah Gascard Wolf.

Apple's introduction of its third iteration of the iPad e-tablet, coupled with the growing popularity of cloud computing, could lead to new methods of enterprise computing and IT security, Delaware Chief Security Officer Elayne Starkey says.

What emerging security challenges will new mobile devices and platforms pose for banks and credit unions? Brian Pearce and Amy Johnson shed light on Wells Fargo's approach to unique retail and commercial risks.

Apple's release of the new iPad will affect business. How should organizations incorporate new mobile concerns into their BYOD policies? Joe Rogalski of New York's First Niagara Bank weighs in.

Consumer advocate Deven McGraw describes what she likes and doesn't like about the privacy and security provisions in the proposed rules for Stage 2 of the HITECH Act electronic health record incentive program.

Imperva would neither confirm nor deny it helped defend the Vatican website from a hacktivist assault last year, but the IT security provider's director of security, Rob Rachwald, explains how such an attack was constructed and defended.