Info Risk Today Podcast

The latest edition of the ISMG Security Report analyzes the rising costs of ransomware attacks and the latest victims. Also featured: An assessment of Australia's new contact-tracing app designed to help battle the spread of COVID-19, and a discussion of applying the "zero trust" model to the remote workforce.

To ensure data is protected, business units must work closely with IT and security specialists to resolve data governance issues, says Sydney-based Prashant Haldankar, CISO at Privasec.

Because it's inevitable that some attackers will get around defenses, Kettering Health Network added an extra layer of endpoint security to help mitigate the risks posed by ransomware and other cyberthreats, says Michael Berry, director of information security. He describes what's unusual about the approach.

The shift to working at home during the COVID-19 pandemic is yet another reason to embrace the "zero trust" strategy, says Dave Lewis of Duo Security, who provides guidance.

Vistra Energy, a Texas-based power generation firm, recently underwent a network transformation project. CISO Paul Reyes, joined by Zscaler's Dan Shelton, opens up on how to make the move to cloud-based models and what it can do to support your business.

The latest edition of the ISMG Security Report analyzes the privacy issues raised by COVID-19 contact-tracing apps. Also featured: An update on efforts to fight fraud tied to economic stimulus payments; John Kindervag on the origins of "zero trust."

Modern enterprises are large and complex - and so are their IT environments. How does this complexity translate to securing access in hybrid environments? Frederico Hakamine of Okta breaks down the challenge and discusses solutions.

The latest edition of the ISMG Security Report offers a discussion of the potential insider threats posed by the remote workforce during the COVID-19 crisis. Also featured: An update on payment fraud shifts and the long-term outlook for the cybersecurity market.

As healthcare organizations navigate the COVID-19 crisis, they should take critical steps to improve their security posture and third-party security risk governance, says consultant Brenda Ferraro, the former CISO at Meritain Health, an Aetna subsidiary.

The ransomware threat has scaled up to match the new remote workforce. But have backup policies and incident recovery procedures improved to keep pace? David Shaw and John Bilotti of Nasuni share tips on ransomware recovery, remote file-sharing and business continuity.

As the COVID-19 crisis continues, healthcare organizations need to ramp up efforts to mitigate the threats posed by cybercriminals who are trying to exploit the chaos, says attorney Jason G. Weiss, a cyber forensics expert and retired FBI agent.

As some cities and states recruit retired healthcare professionals, new medical school graduates and clinicians from other regions to assist in their COVID-19 responses, it's critical to ensure these workers understand the importance of protecting patient information, says privacy attorney Iliana Peters.

The latest edition of the ISMG Security Report discusses the cybersecurity challenges posed by the work-at-home shift. Also featured: Tips from NIST on developing remote worker security policies, plus a discussion of the nascent threat of AI meeting assistants.

As healthcare organizations across the U.S. respond to the COVID-19 crisis, the list of security and privacy challenges CISOs face continues to grow. Mitch Parker, CISO of Indiana University Health, provides an update on the changing risk management landscape.

AI meeting assistants present increasing risks as more companies rely on teleconferencing during the COVID-19 pandemic, says U.K.-based Steve Marshall, CISO at Bytes Technology, an IT and cybersecurity consultancy, who discusses risk mitigation steps.

"Passwordless authentication" is one of the hot cybersecurity topics, but who's actually implemented it - and how? Jeff Carpenter of HID Global discusses the business benefits and the future of passwordless authentication.

With the COVID-19 pandemic forcing large portions of the workforce to shift to telework, CISOs need to rethink corporate policies on the use of video conferencing platforms and other communications tools, says NIST's Jeff Greene, who offers risk mitigation advice.

Metrics can help CISOs clearly communicate the potential impact of risks to senior executives and win support for a risk management strategy, say Randall Frietzsche, enterprise CISO of Denver Health, and consultant Dave Bailey of CynergisTek, who describe a step-by-step approach in a joint interview.

As global enterprises get their arms around supporting and securing a near-total remote workforce, their digital adversaries are adapting - and so is the role of deception technology. Carolyn Crandall of Attivo Networks discusses how deception can help mitigate new risks.

What missteps led to hackers stealing details on 145 million Americans from Equifax in 2017? The answer to that question can be found in numerous reports and a Justice Department indictment. Security researcher Adrian Sanabria says they're essential reading for anyone responsible for cybersecurity defenses.