Info Risk Today Podcast

ISMG and Fortinet hosted a roundtable dinner in Atlanta on May 7 focused on "Outmaneuvering Threat Actors in the Age of Industrial IoT (IIoT)". Challenges in communication and gaining buy in from operational teams for security initiatives were explored, and Richard Peters, Director, Operational Technology Global Engagement, of Fortinet provided his insight on the event in this exclusive interview.

The latest edition of the ISMG Security Report assesses the legacy of WannaCry ransomware two years on. Also featured: the evolving role of healthcare CISOs; threat mitigation recommendations based on the 2019 Verizon Data Breach Investigations Report.

C-level executives are 12 times more likely to be the target of social incidents and nine times more likely to be the target of social breaches. This is among the key findings of the latest Verizon's Data Breach Investigations Report. Author John Grim shares insight.

The lack of secure coding is a pervasive and serious threat to national security, according to a new paper from the Institute for Critical Infrastructure Technology. In an interview, Rob Roy, co-author of the report, outlines what steps should be taken to encourage or enforce secure coding practices.

The latest edition of the ISMG Security Report digs into the WhatsApp flaw that paved the way for spyware installation. Also: Microsoft patches old operating systems and a 'virtual CISO' sizes up security challenges.

Attackers exploiting a buffer overflow in WhatsApp's signaling software to automatically infect devices with malware - without users even having to answer their phone - and then alter call logs to hide attack traces is "a bit of a nightmare scenario," says cybersecurity expert Alan Woodward.

Unified endpoint management exists because devices have grown in number, variety and complexity of how they're being used in the workplace. So how should IT and security leaders approach UEM? John Harrington Jr. and Ryan Schwartz of IBM MaaS360 with Watson share insight.

Serving as a "virtual CISO" offers advantages as well as challenges, says Doug Copley, who's a CISO contractor for several healthcare sector entities. He shares insights on this unusual job opportunity.

The way many organizations have handled digital onboarding is fraught with risk - including fraud. But Husayn Kassai, CEO of Onfido, envisions a new future that includes a healthy amount of friction and greater security.

Traditionally, enterprises have built networks and then added security elements. But in what he describes as "the third generation of security," Fortinet's John Maddison promotes a model of security-driven networking. Hear how this can improve an organization's security posture.

The latest edition of the ISMG Security Report analyzes the FBI takedown of DeepDotWeb, a dark net portal. Also featured are discussions on healthcare app security and the repercussions of poor coding security.

Typically, organizations see automated or manual attacks - one type or the other. But increasingly cyberattackers are striking with blended attacks, and the growth and impact of these strikes is concerning. Dan Schiappa of Sophos discusses how to improve detection and defense.

ISMG and NTT hosted a roundtable dinner in Chicago on May 8 focused on "Confessions of a Healthcare CISO".

When a healthcare provider develops its own applications that handle patient data, it must take critical steps to safeguard protected health information and ensure HIPAA compliance, says privacy attorney Adam Greene.

ISMG and Zscaler hosted a roundtable dinner in Morristown, New Jersey on April 11 focused on security's role in digital transformation.

The latest edition of the ISMG Security Report describes a discussion among "Five Eyes" intelligence agencies at the recent CyberUK conference. Plus, an update on a Huawei 'backdoor' allegation and new research on managing third-party risk.

The 2018 cybersecurity landscape ushered in a blend of old and new threats, some of them game-changing, according to Trend Micro's Annual Security Roundup. Trend's Greg Young shares insight from this report.

What are the key privacy and security requirements proposed in the latest draft of the Trusted Exchange Framework and Common Agreement issued by federal regulators to promote nationwide secure health data exchange? Elise Sweeney Anthony of the Office of the National Coordinator for Health IT explains.

How far does an organization's risk surface extend, and who are the custodians of all that data? A new research report aims to answer those questions. In a joint interview, Kelly White, of RiskRecon and Wade Baker of the Cyentia Institute offer an analysis.

The good news is: The development of new malware exploits has slowed considerably. The bad news is: That's because the old ones still continue to work so effectively. Adam Kujawa of Malwarebytes Labs talks about the evolution of ransomware and other successful exploits.