Info Risk Today Podcast

The latest edition of the ISMG Security Report features Barbara Simons, co-author of the book "Broken Ballots," discussing why she believes it's a "national disgrace" that some states are relying on computer voting with no provision for recounts. Also: Update on breach lawsuit against Premera Blue Cross.

DevOps and the addition of the "Sec" or security element to it has led to significant progress in moving security up in the application development chain, says Gartner's Dale Gardner

With the midterm elections just around the corner, Barbara Simons, author of the election security book "Broken Ballots," explains why some voting computers remain inherently flawed.

Most enterprises are at least discussing security analytics. But how are they actually deploying these tools? And with what levels of automation and orchestration? Drew Gidwani of ThreatConnect shares insight on how to maximize analytics.

Nearly one-third of U.S. banking consumers use online and mobile fintech apps to help manage their money. But those users are concerned about data privacy and want more control over the financial data their apps can access, says David Fortney of The Clearing House, who reviews the results of a survey.

The appropriate use of predictive analytics, going beyond a "set it and forget it" approach, could dramatically improve breach detection, says Teresa Grogan, CIO of the consultancy VertitechIT .

The latest edition of the ISMG Security Report offers an update on how Russian bots and trolls are spreading misinformation on vaccines via social media - and the public health impact of the campaign. Plus: Tips on disaster recovery, internet of things security.

U.S. consumers now own about 870 million IoT devices. In an interview, Al Pascual of Javelin Strategy & Research, discusses the challenges involved in securing the exploding IoT landscape.

Industry analysts first coined the term Identity-as-a-Service, IDaaS in 2006. But today, the vast majority of IDaaS implementations still focus on the "A" - access management - leaving organizations to piece together the rest. IBM's Michael Bunyard discusses how to put "Identity" back in IDaaS.

Companies that want to continue doing business globally will need to take privacy much more seriously, especially in light of increasingly strict new laws, ranging from the California Consumer Privacy Act to the EU's GDPR, says privacy and security expert Michelle Robles.

The March SamSam ransomware attack in Atlanta is reported to have cost the city $17 million to resolve. The attackers had asked for a $51,000 bitcoin ransom, which the city refused to pay. But Gartner Research analyst Avivah Litan stresses that paying ransoms has more cons than pros.

Unsupervised machine learning is essential to mitigate the sophisticated cross-channel fraud techniques attackers are using to take advantage of the multiple silos and security gaps at financial institutions, says ThetaRay's James Heinzman

Leading the latest edition of the ISMG Security Report: An analysis of why it may be too late to secure the 2018 U.S. midterm elections. Also: A close look at the Anthem breach lawsuit settlement and a report on ransomware recovery lessons learned.

Although the outlook for advancing interoperable, secure national health information exchange is promising, many significant challenges still must be overcome, says David Kibbe, M.D., founding president and outgoing CEO of DirectTrust.

Tom Field and Naresh Persaud of CA Technologies reflect on key findings from their recent Executive Roundtable on Modern IAM.

Some terms of the recent $115 million settlement in the class action lawsuit against health insurer Anthem tied to a 2015 cyberattack appear underwhelming for the victims, says attorney James DeGraw, who explains why.

Kaspersky Lab has discovered a new form of malware it calls Dark Tequila that has been targeting users in Mexico and stealing bank credentials and other personal and corporate data. The malware can move laterally through a computer while it's offline, says Dmitry Bestuzhev, a Kasperksy researcher.

Tom Field and Ben Smith of RSA Security reflect on key findings from their recent Executive Roundtable on business-driven security.

A phishing attack on Wednesday fueled by the Necurs botnet targeted at least 2,700 banking institutions of various sizes in the U.S. and around the world, explains Aaron Higbee of Cofense, which detected the attack.

Leading the latest edition of the ISMG Security Report: Chris Morales of the cybersecurity firm Vectra discusses how the industrial internet of things is changing the nature of industrial espionage and disruption.