Info Risk Today Podcast

Leading the latest edition of the ISMG Security Report: A preview of next week's Fraud and Breach Summit in Chicago, which will feature keynoter Brett Johnson, a former cybercriminal who now advises organizations on fighting crime.

The South African airline ComAir is using artificial intelligence to help mitigate the threat of cyberattacks, says Ramon Lipparoni, the company's IT integration manager.

Explosive growth in network scale and complexity demands a next generation Public Key Infrastructure (PKI) management platform. Ted Shorter of CSS says security leaders must prepare now to take full advantage of next-gen PKI solutions.

Government regulation is key to minimizing the misuse of cryptocurrencies for cybercrime, says Brett Johnson, a former cybercriminal who now consults on crime prevention. But regulating cryptocurrencies is no easy task, he acknowledges. Johnson will keynote ISMG's Fraud and Breach Prevention Summit in Chicago.

Cybersecurity insurers, faced with growing demand, are looking for new ways to better measure their risks, says Aleksandr Yampolskiy, CEO of SecurityScorecard. So some are moving toward more carefully scrutinizing the cybersecurity postures of their potential clients.

Leading the latest edition of the ISMG Security Report: An analysis of how distraction tactics were used during a $10 million SWIFT-related hack at Banco de Chile. Also, a wrapup of Infosecurity Europe.

Phishing remains the top attack vector, and an organization's people of course remain the top target. But how can these same people be leveraged as a key component in your anti-phishing defense? Kurt Wescoe of Wombat shares insight.

Although all the major credit card brands have dropped the requirement for obtaining signatures to verify point-of-sale transactions made with EMV payment cards, they're not pushing strongly for using PINs instead, leaving that authentication decision to card issuers, says Linda Kirkpatrick of Mastercard.

Leading the latest edition of the ISMG Security Report: Our exclusive report on an Australian criminal investigation into a company that apparently swiped cryptocurrency using a software backdoor. Also, cutting through the hype on artificial intelligence and machine learning.

Since its inception the NIST Cybersecurity Framework has been embraced across geographies and sectors. Trend Micro's Ed Cabrera talks about how to maximize the framework as a baseline for improving cybersecurity posture.

Companies offering cybersecurity products are using the terms "artificial intelligence" and "machine learning" in many different ways. But the real meanings of the terms are far more nuanced than marketing hyperbole would lead us to believe, says Grant Wernick of Insight Engines.

Machine learning is supporting new ways of battling evolving cyber threats, such as by analyzing behaviors, says Darshan Appayanna, CISO at Happiest Minds, an IT services firm, who will be a featured speaker at ISMG's upcoming Fraud and Breach Prevention Summit in Bengaluru.

Lawsuits filed in the wake of data breaches are evolving, says attorney John Yanchunis, who represents plaintiffs in many of these class action cases.

Leading the latest edition of the ISMG Security Report: Cybersecurity expert Brian Honan provides insights on why organizations that are not yet compliant with GDPR need to focus on several key steps. Also: An assessment of the progress women are making in building careers in information security.

Cybersecurity challenges and solutions have evolved greatly since 2002. And so has the Executive Women's Forum, which was founded that year to advance female leaders in the profession. Founder Joyce Brocaglia reflects on the forum's accomplishments and challenges.

What happens if organizations that must comply with GDPR have yet to achieve compliance, despite having had two years to do so before enforcement began? Don't panic, says cybersecurity expert Brian Honan, but do be pursuing a data privacy transparency and accountability action plan.

Could U.S. banks emerge as identity platform providers? Ron Shevlin of Cornerstone Advisors explains in an interview why he believes that's highly unlikely.

File-less malware is a huge security challenge for organizations today, and traditional email security controls aren't sufficient to meet the challenge. Burke Long of Lastline offers insight on a new way to approach email security.

How much progress has the healthcare sector made in the last 10 years addressing medical device cybersecurity issues? And what action is still needed? Ben Ransford, a principal researcher in a groundbreaking 2008 report about cardiac device cyber risks, offers his assessment.

Security leaders have been addressing the global skills gap for better than a decade now, with little to show for it. But Joe Cosmano of iboss recommends a new approach, leveraging software-as-a-service to make up for the staffing shortfall.