Info Risk Today Podcast

Cybersecurity has emerged as a key risk factor to be weighed during the due diligence process of any merger and acquisition. How should organizations on both sides approach the process? Steve Chabinsky of CrowdStrike share strategy.

The Democratic Party platform calls for balancing privacy and security concerns, and vice presidential nominee Tim Kaine endorses the formation of a commission to advise Congress on developing digital security and encryption laws.

The new "No More Ransom" portal is designed to emphasize that police and security firms are doing whatever they can to disrupt ransomware gangs, as well as to help more victims get their data back for free, says Intel Security's Raj Samani.

CISOs face the continuing challenge of how to clearly communicate information security risk to the board and senior management. But now they can take advantage of a free metrics framework designed to help evaluate an organization's cybersecurity readiness. Phil Cracknell of ClubCISO describes the effort.

The Global Cyber Alliance is taking on small projects to come up with solutions to big cyber risk problems. "It's essentially using a startup approach to a much bigger problem," CEO Phil Reitinger, who will keynote the upcoming ISMG New York Fraud and Breach Summit, says in this interview.

A Congressional proposal that would allow HHS to offer technical assistance to private-sector efforts aimed at solving the problem of matching the right records to the right patient could pave the way for a significant breakthrough, says Lynne Thomas Gordon, CEO of AHIMA, which represents records professionals.

CISOs must be empowered to define the security architecture for smart cities. How? By securing endpoints of known and unknown device categories in the network, says David Dufour, head of security architecture for smart cities at Webroot.

Implementing a successful cybersecurity strategy in light of advanced threats calls for operationalizing three key principles: visibility, identity and risk, says Zulfikar Ramzan, chief technology officer at RSA.

Leading the latest ISMG Security Report, some security experts expect the United States government to retaliate against Moscow for interfering in the American presidential election if the Obama administration determines the Russian government was behind the hack of Democratic Party computers.

Neither ransomware nor social engineering is new, but both are more advanced and effective than ever. How can organizations improve how they detect and respond to the latest threats? James Lyne of Sophos shares insight and advice.

In light of the surge of ransomware attacks in the healthcare sector this year, security risk adviser John Pironti of ISACA offers in-depth technical advice on preparing for - and reacting to - such attacks.

Bruce Schneier, CTO of Resilient Systems, is busy exploring how IoT - the name given to computerization of everything in our lives - is changing the security world. "We're building a world-sized robot, and we don't even realize it."

Too many organizations have too many disjointed security controls, says Vijay Bharti of Happiest Minds. What do they need? An integrated cybersecurity approach that includes analytics, machine learning and a higher degree of automation.

An analysis of the GOP platform, which takes a tough stand against Chinese and Russian hackers and suggests 'hack back' as a suitable cyber defense, highlights this edition of the ISMG Security Report. Also featured: reports on mitigating Pokémon Go risks and the growth of the IT security workforce.

Security vendor Novetta recently led an independent investigation into the 2014 Sony breach. What lessons were learned, and how do they apply to today's threat landscape? Novetta's Peter LaMontagne shares key findings.

While enterprises rebuild or upgrade their security programs, they must guard against over emphasizing technology investments while neglecting staffing issues, says Ben Johnson, chief security strategist at Carbon Black.

By tracking "Indicators of Exposure" - the top techniques attackers could use to hack into any individual enterprise - organizations can better defend themselves against network intrusions and data breaches, says Gidi Cohen, CEO of Skybox Security.

The Asian security landscape continues to change dramatically, and ransomware and cyber extortion are among the emerging trends increasing in frequency and volume. Kaspersky Lab's Vitaly Kamluk shares insights and advice.

Mobile health applications, wearable fitness trackers and even social media sites are creating new privacy risks for health information because the data collected, shared and used falls outside the regulatory scope of HIPAA, says Lucia Savage of the Office of the National Coordinator for Health IT.

Examining the human factor in the age of cyber conflict and the new healthcare challenge concerning ransomware highlight this edition of the ISMG Security Report. Also, hackers target the Republican convention.