Data Breach Today Podcast

Getting forensics help should be one of the first steps an organization takes after a breach occurs, says IT security and privacy lawyer Miriam Wugmeister.

From mobile malware to the Anonymous hacktivist attacks, how can organizations tackle the changing threat landscape? In an RSA Conference preview, Joe Rogalski of First Niagara Bank shares ideas.

What are the top emerging fraud threats via mobile banking, and how must security leaders respond? In an RSA Conference preview, Julie McNelley of the Aite Group offers tips for fighting the newest threats.

NIST's Ron Ross will be quite busy at RSA Conference 2012, not only promoting revised guidance on security and privacy controls to be unveiled at the securing conclave, but also participating in a panel on one of his favorite topics: continuous monitoring.

What are the top emerging fraud threats to banking institutions via mobile banking, and how must security leaders respond? Julie McNelley of the Aite Group offers tips for fighting the newest threats.

Healthcare breach statistics reflect an unfortunate trend: "IT security has not really kept pace with the progress that's been made in the adoption of electronic health records," says Dan Berger, CEO of Redspin.

Organizations that have experienced a breach report that three lessons they learned were to limit the amount of personal information collected, limit sharing data with third parties and limit the amount of data stored, a new survey shows.

The privacy risks involved in using social media in healthcare can be minimized through innovative staff education, says risk management expert Paul Anderson.

Losses linked to debit fraud now exceed losses connected to check fraud, according to a new survey by the American Bankers Association. How are banks responding to the threat?

One reason why encryption is not more broadly used in healthcare is that so many organizations lack an updated risk assessment that identifies the role the technology can play in preventing breaches, says attorney Amy Leopard.

Online security starts with e-mail monitoring. BITS and FS-ISAC have partnered to launch a new registry service that aims to thwart phishing attacks.

Does the U.S. government's shuttering of the file-sharing website Megaupload.com show that new laws are not needed to battle intellectual property piracy? Brookings's Allan Friedman believes it does.

The Europay, MasterCard, Visa standard, commonly used in most global markets, is coming to the U.S. The sooner issuers, acquirers and merchants initiate migrations, the better, says Stephanie Ericksen, head of authentication product integration at Visa.

The recent breach that affected 24 million customers of Internet retailer Zappos.com should lead others to consider how much client information to store, says cybersecurity expert Fred H. Cate.

The Massachusetts eHealth Collaborative, a non-profit consultancy that experienced a health information breach, learned eight important lessons from the experience, says CEO Micky Tripathi.

Zappos was quick to communicate after discovering a data breach impacting 24 million customers. But did the online retailer respond appropriately, or make some missteps in its haste to notify? Francoise Gilbert of the IT Law Group gives a mixed review.

Security managers need the heads up from non-IT executives before they dismiss employees, some of whom might seek payback for their sacking by pilfering data or sabotaging systems, Carnegie Mellon University's Dawn Cappelli and Mike Hanley say.

The first step toward avoiding a data breach: Be aware of and learn from other organizations' mistakes. Listen to hear attorney David Szabo's top three tips for breach prevention and detection.

When your site processes more transactions annually than the London Stock Exchange, you'd better care deeply about breach prevention, says Ionut Ionescu, Head of Threat Management at Betfair.

Notifying patients about a healthcare information breach requires a "difficult balancing act" by entities to ensure that risks are not exaggerated, says attorney Robert Belfort, an expert in HIPAA compliance, fraud and abuse.