Government Information Security Podcast

Commodity markets have created a cryptocurrency bloodbath that may not be over, but Richard Bird of SecZetta says economic patterns in history show that crypto "is not invalidated as a mean of commerce and exchange." He discusses the blockchain and the possible future uses of crypto.

Data breaches in the healthcare sector cost about $10.1 million - more than double the average cost of breaches across other industries - once again ranking the sector as having the most expensive data breaches, says Limor Kessem, principal consultant of cyber crisis management at IBM Security.

The ISMG Security Report analyzes a settlement with the U.S. Justice Department, in which Uber accepts responsibility for a data breach cover-up to avoid criminal charges. It also discusses why early-stage startups are conserving cash and recent initiatives from the U.S. Federal Trade Commission.

The latest edition of the ISMG Security Report asks: Whatever happened to Russia's cyberwar against Ukraine? It also looks at the curious case of a cardiologist who's been accused of moonlighting as a developer of such notorious strains of ransomware as Thanos and Jigsaw.

Future quantum computers will decrypt encrypted data, so businesses feel pressure to find quantum-resistant security solutions for data transmission. Wells Fargo Bank's Peter Bordow discusses the state of quantum computing, approaches to quantum security, and privacy-enhancing technologies.

A new assessment framework aims to help patients, healthcare providers and others examine the various privacy, security and other risks of digital health technologies, says Tim Andrews of the nonprofit Organization for the Review of Care and Health Applications, which co-developed the framework.

The latest edition of the ISMG Security Report analyzes why the number of ransomware attacks and the amounts being paid in ransoms are both on the rise. It also discusses today's cyberthreat landscape and whether organizations should rely on user training to improve security.

Rui Ribeiro, the founder and CEO of Jscrambler, a company that monitors and obfuscates JavaScript code, discusses the proliferation of web applications that use third-party code, the liability risks that often exist, and how Jscramber's products can increase the security of all application code.

Many healthcare sector entities are undertaking projects involving the collection, analysis and sharing of large volumes of health data. But along with those efforts come critical privacy and security concerns, says attorney Iliana Peters of Polsinelli.

Moises Zagala is a 55-year-old cardiologist living in Ciudad Bolivar, Venezuela. He has a bald head and an earnest smile. In one photo, he wears a doctor's white overcoat and has a stethoscope around his neck. But U.S. prosecutors allege Zagala led a double life and claim he's also a cybercriminal.

Chaim Mazal, discusses the issues affecting CISOs, including how increased market share leads to increased problems and how having uniform, automated controls can provide security and enforce compliance.

Ransomware attackers executing double-extortion schemes very carefully choose which data to steal and leak based on victims' economic sector, says Erick Galinkin, artificial intelligence researcher at security firm Rapid7. He discusses the latest ransomware data theft trends.

The latest edition of the ISMG Security Report discusses how financial service organizations should respond to the new "fraud universe." It also shares how CISOs can incorporate social media into their threat intelligence programs and describes the skills required by today's security leaders.

Anneka Gupta, chief product officer at Rubrik, discusses embedding Zero Trust principles into how the security company provides data resilience, data observability and data recovery for organizations. She also describes the "software-first" approach of building immutability directly into software.

How can you leverage artificial intelligence and make sense of data from different industries to determine whether a customer is creditworthy or whether an account is a mule account? Guy Sheppard, general manager of financial services at Aboitiz Data Innovation, discusses a case study.

Location data, browser history, IP addresses, and appointment scheduling are among the sensitive data putting individuals' privacy at risk in the wake of the decision to overturn Roe v. Wade, says Alexandra Reeve Givens of the Center for Democracy and Technology.

OT security has been at the center of the security conversation ever since the Colonial Pipeline attacks. Scott Flower, the founder of Pareto Cyber and a former global intelligence officer at FS-ISAC, discusses the challenges in OT security and where the industry needs to go.

The latest edition of the ISMG Security Report describes why firewalls and VPNs don't belong in Zero Trust design. It also discusses cybercriminals' evolving ransomware tactics and the devastating price of responding to a ransomware attack, as experienced by Travelex in 2019.

Recent draft guidance from the Food and Drug Administration represents a game-changer in how the makers of medical devices should approach the cybersecurity of their products, say Axel Wirth and Vidya Murthy of medical device security firm MedCrypt.

The latest edition of the ISMG Security Report investigates the reboot of ransomware group Conti, which supports Russia's invasion of Ukraine. It also discusses why paying ransomware actors is a "business decision" and how to respond to the talent shortage in the financial sector.