Healthcare Information Security Podcast

Financial institutions can use real-time security analytics to detect early indicators of fraud, such as cash-out schemes, says David Pack of LogRhythm.

The growth in cloud computing and mobility is creating a need for a streamlined, centralized process for managing user authentication, says Sarah Fender of PhoneFactor.

Because data stored in a cloud-based "sandbox" environment for testing purposes is vulnerable, it should be masked to protect sensitive information, says Karen Hsu of Informatica.

To improve security and increase workforce productivity across an enterprise, a set of integrated capabilities is needed, says Corey Williams, senior director of product management at Centrify.

One of the biggest challenges facing organizations is that fraudsters constantly change the way they try to cheat banks and other organizations, says Rajib Roy, president of Equifax Identity and Fraud Solutions, which provides advanced analytics and proprietary technology to deliver customize insights for identity intelligence, fraud prevention, privacy and data security.

Public cloud services can reduce costs for large enterprises, but they pose security risks that must be addressed, says Tsahy Shapsa of CloudLock.

The new generation of mobile applications requires layers of security to protect integrity, says Vince Arneja of Arxan Technologies.

Banking institutions need to ramp up their ability to deal with security issues as they roll out more mobile banking applications, says Andrew McLennan of Metaforic.

The Cleveland Clinic is in continuous risk assessment mode, always on the lookout for emerging threats and vulnerabilities, says Mark Dill, director of information security. Learn about his top priorities.

Balancing the customer experience with risk mitigation is tricky, says Jon Karl of Iovation. But automating customer reputation profiles can help organizations take the guesswork out of fraud prevention, and improve the experience on both sides of the transaction.

Distributed-denial-of-service attacks are not new, but they are being taken more seriously as a threat to network security and data protection, especially by financial-services, says Ashley Stephenson of Corero Network Security.

Security leaders know their old perimeter-based security models are insufficient. But what new model is best? And how can it reduce reliance on passwords for authentication? Julian Lovelock of HID Global offers insight.

Companies developing their own mobile applications must take steps to ensure their security policies are followed no matter where or how the apps are used, says Kurt Stammberger of Mocana Corp.

Advanced persistent threats are evolving, and banks can help thwart them by using continuous monitoring for real-time detection, says J. Paul Haynes of eSentire.

Combining a network access control system with a mobile device management system is a good way to address security for BYOD, says Scott Gordon of ForeScout.

Cyberattacks used as modes of distraction for fraud are organizations' biggest concern, say Pam O'Neal and Scott Register of IXIA.

Automating governance, risk and compliance reduces vulnerabilities that can have an adverse impact on the bottom line, says Sergio Thompson-Flores, chief executive of Modulo, a provider of GRC offerings.

Hewlett-Packard's John Diamant points out most enterprises invest little in the area with the greatest vulnerabilities: application security.

Most organizations have more data than they know what to do with, much less understand how they can use that data in a meaningful way, say NopSec's Lisa Xu and Steven Leonard. Having the ability to aggregate that data is key.

Debate over cybersecurity bills last year coupled with recent, highly publicized attacks have raised the visibility of the threat, and that could push Congress to enact IT security legislation in 2013, White House Cybersecurity Coordinator Michael Daniel says.