Healthcare Information Security Podcast

No one - not even a security vendor - is immune to cyber attacks. "It's not a question of if or when companies will face an attack, but how they're going to defend against it," says Symantec's Francis deSouza.

This year's HIPAA compliance audit program will come up somewhat short of the target of 150 audits, says Leon Rodriguez, the nation's lead HIPAA enforcer.

The Obama administration's Consumer Privacy Bill of Rights should be seen as a vital document to help shape an expansive and globally accepted privacy framework in the United States, privacy and data security lawyer Lisa Sotto says.

This is the first RSA Conference since 2011's high-profile security breaches. How did those incidents influence this year's agenda? Hugh Thompson explains in an exclusive event preview.

Winning CEOs' support for information security investments requires clearly explaining the business impact of inadequate security, says consultant Eric Mueller.

Mobile security is a new discussion track at RSA Conference, but it's long been a hot topic for CISOs. Entrust's Dave Rockvam discusses BYOD and how organizations are securing personally-owned devices.

A mobile device management system is critical to any effort to accommodate the use of personally owned mobile devices for work purposes, says Bill Spooner, CIO at Sharp Healthcare.

The insider threat: It's a top challenge for any organization, and it's a hot topic for RSA Conference attendees. Dawn Cappelli and Randy Trzeciak preview their new book, The CERT Guide to Insider Threats.

IT security practitioners who employ the RSA public-private key cryptography needn't lose sleep about its efficacy, despite new research that raises questions on how it creates large prime numbers to generate secret keys, IT security authority Gene Spafford says.

High-profile class action lawsuits filed in the wake of major health information breaches will prove to be a strong catalyst for ramped up data security, a panel of attorneys says.

Jason Clark, CSO of Websense, has met recently with 400 CSOs. In a pre-RSA Conference interview, he discusses how security leaders can be more effective when facing mobile security and other challenges.

Getting forensics help should be one of the first steps an organization takes after a breach occurs, says IT security and privacy lawyer Miriam Wugmeister.

From mobile malware to the Anonymous hacktivist attacks, how can organizations tackle the changing threat landscape? In an RSA Conference preview, Joe Rogalski of First Niagara Bank shares ideas.

What are the top emerging fraud threats via mobile banking, and how must security leaders respond? In an RSA Conference preview, Julie McNelley of the Aite Group offers tips for fighting the newest threats.

NIST's Ron Ross will be quite busy at RSA Conference 2012, not only promoting revised guidance on security and privacy controls to be unveiled at the securing conclave, but also participating in a panel on one of his favorite topics: continuous monitoring.

What are the top emerging fraud threats to banking institutions via mobile banking, and how must security leaders respond? Julie McNelley of the Aite Group offers tips for fighting the newest threats.

To build an effective information security program, healthcare organizations need to take seven essential steps, including updating a risk assessment, says consultant Tom Walsh.

Mike Mitchell, new chair of the Payment Card Industry Security Standards Council, says mobility is among his top priorities for action in 2012. How will emerging technologies influence the standard?

When Google amended its policy, suddenly everyone was talking about privacy. How do privacy officers turn these discussions to their advantage? Kirk Herath of Nationwide Insurance has some ideas.

What does a U.S. patent protect, and why should security leaders care? Attorney James Denaro details the risks and the questions you need to ask about the cybersecurity technologies you use.