Healthcare Information Security Podcast

Activity at the State Level Points Toward a Federal Data Breach Notification Law Data privacy legislation -- the trend started in California and is being discussed heatedly in Massachusetts today. Data breach notification and privacy laws have now been enacted in 40 separate states, and government observers think we're close to seeing federal legislation proposed. In an exclusive interview, Randy Sabett, a noted privacy/information security attorney, discusses: Trends in state data privacy legislation; What these laws mean to businesses; The Obama Administration's approach to data privacy; Trends to keep an eye on throughout 2009. Randy V. Sabett, CISSP, is a partner in the Washington, D.C. office of Sonnenschein Nath & Rosenthal LLP, where he is a member of the Internet, Communications & Data Protection Practice. He counsels clients on information security, privacy, IT licensing, and patents, dealing with such issues as Public Key Infrastructure (PKI), digital and electronic signatures, federated identity, HIPAA, Gramm-Leach-Bliley, Sarbanes-Oxley, state and federal information security and privacy laws, identity theft and security breaches. He served as a Commissioner for the Commission on Cyber Security for the 44th Presidency.

Interview with Jody Westby, Adjunct Distinguished Fellow at CyLab and CEO at Global Cyber Risk At a time when risks are high and consumer confidence is low, corporate boards of directors aren't paying nearly enough attention to information security and cyber threats. This is the key takeaway from a new Carnegie Mellon University CyLab survey, which shows that there is a "gaping hole as wide as the Grand Canyon" in board and senior executive oversight of these critical business issues. Read more about this survey in an article by Linda McGlasson. To understand this study, we spoke with its author, Jody Westby, Adjunct Distinguished Fellow at CyLab and CEO at Global Cyber Risk. In an exclusive interview, she discusses: Key findings; Greatest concerns from the study; Recommendations for what financial institutions should do now to address these concerns. Jody Westby received her B.A., summa cum laude, University of Tulsa; J.D., magna cum laude, Georgetown University Law Center; Order of the Coif. Drawing upon a unique combination of more than 20 years of technical, legal, policy, and business experience, Jody Westby brings a seasoned, multidisciplinary perspective to the many issues facing businesses and governments today in the areas of privacy, information security, outsourcing/offshoring risks, cybercrime, and IT business risk management. She regularly consults with governments, private sector executives, and operational personnel on the development of enterprise security programs that dovetail the technical, legal, operational, and managerial considerations. Prior to forming Global Cyber Risk, Ms. Westby served as senior managing director for PricewaterhouseCoopers (PwC), specializing in outsourcing and cyber security/privacy issues. Before that, she was president of The Work-IT Group, launched an IT solutions company for the CIA, managed the domestic policy department for the world's largest business organization, was senior fellow and director of information technology (IT) studies for one of the nation's leading think tanks, practiced law with two top-tier New York firms, and spent 10 years in the computer industry specializing in database management systems.

Interview with Jody Westby, Adjunct Distinguished Fellow at CyLab and CEO at Global Cyber Risk At a time when risks are high and consumer confidence is low, corporate boards of directors aren't paying nearly enough attention to information security and cyber threats. This is the key takeaway from a new Carnegie Mellon University CyLab survey, which shows that there is a "gaping hole as wide as the Grand Canyon" in board and senior executive oversight of these critical business issues. Read more about this survey in an article by Linda McGlasson. To understand this study, we spoke with its author, Jody Westby, Adjunct Distinguished Fellow at CyLab and CEO at Global Cyber Risk. In an exclusive interview, she discusses: Key findings; Greatest concerns from the study; Recommendations for what financial institutions should do now to address these concerns. Jody Westby received her B.A., summa cum laude, University of Tulsa; J.D., magna cum laude, Georgetown University Law Center; Order of the Coif. Drawing upon a unique combination of more than 20 years of technical, legal, policy, and business experience, Jody Westby brings a seasoned, multidisciplinary perspective to the many issues facing businesses and governments today in the areas of privacy, information security, outsourcing/offshoring risks, cybercrime, and IT business risk management. She regularly consults with governments, private sector executives, and operational personnel on the development of enterprise security programs that dovetail the technical, legal, operational, and managerial considerations. Prior to forming Global Cyber Risk, Ms. Westby served as senior managing director for PricewaterhouseCoopers (PwC), specializing in outsourcing and cyber security/privacy issues. Before that, she was president of The Work-IT Group, launched an IT solutions company for the CIA, managed the domestic policy department for the world's largest business organization, was senior fellow and director of information technology (IT) studies for one of the nation's leading think tanks, practiced law with two top-tier New York firms, and spent 10 years in the computer industry specializing in database management systems.

Interview with Jody Westby, Adjunct Distinguished Fellow at CyLab and CEO at Global Cyber Risk At a time when risks are high and consumer confidence is low, corporate boards of directors aren't paying nearly enough attention to information security and cyber threats. This is the key takeaway from a new Carnegie Mellon University CyLab survey, which shows that there is a "gaping hole as wide as the Grand Canyon" in board and senior executive oversight of these critical business issues. Read more about this survey in an article by Linda McGlasson. To understand this study, we spoke with its author, Jody Westby, Adjunct Distinguished Fellow at CyLab and CEO at Global Cyber Risk. In an exclusive interview, she discusses: Key findings; Greatest concerns from the study; Recommendations for what financial institutions should do now to address these concerns. Jody Westby received her B.A., summa cum laude, University of Tulsa; J.D., magna cum laude, Georgetown University Law Center; Order of the Coif. Drawing upon a unique combination of more than 20 years of technical, legal, policy, and business experience, Jody Westby brings a seasoned, multidisciplinary perspective to the many issues facing businesses and governments today in the areas of privacy, information security, outsourcing/offshoring risks, cybercrime, and IT business risk management. She regularly consults with governments, private sector executives, and operational personnel on the development of enterprise security programs that dovetail the technical, legal, operational, and managerial considerations. Prior to forming Global Cyber Risk, Ms. Westby served as senior managing director for PricewaterhouseCoopers (PwC), specializing in outsourcing and cyber security/privacy issues. Before that, she was president of The Work-IT Group, launched an IT solutions company for the CIA, managed the domestic policy department for the world's largest business organization, was senior fellow and director of information technology (IT) studies for one of the nation's leading think tanks, practiced law with two top-tier New York firms, and spent 10 years in the computer industry specializing in database management systems.

Interview with David Richards, President of the Institute of Internal Auditors Internal auditing has always been a key function within financial systems, and it becomes even more so when it comes to IT and information security. In this exclusive interview, David Richards, President of the Institute of Internal Auditors (IIA), discusses: The key differences between internal and IT auditors; The role of the audit committee and board of directors - what they need to know about IT governance; Frameworks to consider when establishing IT governance in your institution.

Interview with David Richards, President of the Institute of Internal Auditors Internal auditing has always been a key function within financial systems, and it becomes even more so when it comes to IT and information security. In this exclusive interview, David Richards, President of the Institute of Internal Auditors (IIA), discusses: The key differences between internal and IT auditors; The role of the audit committee and board of directors - what they need to know about IT governance; Frameworks to consider when establishing IT governance in your institution.

Interview with David Richards, President of the Institute of Internal Auditors Internal auditing has always been a key function within financial systems, and it becomes even more so when it comes to IT and information security. In this exclusive interview, David Richards, President of the Institute of Internal Auditors (IIA), discusses: The key differences between internal and IT auditors; The role of the audit committee and board of directors - what they need to know about IT governance; Frameworks to consider when establishing IT governance in your institution.

Interview with Jennifer Bayuk, Former CISO at Bear Stearns & Co. Governance is a term increasingly used in financial institutions, as banking/security leaders try to introduce new processes and disciplines to their organizations. In this exclusive interview, Jennifer Bayuk, an information security specialist and former CISO at Bear Stearns & Co., discusses: What governance means to a security organization; Elements of good governance; Speedbumps en route to success; Potential short- and long-terms rewards of good governance.

Interview with Jennifer Bayuk, Former CISO at Bear Stearns & Co. Governance is a term increasingly used in financial institutions, as banking/security leaders try to introduce new processes and disciplines to their organizations. In this exclusive interview, Jennifer Bayuk, an information security specialist and former CISO at Bear Stearns & Co., discusses: What governance means to a security organization; Elements of good governance; Speedbumps en route to success; Potential short- and long-terms rewards of good governance.

Interview with Jennifer Bayuk, Former CISO at Bear Stearns & Co. Governance is a term increasingly used in financial institutions, as banking/security leaders try to introduce new processes and disciplines to their organizations. In this exclusive interview, Jennifer Bayuk, an information security specialist and former CISO at Bear Stearns & Co., discusses: What governance means to a security organization; Elements of good governance; Speedbumps en route to success; Potential short- and long-terms rewards of good governance.

Interview with Kim Matlon, Business Continuity/Crisis Management Expert Workplace violence - it's one of the most common but least understood risks to all businesses. From robberies gone awry to bullies in the workplace to domestic anger spilling over from home, the workplace is rife for violent situations. In this interview, Kim Matlon, COO of R&A Crisis Management Services, an Ill.-based business continuity, crisis management and project management consulting firm, offers insight on: The four types of workplace violence; Red flags to look for in employees and communications; How to help ensure employees' safety.

Interview with Kim Matlon, Business Continuity/Crisis Management Expert Workplace violence - it's one of the most common but least understood risks to all businesses. From robberies gone awry to bullies in the workplace to domestic anger spilling over from home, the workplace is rife for violent situations. In this interview, Kim Matlon, COO of R&A Crisis Management Services, an Ill.-based business continuity, crisis management and project management consulting firm, offers insight on: The four types of workplace violence; Red flags to look for in employees and communications; How to help ensure employees' safety.

Interview with Kim Matlon, Business Continuity/Crisis Management Expert Workplace violence - it's one of the most common but least understood risks to all businesses. From robberies gone awry to bullies in the workplace to domestic anger spilling over from home, the workplace is rife for violent situations. In this interview, Kim Matlon, COO of R&A Crisis Management Services, an Ill.-based business continuity, crisis management and project management consulting firm, offers insight on: The four types of workplace violence; Red flags to look for in employees and communications; How to help ensure employees' safety.