Markus Jakobsson, Chief Scientist at Agari, has released a new book focused on socially-engineered schemes. What are the key takeaways, and how can security leaders improve their abilities to fight back against the schemers?

Attackers have healthcare entities in their crosshairs, and their favorite targets are easily compromised credentials. Tracy Hulver of Synchronoss offers new ideas for how security leaders can better manage and secure identities.

How can issuers and acquirers help smaller merchants improve payment card security? One way is to dramatically ramp up their efforts to educate the retailers about PCI compliance, says Michel Christodoulides of Barclaycard.

Commerce Secretary Penny Pritzker suggests that regulatory agencies should implement cyber threat information sharing programs with the businesses they regulate, not only to enhance their IT security, but to build a collaborative environment between the two, often adversarial sides.

The latest ISMG Security Report leads off with a discussion with DataBreachToday Executive Editor Mathew J. Schwartz on why online cybercrime is growing. Also, the status of the U.S. government's cyberthreat information sharing initiative.

In the wake of this week's rollout by NACHA, The Electronic Payments Association, of same-day ACH payments in the U.S., fraud departments at originating and receiving banks should be bracing for the new risks posed by faster payments, says NACHA's Jane Larimer, who offers insights on steps to take.

Cloud computing has already led to a fundamental shift in the enterprise computing paradigm, and security now needs to follow, says Gartner's Steve Riley, who shares recommendations.

The latest ISMG Security Report leads off with a segment in which Managing Editor Jeremy Kirk explains that the massive Yahoo breach not only exposed the accounts of a half-billion customers, but also the weaknesses in the way enterprises employ hashed passwords.

As pressure to speed the development of applications intensifies, CISOs must be the "voice of reason," taking a leadership role in ensuring security issues are addressed early in app development process, says John Dickson, principal at Denim Group, a Texas-based security consultancy.

In the face of evolving cyberthreats, organizations of all sizes need a more resilient cybersecurity architecture. Michael Kaczmarek of VeriSign describes how to achieve this resiliency.