Many CEOs and boards of directors are failing their companies by not truly understanding their cybersecurity risks, says Steve Durbin of the Information Security Forum. He stresses that senior leaders must ensure their organizations provide adequate funding to manage risks.

Mergers and acquisitions create challenges for CISOs, including allocating resources to meet the information security needs of newly united companies, says Joey Johnson, CISO of Premise Health.

Everyone's talking about business email compromise, but what they aren't talking enough about is what's at the root of these attacks - spear phishing. Joseph Opacki of PhishLabs discusses how security leaders must respond to the threat.

The recent data breach at U.K.-based telecom company TalkTalk illustrates that breach risk mitigation is a critical issue worldwide. PCI's Jeremy King, who will be a featured speaker at ISMG's Fraud Summit London on Oct. 27, explains why European data security is getting more scrutiny.

A number of short-term and long-term hurdles, including technology and policy issues, stand in the way of achieving secure, interoperable, nationwide health information exchange, says David Kibbe, M.D., of DirectTrust, which maintains a secure email framework.

Building a strong platform to secure enterprise email systems is like piecing together a puzzle by joining existing technologies from various sources. NIST is readying a guide to do just that.

In an exclusive interview, Harris Health System CISO Jeffrey Vinson explains how his team is spearheading an effort to help the federal government and the healthcare industry improve cyber threat intelligence sharing.

The information security field has done a poor job of attracting and retaining women, contends Jo Stewart-Rattray, international director of ISACA, who emphasizes the need for mentoring as well as salary equity.

The healthcare cyber threat landscape will become even more menacing next year, while a shortage of cybersecurity resources will make dealing with those challenges increasingly difficult, predicts Charles Christian, chairman of CHIME.

Healthcare organizations should take three important steps to help improve the cybersecurity of medical devices used in their environments, says security expert Kevin Fu. Hear his advice in this interview.