ATM cash-outs and card-skimming schemes are getting more difficult to detect because today's attacks are global, coordinated and sophisticated, says ATM security expert Chuck Somers.

Researchers have a new option for securely accessing more than 400 billion federal healthcare records via a virtual data center, says Niall Brennan of the Centers for Medicare and Medicaid Services.

From a risk management perspective, the federal HealthCare.gov website should be shut down until its technical problems are fixed and end-to-end security testing is completed, says consumer advocate Christopher Rasmussen.

For risk managers, an often overlooked step for minimizing supply chain risks is to continually monitor outsourcers and other third parties to address critical security issues, says the Information Security Forum's Steve Durbin.

Computer scientists at the Georgia Institute of Technology are developing new ways to apply encryption when storing or searching data in the cloud, says Paul Royal, associate director of the university's information security center.

U.S. Attorney Steve Wiggington says identity theft, especially linked to card skimming, is still the No. 1 fraud threat facing financial services institutions as well as consumers. He stresses information sharing is critical for fighting fraud.

Organizations need to know how other enterprises handle cyber-attacks to truly understand whether their IT security investments will pay off, the EastWest Institute's Karl Rauscher says.

Every second, 80 "things" are being connected to the Internet, and ISACA's Rob Stroud says that requires information security professionals to identify and mitigate threats, protect individuals' privacy and manage access.

Curt Kwak, CIO of the Washington state health insurance exchange, explains the steps his team took to help ensure the launch went relatively smoothly, paving the way for thousands to sign up for insurance.

New requirements to mitigate payment card risks posed by third parties, such as cloud providers and payment processors, are a focal point of the PCI Security Standards Council's updated data security standard.