The resumption of the HIPAA compliance audit program is on hold while regulators analyze pilot audit project results and implement the HIPAA Omnibus Rule, says Susan McAndrew of the HHS Office for Civil Rights.

New research says more than 25 percent of consumers hit by a data breach later become victims of identity fraud - especially when payment card information is exposed. Javelin's Al Pascual shares analysis.

Will Pelgrin and Rich Licht of the Center for Internet Security see a strong link between cyber and physical security, and that has led to the creation of a new unit at the center to help local and state governments to secure both.

To improve security and increase workforce productivity across an enterprise, a set of integrated capabilities is needed, says Corey Williams, senior director of product management at Centrify.

Because data stored in a cloud-based "sandbox" environment for testing purposes is vulnerable, it should be masked to protect sensitive information, says Karen Hsu of Informatica.

The growth in cloud computing and mobility is creating a need for a streamlined, centralized process for managing user authentication, says Sarah Fender of PhoneFactor.

Financial institutions can use real-time security analytics to detect early indicators of fraud, such as cash-out schemes, says David Pack of LogRhythm.

The private sector has a unique opportunity to respond to President Obama's cybersecurity executive order and help shape information sharing and critical infrastructure protection. David Burg of PwC tells how.

Despite ever-evolving cybersecurity threats, David Knight of Proofpoint says spear phishing attacks are really the greatest worries for most security and risk officers.

Intelligence is helping organizations not only detect and prevent intrusions, says Mark Wood of Dell SecureWorks. It's also helping them identify they've been targeted for an attack in the first place.