Cyberterror
(9)
Risk Management: Bridging Policies and Procedures - Fundamental Security Concepts
[ Source: Global Knowledge ]
October 2008-One thing that security professionals know is that security is about processes, not about the technology. The key to security is to match the technology to the process, but you have to know the process first. Policies and procedures are the requirements, and risk management is the bridge between the two. Collectively, they are the road maps that lead to effective and efficient security designs. This white paper covers the basics of risk management in ....
Protecting Against the New Wave of Malware
[ Source: Sunbelt Software ]
September 2008-Managing threats to the endpoint infrastructure is becoming increasingly difficult for most organizations regardless of their size. Viruses, worms, spyware and other forms of malware are becoming more virulent, their authors are becoming more adept at getting around existing defenses, and the profits generated by malware are funding new and more dangerous threats.
At the same time, many anti-virus, anti-spyware and other anti-malware defenses are not keeping up with the growing threats ....
Trends in Information Security: A CompTIA Analysis of IT Security and the Workforce
[ Source: CompTIA ]
September 2008-As global trends of workforce mobility and decentralization put a greater strain on IT security infrastructure, it is becoming increasingly more complex for corporate IT departments to safeguard information. More than ever before, firms are using diverse devices to exchange information faster and over longer distances, and the growing use of technologies supporting this trend - such as handheld devices or voice over IP – gives rise to new risks. As a result, corporate IT ....
Fast-Start Failover Best Practices: Oracle Data Guard 10g Release 2
[ Source: Oracle ]
January 2008-Fast-Start Failover is an Oracle Data Guard 10g Release 2 feature that mechanically and reliably fails over to an elected, synchronized standby database in the event of loss of the manufacture database, without requiring manual intervention to execute the failover. In addition, following a fast-start failover, the original production database is automatically reconfigured as a new standby database upon reconnection to the configuration. This white paper explains Fast-Start Failover and describes Maximum Availability Architecture (MAA) ....
Vulnerability Management for Dummies
[ Source: Qualys ]
May 2008-As a business owner, or someone responsible for network security within your organization, you need to understand how to prevent attacks and eliminate network weaknesses that leave your business exposed and at risk.
"Vulnerability Management for Dummies" arms you with the facts and shows you how to implement a successful Vulnerability Management program. Whether your network consists of just a handful of computers or thousands of servers distributed around the world, this book ....
ThinkVantage Security Strategy and Client Security Solution 6.0
[ Source: IBM ]
January 2008-This paper published by IBM describes ThinkVantage security strategy and the roll that Client Security Solution 6.0 plays in that strategy. The ThinkVantage security strategy is to provide a complementary set of security features as value add to ThinkPad notebooks and ThinkCentre desktops. The purpose of this set of security features is to enable customers to implement a layered defense security model on PCs.
The Effectiveness of Security Policies
[ Source: IronPort Systems ]
November 2008-This set of findings from a security study on data leakage revealed that many companies do not have security policies and that security policies that are in place are often ineffective. This analysis provides additional justification for the initial survey findings, which reported that employees around the world are putting corporate and personal data at risk.
The survey included more than 2000 employees and information technology professionals in 10 countries that Cisco selected because ....
Data Backup and Compliance: Three Reasons to Get It Right
[ Source: Remote Backup Systems ]
January 2008-Fortune 500 companies have been vilified for reckless data stewardship and fabrication of financial reports. Corporate America, already under varying degrees of competitive and performance pressure, is now faced with compliance legislation and disclosure requirements that seek to right some of wrongs done to consumers, investors, and employees alike. Access and process controls, internal and third party audits, reporting requirements and penalties for non-compliance are just a few of the areas that will be addressed ....
NAC 2.0: A New Model For a More Secure Future
[ Source: Sophos ]
September 2008-As organizations turn to network access control (NAC) technologies to protect their networks and data, the flaws of earlier versions of NAC are becoming apparent. New pressures from a constantly changing threat environment and an increasingly mobile workforce require a new NAC model that will offer more finely controlled network access, an increased agility of response, and a better focus on network, desktop, and security operations. This paper looks at where NAC 1.0 went wrong ....
The Case for Security Information and Event Management (SIEM) in Proactive Network Defense
[ Source: TriGeo Network Security ]
January 2008-It’s widely accepted that Security Information and Event Management (SIEM) systems are excellent tools for regulatory compliance, log management and analysis, trouble-shooting and forensic analysis. What’s surprising to many is that this technology can play a significant role in actively defending networks. This whitepaper explains precisely how real-time analysis, combined with in-memory correlation, and automated notification and remediation capabilities can provide unprecedented network visibility, security and control.
2007 InformationWeek/Accenture Global Information Security Survey
[ Source: InformationWeek ]
July 2007-
With the constant threat of hackers and malicious coders, and the alarming rate of customer data breaches and identity theft, information security remains one of the highest priorities for business technology professionals around the globe. InformationWeek Research and Accenture provide you with in-depth data about security investments and practices in the 2007 Information Security Survey report. This study -- in it's tenth year -- examines the security practices and experiences of ....
2006 InformationWeek/Accenture Global Information Security Survey
[ Source: InformationWeek ]
July 2006-
Great strides have been made worldwide in improving data security, meeting compliance standards, and enhancing data privacy. But is it enough? The overwhelming answer is no. With the constant threat of hackers and malicious coders, and the alarming rate of customer data breaches and identity theft, information security remains one of the highest priorities for business technology professionals around the globe. InformationWeek Research and Accenture provide you with in-depth data about security investments ....
Does Size Matter? The security challenge of the SMB
[ Source: McAfee ]
September 2008-
Just because a business is small, doesn’t mean it’s immune to security threats. Security challenges facing Small and Medium Businesses in North America are on the rise. For businesses of all sizes, viruses, hacker intrusions, spyware and spam can lead to lost or stolen data, computer downtime, decreased productivity, compliance issues, lost sales and even loss of reputation. According to a recent survey conducted by McAfee, many small and medium sized businesses felt they ....
Sophos Security Threat Report: Mid-Year Update
[ Source: Sophos ]
July 2008-
Hackers attack businesses, blogs and Web 2.0 sites... The latest Security Threat Report from Sophos gives you a comprehensive insight into the very latest methods being used by cybercriminals to try to out-fox traditional security systems. Download a copy and benefit from the expert analysis and opinion that will help you stay ahead of today’s increasingly covert threats.
2008 Internet Security Trends: A report on Emerging Attack Platforms for Spam, Viruses and Malware
[ Source: IronPort Systems ]
November 2008-
The overall trends in spam and malware can be characterized by a larger number of more targeted, stealthy and sophisticated attacks. This report is designed to help highlight the key security trends of today and suggest ways to defend against the sophisticated new generation of Internet threats certain to arise in the future.
Sophos Security Threat Report: Mid-Year Update
[ Source: Sophos ]
July 2008-
Hackers attack businesses, blogs and Web 2.0 sites... The latest Security Threat Report from Sophos gives you a comprehensive insight into the very latest methods being used by cybercriminals to try to out-fox traditional security systems. Download a copy and benefit from the expert analysis and opinion that will help you stay ahead of today’s increasingly covert threats.
Does Size Matter? The security challenge of the SMB
[ Source: McAfee ]
September 2008-
Just because a business is small, doesn’t mean it’s immune to security threats. Security challenges facing Small and Medium Businesses in North America are on the rise. For businesses of all sizes, viruses, hacker intrusions, spyware and spam can lead to lost or stolen data, computer downtime, decreased productivity, compliance issues, lost sales and even loss of reputation. According to a recent survey conducted by McAfee, many small and medium sized businesses felt they ....
2007 InformationWeek/Accenture Global Information Security Survey
[ Source: InformationWeek ]
July 2007-
With the constant threat of hackers and malicious coders, and the alarming rate of customer data breaches and identity theft, information security remains one of the highest priorities for business technology professionals around the globe. InformationWeek Research and Accenture provide you with in-depth data about security investments and practices in the 2007 Information Security Survey report. This study -- in it's tenth year -- examines the security practices and experiences of ....
2006 InformationWeek/Accenture Global Information Security Survey
[ Source: InformationWeek ]
July 2006-
Great strides have been made worldwide in improving data security, meeting compliance standards, and enhancing data privacy. But is it enough? The overwhelming answer is no. With the constant threat of hackers and malicious coders, and the alarming rate of customer data breaches and identity theft, information security remains one of the highest priorities for business technology professionals around the globe. InformationWeek Research and Accenture provide you with in-depth data about security investments ....
The Business of Privacy
[ Source: Voltage Security Inc. ]
July 2008-
Information privacy has become a major policy for organizations large and small in the corporate, government, financial, healthcare, retail and other sectors. Compliance initiatives are not only complex, but they can be costly, cumbersome and confusing. As digital business communication become essential and ubiquitous, it contributes to a proliferation of personal customer data that organizations must protect.
Real World Security for SCADA & Process Control Systems
[ Source: Progress Energy ]
July 2008-
As physical and information security convergesýparticularly in transportation, utilities and national security systemsýinfosec professionals must learn more about Supervisory Control and Data Acquisition (SCADA) and process control systems. This presentation looks at how control systems work, threats particular to control systems and a case study in Progress Energy's approach to cyber security standards for the electric power industry.
Cisco - Strategies to Protect Against Distributed Denial of Service (DDoS) Attacks
[ Source: Cisco ]
January 2008-
In order to facilitate Distributed Denial of Service (DDoS), the attackers need to have several hundred to several thousand compromised hosts. The process of compromising a host and installing the tool is automated. Because an automated process is used, attackers can compromise and install the tool on a single host in under 5 seconds. This white paper contains information to help the reader understand how DDoS attacks are orchestrated, recognize programs used to facilitate DDoS ....
DDoS Threatens Financial Institutions - Get Prepared!
[ Source: ReymannGroup ]
January 2008-
This paper provides an overview of the increased threat to financial institution from Distributed Denial of Service (DDoS) attacks and how to defend network from such attacks. Financial institutions’ growth in online banking, networking and access to the Internet has led to an alarming increase in operational, reputation, strategic, and systemic risks not to mention real time attacks like Distributed Denial of Service (DDoS). Financial institutions that are subject to a real time attack could ....