Operationalizing Information Security: Putting the Top 10 SIEM Best Practices to Work [ Source: AccelOps, Inc. ]
November 2012- The use of security information and event management (SIEM) as part of an integrated security management program is an information security best practice. Whether referring to security event management, security information management, log management systems, or more modern combined industry solutions, SIEM user requirements and operational considerations have evolved.

This eBook provides guidance to operationalize security and put the top 10 best SIEM practices to work, offering pertinent insights and details about how to ...

Establishing a Data-Centric Approach to Encryption [ Source: Voltage Security ]
April 2012- Many data breaches occur at companies that already have a data security policy in place. What is the problem? Typically, intrusion detection and other technologies designed to keep intruders out of your system are built to protect against previously known hacking strategies. This approach exposes your IT systems to great risk as new methods of intrusion are constantly being devised. Learn how to protect corporate data with a data-centric encryption strategy.

PCI DSS Compliance Demystified [ Source: Dell ]
June 2011- All companies that process, transmit or store credit card data must comply with PCI DSS v2.0. This white paper highlights the 12 requirements of PCI DSS and explains how one solution addresses all 12 requirements.

Discover how to implement effective controls to protect cardholder information and demonstrate provable compliance with one easy step.

An Executive Guide to Corporate Defence Management (CDM) [ Source: R.I.S.C. International ]
January 2008- This whitepaper on the emerging discipline of Corporate Defence Management (CDM) is the first of its kind dealing with this subject. The whitepaper represents the 3rd installment in a series of papers designed to raise awareness of the requirement for corporate defence to play a more eminent role in corporate strategy. This paper is designed to act as a helpful guide to executives interested in the area of contemporary corporate defence and in particular in ...

The Data is the New Perimeter [ Source: Voltage Security ]
April 2012- Most companies place a high premium on IT security, and believe they have ironclad protection. However, the toll from cyber-attacks continues to climb. That's because there are gaping vulnerabilities in the way defenses are deployed - firewalls, endpoint security and even protected storage can all be bypassed by attackers. Learn how a data-centric security approach can make data useless to data thieves.

A New Breed of Information Security Leader: The Hyper-Connected Era and What It Means for CIOs and CISOs [ Source: IBM ]
December 2012- 2011 was the year of the security breach. And while many security organizations remain in crisis response mode, some security leaders have moved to take a more proactive position, taking steps to reduce future risk. These leaders see their organizations as more mature in their security-related capabilities and better prepared to meet new threats. What have they done to create greater confidence? More importantly, can their actions show the way forward for others?

How Does IBM Deliver Cloud Security [ Source: IBM ]
December 2012- Cloud computing is changing the way we use computing and has the potential for significant economic and efficiency benefits. But the speed of adoption depends on how quickly trust in new cloud models can be established. Some of the growing cloud security concerns include: security of highly virtualised environments from targeted threats and attacks, enabling secure collaboration, protection of the data (isolation, sharing) in a rapid provisioning and deprovisioning environment while experiencing the loss of ...

Close Encounters of the Third Kind [ Source: IBM ]
December 2012- This white paper presents the results of a research study on the prevalence of client-side JavaScript vulnerabilities, conducted by the IBM Security (formerly, IBM Rational) application security team. For this study, the researchers used IBM JavaScript Security Analyzer (JSA) technology, which performs static taint analysis on JavaScript code that was collected from web pages extracted by an automated deep web crawl process. This kind of analysis is superior to and more accurate than regular static ...

Forrester Research - Disaster Recovery Exercises Fall Short of the Finish Line [ Source: VMware ]
October 2012- Though many enterprises have advanced disaster recovery technologies put in place, they still fall short when it comes to actual preparedness due to a lack of formal processes and a strict regimen for exercising DR plans.

This report details 10 tips for updating and improving your current DR exercise program to help you meet expected recovery objectives when faced with an unexpected event.

Cloud Identity Buyer's Guide [ Source: McAfee ]
October 2012- The software-as-a-service (SaaS) application delivery model is growing rapidly. However, customers who adopt the SaaS model struggle to manage the overwhelming number of user accounts they have to create. Their users are constantly forgetting their passwords and calling the help desk. They are unhappy because they have to reenter their user ID and password every time they logon to an application during the day. Overwhelmed IT administrators take too long to create accounts for new ...