2012 IBM X-Force Annual Trend and Risk Report [ Source: IBM ]
May 2013- The IBM X-Force Trend and Risk Report is produced twice per year: once at mid-year and once at year-end. This report provides statistical information about all aspects of threats that affect Internet security, including software vulnerabilities and public exploitation, malware, spam, phishing, web-based threats, and general cyber criminal activity. They are intended to help customers, fellow researchers, and the public at large understand the changing nature of the threat landscape and what might be done ...
Finding a Strategic Voice: Insights from the 2012 IBM Chief Information Security Officer Assessment [ Source: IBM ]
May 2013- In a hyper-connected era, a proactive integrated and strategic approach to security can empower businesses to do more than just cope with current threats - it can actually help reduce future risks. Read the IBM study, "Finding a strategic voice," and discover more insights from the 2012 IBM Chief Information Security Officer Assessment.
Five Critical Components Of An Information Security Program [ Source: TraceSecurity, Inc ]
February 2013- Current market solutions are built to protect the enterprise and are too resource intensive for most organizations to manage. Learn about five key components that any risk-based information security solution must include to cost effectively and efficiently protect information and meet regulatory requirements - regardless of industry, organization size or security skill set.
Transforming IT GRC into a Mainstream Business Application [ Source: TraceSecurity, Inc ]
February 2013-
Coping with the complexities of IT GRC is a growing market dilemma for small and medium organizations (SMEs) and a new IT GRC prescription is well overdue - one that provides true enterprise-class capabilities, but without the enterprise burden on resources.
This paper explains the SME information security landscape and how to best leverage an integrated, cloud-based approach to adopt an IT GRC strategy that reveals your organization's risk posture, enforces security policies, ...
McAfee Vulnerability Manager Product Review by S3KUR3 Inc [ Source: McAfee ]
February 2013- Threats and vulnerabilities are a way of life for IT admins. This paper focuses on how McAfee's Vulnerability Manager and McAfee ePolicy Orchestrator provide IT Admins with powerful and effective tool for identifying and remediating vulnerable systems.
ESG Technology Brief: Real-Time Risk Management [ Source: McAfee ]
February 2013- Information security based on regulatory compliance stipulations cannot keep up with today's sophisticated and rapidly changing threat landscape. CISOs need to implement a new discipline that ESG calls, "Real-time Risk Management."
Miercom Lab Test Report - McAfee Risk Management Solution January 2011 [ Source: McAfee ]
February 2013- Taking a risk-based approach to vulnerability lifecycle management is becoming the norm for vulnerability assessment vendors. This paper reports on the findings when testing McAfee's Risk Management solution from a holistic risk management and vulnerability lifecycle management perspective.
Gartner MarketScope for Vulnerability Assessment Report [ Source: McAfee ]
February 2013- Vulnerability assessment vendors compete on management features, configuration assessment, price, reporting and integratin with other security products. Buyers must consider how VA will fit into their overal vulnerability management process when evaluatiing VA products and services.
Top 10 Reasons Your Company Does NOT Need McAfee Vulnerability Manager [ Source: McAfee ]
February 2013- Some IT and Security teams wonder if automated vulnerability management is important given the many pressing demands for other IT projects and investments they face. The purpose of this paper is to help these IT and Security professionals evaluate their security posture and risk.
Protect Critical Assets with Virtual Patching White Paper [ Source: McAfee ]
February 2013- As long as there is software, there will be software vulnerabilities. And wherever there are vulnerabilities, you will find malware and cybercriminals. This paper will examine that risk and provide a step by step process to protect your companies critical assets.
Discover. Evaluate. Act. White Paper [ Source: McAfee ]
February 2013- Up until now, your view of risk while monitoring your network has been incomplete. This white paper discusses a new, innovative approach to protecting your network through a combination of active and passive network discovery and monitoring, in real-time.
IBM SmartCloud For Social Business Security [ Source: IBM ]
January 2013-
Security is a competitive differentiator for SmartCloud for Social Business. SmartCloud for Social Business's business-ready security is based on a deep understanding of security and privacy best practices developed at IBM over decades of managing data and systems on behalf of IBM and its clients.
IBM's security controls provide privacy and controlled authorization to sensitive information while enabling business operations. SC4SB protects our customers' information through governance, tools, technology, techniques, and personnel, ...
A New Breed of Information Security Leader: The Hyper-Connected Era and What It Means for CIOs and CISOs [ Source: IBM ]
December 2012- 2011 was the year of the security breach. And while many security organizations remain in crisis response mode, some security leaders have moved to take a more proactive position, taking steps to reduce future risk. These leaders see their organizations as more mature in their security-related capabilities and better prepared to meet new threats. What have they done to create greater confidence? More importantly, can their actions show the way forward for others?
Consolidated Security Management for Mainframe Clouds [ Source: IBM ]
December 2012- IBM Security and IBM Information Management solutions for security work with the IBM System z platform to allow the mainframe to serve as an enterprise security hub, providing comprehensive, centralized security capabilities for organizations with distributed, multiplatform IT environments.
Intelligent Role Management for Improved Security and Compliance [ Source: IBM ]
December 2012- In complex organizations with sprawling role structures, managing user access and entitlements can be overwhelming. As part of an effective strategy for identity and access management governance, role management is a powerful method with which to strengthen and streamline the management process. Although role management solutions may help, many are overly complex and are not suited for business users. To find out how the integrated Role and Policy Modeler component of IBM Security Identity Manager ...
Reducing PCI DSS Scope: The Gateway Approach [ Source: Intel ]
October 2012- This White Paper discusses how you can generate tokens that replace credit card numbers with surrogates, removing systems from PCI DSS "Scope" -- which include any network components that are the primary focus of PCI DSS regulation, compliance and assessment.
Tokenization Buyer's Guide [ Source: Intel ]
October 2012- PCI DSS expert and QSA Walter Conway takes you on a deep dive tour of tokenization techniques and their merits. He also demystifies tokenization by discussing use cases, comparing tokenization vs. encryption and providing various alternatives for implementing tokenization. Finally, Walter provides guidance on how to prepare for implementing tokenization and select a solution appropriate for your needs.
Finding An Effective Antivirus Solution To Please Users & Administrators [ Source: ESET ]
October 2012- Does your anti-virus bring your systems to a crawl? Is it causing administrators to pull their hair out? This whitepaper shows you how to solve both problems with one product!
Global Threat Report: September 2012 [ Source: ESET ]
October 2012- Get the most up-to-date view of the IT security threat landscape from the experts at ESET. This monthly threat report is required reading for anyone involved with IT Security.
A Comprehensive Data Privacy Plan: Cultivating Comprehensive Data Privacy Throughout Your Organization [ Source: TRUSTe ]
August 2012-
A Comprehensive Data Privacy Plan
As the increase in doing business and sharing of information, or data, online continues to grow exponentially, the importance of developing a data privacy strategy is critical.
Websites, online ads, mobile apps, and cloud services give you more information about your customer than ever before. Who owns what data and who has access to it gets complicated fast. You may be collecting:
• Individual identity ...
CIO strategies for end user computing: Maximizing productivity without sacrificing security [ Source: Dell/Microsoft ]
August 2012-
As advances in mobility and client computing technology extend from the home into the work place, the classroom and even into government entities, CIOs should consider seriously the opportunities for increased productivity and communication with customers and constituents, as well as understand the increased security risks posed by online, anytime access to private networks and data.
Read this paper to learn more about how CIOs can proactively respond to these trends by developing ...
Bit9 Parity Suite: Moving Beyond a Porous Perimeter [ Source: Bit9 ]
August 2012-
Today's cyber attacks are more targeted and sophisticated than ever. They require a proactive approach to protecting your enterprise. What is needed is more automated, effective correlation and intelligent analysis of the overwhelming quantity of system data. In other words, today's security professional needs more actionable data for faster insight into system usage and activity.
Download this whitepaper to learn how Bit9 extends threat detection to endpoints and provides the information the Security ...
2012 Bit9 Cyber Security Research Report [ Source: Bit9 ]
August 2012-
Anonymous hacktivists, cyber criminals and nation-states are viewed as the top three threats in 2012 in this Bit9 survey of more than 1,800 IT professionals. And more than 60 percent of those surveyed believe that they will be the target of a cyber-attack in the next 6 months.
Download this research report to find out how your security and IT colleagues view the world of advanced cyber threats and find out how you compare.
Carnegie Mellon CyLab, Governance of Enterprise Security 2012 Report [ Source: EMC ]
August 2012- Company directors have a duty to protect the assets of their organizations. Now, this duty extends to digital assets, and has been expanded by laws and regulations that impose specific privacy and cyber security obligations on companies. This 2012 survey is the first global governance survey, comparing responses from industry sectors and geographical regions.
RSA Archer GRC Summit Key Findings [ Source: EMC ]
August 2012-
RSA, The Security Division of EMC released key findings from the RSA Archer GRC Executive Forum it hosted recently, where governance, risk and compliance (GRC) leaders from 34 leading corporations discussed enterprise risk management strategies and best practices.
A dominant theme from the forum's executive participants was that corporate boards of directors are taking note of GRC demands and are now looking for greater visibility into the risks that could negatively impact their organizations.<...