Sort results by: Published date | Company name
Showing items 1-25

Mitigate Compensation Risk in Banking [ Source: IBM ]

July 2014- Read this new paper to learn about the current challenges faced by banking organization around compensation and see how incentive compensation management (ICM) solution can overcome these common challenges and turn ICM into an effective competitive tool.

You'll discover, how ICM can

• Align sales behaviors with corporate goals

• Automate commission calculations

• Improve transparency and performance in reporting and auditing

Learn how you ...

eBook: An IT Auditor's Guide to Security Controls & Risk Compliance [ Source: Bit9 ]

July 2014- Most organizations must comply with multiple standards covering privacy, corporate financial data, Protected Health Information and credit card data. Fortunately, the overlapping standards agree on a single concept; implementing appropriate security controls to protect information from improper disclosure.

However, GRC requirements do not exist in a vacuum. Organizational objectives must also be supported. Critical functions can be disrupted if business needs are not considered when establishing compliance activities. In addition, providing evidence that ...

5 Tips to Secure Small Business Backdoors in the Enterprise Supply Chain [ Source: SurfWatch Labs ]

July 2014- Cybersecurity for the enterprise. There is no silver bullet. But as business becomes more connected and as data moves further outside the organizational walls, enterprises need look at weaknesses in the security chain - and a good place to start is in the supply chain.

Small businesses sit on the "front lines" in the round-the-clock cybercrime battle. Think about how many small businesses, suppliers and customers have access to different areas of an ...

Top 10 Things Every Web Application Firewall Should Provide [ Source: Imperva ]

July 2014- Securing Web applications against cybercriminals, hacktivists, and state-sponsored hackers is a never-ending effort. Why?

• Hackers evade traditional network security defenses to take down websites and to steal data.

• Malicious users probe websites around-the-clock looking for vulnerabilities.

• Automation tools such as off-the-shelf attack toolkits and botnets make it easy to execute large-scale attacks.
Web application firewalls have become the central platform for protecting applications against ...

Forensic Domain Mapping: How to Reverse Engineer Domain Ownership in a Cyber Investigation [ Source: DomainTools ]

July 2014- For investigators tasked with identifying the perpetrator of online fraud, it's often the little things that can make the difference. Cyber investigators must work diligently to ferret out the smallest details in order to snare their quarry. Investigating a digital crime is not so dissimilar as investigating a crime in the 'real world'. While popular TV shows might have you believe that a single fiber found at the scene of a crime will lead directly ...

Domain Attribution: Piercing the Veil of Masked Domain Owners [ Source: DomainTools ]

July 2014- As the Internet has evolved to become a primary channel of trade and commerce, so has the sophistication of criminal organizations and other perpetrators of fraudulent schemes who take advantage of domain privacy features as a means by which to mask their true identity. Domain privacy, a controversial topic since its introduction in 2003, provides domain owners with the option to substitute the registrar's contract information for their own. While there are a variety of legitimate ...

Best Practices Guide: Using DNS Data for Threat Intelligence and Incident Forensics [ Source: DomainTools ]

July 2014- Cybercrime represents a major threat to both government and businesses, costing the economy hundreds of billions of dollars in losses every year. Often, the most challenging part for an investigator is discovering the who behind an attack. Is it a coordinated attack orchestrated by a criminal syndicate or an amateur hacker looking for a backdoor into your network? If the actual individual cannot be identified-as is too often the case-then investigators can build a Threat ...

Integrating the Network and Endpoints to Detect Unknown Threats [ Source: Symantec ]

April 2014- Modern day attackers are launching increasingly more sophisticated, targeted attacks designed to evade signature-based security technologies. Despite having made significant investment in a range of protection technologies, security leaders still wonder whether their network has been infiltrated, how far the threats have spread and which assets have been compromised.

The traditional approach of relying on disparate network and endpoint protection technologies is no longer enough. Detecting advanced targeted attacks requires an integrated, multi-layered ...

Cybersecurity for Dummies eBook [ Source: Palo Alto Networks ]

July 2014- APTs (advanced persistent threats) have changed the world of enterprise security and how networks and organizations are attacked. These threats, and the cyber-criminals behind them, are experts at remaining hidden from traditional security while exhibiting an intelligence, resiliency, and patience that has never been seen before.

Controlling these threats requires multiple security disciplines working together in context. While no single solution will solve the problem of advanced threats on its own, next-generation security ...

Still Using Proxies for URL Filtering? There's a Better Way [ Source: Palo Alto Networks ]

July 2014- Firewalls enforce network access via a positive control model, where only specific traffic defined in policies is granted access to the network while all other traffic is denied. Access Control Lists (ACLs) initially performed this functionality, often in routers, but their rudimentary approach gave way to dedicated packet filtering and stateful inspection firewall devices that offered deeper levels of access controls. Unfortunately, these traditional firewalls shared a common shortcoming - an inability to see all ...

3 Questions to Ask Your DNS Host [ Source: Neustar ]

June 2014- Learn the three key questions you should be asking your DNS host when it comes to protection against DDoS Attacks.

White Book : Cloud Security - The Definitive Guide to Managing Risk in the New ICT Landscape [ Source: Fujitsu America Inc. ]

June 2014- Cloud computing is demonstrating its potential to transform the way IT-based services are delivered to organizations, the journey to cloud is no longer question of "if" but rather "when", and a large number of enterprises have already travelled some way down this path.

However, there is one overwhelming question that is still causing many CIOs and their colleagues to delay their move to cloud: Is cloud computing secure? As many unwary businesses have ...

The Insider Threat: Detecting Indicators of Human Compromise [ Source: Tripwire ]

June 2014- Your organization's greatest asset is also its greatest risk. The employees, contractors and trusted business partners you rely on to keep your organization running can also cause it the most damage. A malicious insider can use authorized credentials to do unauthorized things, bring your network down or repeatedly steal data from your organization without being detected.

Learn about the Insider Threat Kill Chain and what you can do to protect your organization from ...

Stopping Zero Day Exploits Dummies Book [ Source: IBM ]

June 2014- Cyber attacks are growing every day and become serious threats to your organization, but how do you know and understand the threats out there?

Download a copy of this book, and you discover the zero-day exploits and threats used to compromise your enterprise. You also learn about a promising new technology developed by Trusteer, an IBM company, which provides effective yet transparent protection to enterprise endpoints. Start reading Stopping Zero-Day Exploits For Dummies, ...

10 Things Your Next Firewall Must Do [ Source: Palo Alto Networks ]

June 2014- For enterprises looking at Next-Generation Firewall's, the most important consideration is: Will this new technology empower your security teams to securely enable applications to the benefit of the organization? It's not about blocking applications, but safely enabling them.

In this booklet, you'll find practical advice on:

• The how and why of next-generation security

• How to turn security into a business enabler

• 10 critical functions your ...

Security Configuration Management For Dummies [ Source: Tripwire ]

May 2014- Securing your server and network configurations may be the smartest security work you can do. Why? Continually protected and hardened systems keep your data safe, repel exploits and provide measurable confidence. But it's hard to do. How do you get started? What are the capabilities to look for in an effective solution?

Security Configuration Management For Dummies shows you how to:

• Adopt and implement a security hardening policy

&...

Reducing Costs with Next-generation Network Security [ Source: Palo Alto Networks ]

June 2014- This paper details real cases from three businesses, the legacy infrastructure they replaced, the Palo Alto Networks next-generation security platform they deployed, and the substantial savings they realized - cutting capital and operations costs by 50% on average.

I Have to Trust Someone...Don't I? [ Source: CA Technologies ]

June 2014- "Trust" does not mean giving employees unrestricted and unnecessary access to information. With the right security controls, organizations can significantly reduce their exposure to the risk of insider threats. The key is to find the right balance between employee enablement and control, while holding employees accountable for their actions. This requires a broad approach to allow an organization to carefully manage its identities, access and data, from identity management, to governance, privileged identity management and ...

Defending Against Advanced Persistent Threats: Strategies for a New Era of Attacks [ Source: CA Technologies ]

June 2014- The traditional dangers IT security teams have been facing - andovercoming - for years are being replaced by a far more hazardous, insidious form of attack: the Advanced Persistent Threat (APT).

Building an Intelligence-Driven Security Operations Center [ Source: RSA ]

May 2014- This paper details why organizations needs to shift more security resources from preventing intrusion toward rapid threat detection and remediation, and the intelligence-driven security approach that is required to do so.

Combating Digital Fraud [ Source: RSA ]

May 2014- Combating digital fraud has become a business issue and presents risk for any organization with online operations. Gain perspective from CIOs on what organizations can do to prevent fraud in digital commerce.

Holding the Fort-Securing Your Network with App-Aware Firewall Testing [ Source: Spirent ]

May 2014- The news is littered with stories of enterprises that have suffered costly downtime and damaging lawsuits as a result of security breaches. Even high-profile names such as LinkedIn, Sony, and RSA are not immune. Lack of security is costly, but how much should an organisation spend to address their security issues?

When it comes to security, you spend money to lower risk - much like spending money on the legal department to reduce ...

20 Critical Questions Your Security Programs Must Answer [ Source: Tripwire ]

March 2014- This booklet/poster takes you step-by-step through the 20 Critical Security Controls, with an additional section that focuses on the first four fundamental controls. A convenient scorecard lets you rank your specific needs against NSA rankings.

VM Article Anthology Vol. 1: Reduce Your Risk from Vulnerabilities and Threats [ Source: Tripwire ]

March 2014- This anthology of blog posts from Tripwire's award-winning blog, "The State of Security" provides five cybersecurity experts' views on vulnerability management."

HawkEye G: The Active Defense Grid [ Source: Hexis Cyber ]

May 2014- HawkEye G is a dynamic active defense system designed to leverage existing security assets while providing advanced cyber security analytics and automated countermeasure techniques. The combination of the traditional signature-based and new behavior-based heuristics leads to heightened awareness of standard network activity and deviations that could indicate a potentially disastrous situation. Understanding the full threat and defense landscape is crucial for cyber security mitigation and the HawkEye G team has invested the time and resources ...

Next 25