Sort results by: Published date | Company name
Showing items 1-25

Mobile and Remote Access: Balancing Productivity and Security in a BYOD World [ Source: NetIQ ]

September 2014- In today's BYOD world, securing access and maintaining productivity is challenging; users want access from their own devices, and the applications, data and services they're accessing aren't inside the perimeter. But even in this environment, you can secure access. Read this paper to learn how you can implement access controls that keep up with the modern world. Get advice on how to take stock of your environment, leverage your current investments and keep your access ...

CyberEdge: 2014 Cyberthreat Defense Report [ Source: NetIQ ]

March 2014-

As trusted experts in the field of cybersecurity, CyberEdge has provided the 2014 Cyberthreat Defense Report to demonstrate just what the current security landscape looks like. IT professionals from North America and Europe responded to a survey, and an overwhelming majority of them said their organization had been the victim of at least one attack in 2013. To mitigate that danger, organizations are expected to put more money into IT budgets in the upcoming years.

<...

Advanced Persistent Threats: Hijacking Insider Credentials [ Source: NetIQ ]

May 2014-

Sophisticated groups of hackers, known as advanced persistent threats (APTs), often use stolen insider credentials to evade security measures. So how can you know who's logging on? Learn how to spot suspicious activity before it's too late.


Individual hackers are no longer the foremost threat. APTs have evolved. These malicious actors now use sophisticated tactics to circumvent security policies. Whether people are trying to use spear-phishing scams or other means to ...

Contractor Access: Mitigating Security and Risk Issues [ Source: NetIQ ]

May 2014- Contractors are becoming a much larger part of modern business. But most organizations struggle to grant them the right access, and failing to do so can lead to serious security breaches. It's time to find something that will work with your environment--even when contractors are a part of it. This paper explains how you can rethink your identity and access provisioning for better security across the organization. You don't have to live with the risk ...

Security Evolves and Criminals Follow [ Source: Authentify ]

May 2014- This paper discusses the role of out-of-band authentication in battling e-crime.

Innovative Authentication Workflows for Protecting Online Accounts [ Source: Authentify ]

June 2014- Strengthening online services and protecting funds requires stronger techniques to thwart the wrong user armed with all the right information. Read this paper to learn more.

Make remote vendor access more secure [ Source: ObserveIT ]

July 2014- The threat of user-based attacks has never been higher, with 76% of all breaches coming from accounts with access to sensitive data. With the exploitation of remote vendor access a huge concern, learn how to make working with your contractors more secure with this free e-Book from ObserveIT.

Energy Companies and Financial Services Firms Vulnerable to Data-Breaching Malware [ Source: ThreatTrack Security ]

October 2014- Financial services firms and energy companies – two industries highly targeted by cybercriminals – must move quickly to address their cybersecurity deficiencies and shore up their defenses against advanced malware threats.

No Respect. CISOs Misunderstood and Underappreciated by their C-Level Peers [ Source: ThreatTrack Security ]

October 2014- C-level executives regard the role of CISO primarily as a target for finger-pointing in the event of a data breach, and have little faith that individuals in the role could hold other leadership positions.

Prevent Data Breaches with Stronger Email Security [ Source: ThreatTrack Security ]

October 2014- Email remains the #1 threat vector for many organizations. To fight the onslaught of cyber threats, nothing short of a multilayered security architecture, backed by strict security policies and staff training, can protect an organization.

eGuide to Advanced Threat Hunting [ Source: Bit9 ]

October 2014- With the number of advanced attacks increasing every day-most undiscovered through traditional detection and response solutions-truly hunting for threats within your environment can be a laborious task. To combat this, enterprises must focus on prioritizing endpoint data collection over detection, leveraging comprehensive threat intelligence, and expanding detection beyond the moment of compromise.

2014 Cost of Cyber Crime study: Global [ Source: HP ]

October 2014- Ponemon Institute has completed its fifth year studying the cost of cyber crime to businesses around the world. The 2014 Cost of Cyber Crime study taps the collective experience of 257 organizations in seven countries. It shows that cyber crime and its associated cost to businesses continue to rise. But there is good news, too. Security defenses and a strong security posture help drive down the losses.

Separate reports exist for each country, and this ...

2014 Cost of Cyber Crime study: United States [ Source: HP ]

October 2014- For the fifth year running, the United States led the world in number and cost of cyber attacks. The Ponemon Institute surveyed 59 U.S. companies, performing 544 individual interviews to assess their experience with cyber crime. The mean annualized cost for the U.S. companies surveyed was $12.7 million—up 9.3 percent from last year. There is good news, though. A strong security posture and deployment of security intelligence systems drives down the cost for many companies. ...

Endpoint Security Trends [ Source: Absolute Software ]

September 2014- This report outlines Forrester's take on the endpoint security trends seen from Q2 2013 to Q4 2014, looking at IT spend, and the adoption of Endpoint Security Software-As-A-Service. Forrester provides data for organizations to benchmark their spending patterns against their peers, and strategize their endpoint security adoption decisions.

Guide to Data Security [ Source: DLT / Symantec ]

September 2014- Protecting the government's data is an all-consuming, top priority. As the federal government's data growth continues to spiral, and as the types of data threats and leakage change, data and storage managers have no choice but to be on the front lines of protecting their agencies' data. That means first building a solid data storage and management foundation – one that ensures that all data is accounted for at all times and that it's continually backed ...

White Paper: Web Application Scanning with Nessus [ Source: Tenable ]

September 2014- Why is it that so many web applications are certified to be compliant with a particular standard such as PCI DSS and yet are still compromised? According to data compiled by the DatalossDB project, breaches caused by web applications and web-related flaws comprise 11% of all breaches while another 18% fall into the "hack" category (some of which are likely web application related).
Is the scanner the problem? Is it the auditor? On the other hand, ...

White Paper: Vulnerability Management and Risk Assessment for the Cyber-Security Framework [ Source: Tenable ]

February 2014- This paper provides insight to the National Institute of Standards and Technology (NIST) Cybersecurity Framework, which calls for "a set of industry standards and best practices to help organizations manage cybersecurity risks". Specifically, this paper describes how Tenable’s solutions can be leveraged to help meet the guidelines and practices outlined in the components of the Cybersecurity Framework. Organizations can use the Framework to focus on a risk - based approach to align its vulnerability ...

White Paper: Continuous Monitoring for the New IT Landscape [ Source: Tenable ]

July 2014- Recent breaches have targeted a fatal flaw in the way organizations have approached security over the last two decades. While the focus has been on investing in multiple preventive security technologies-centralized authentication, desktop virus prevention, automated patching, next generation firewalls, sandboxes for zero-day malware, and security event management-adversaries have taken advantage of blind spots that have widened as the IT landscape has evolved. The recent breaches occurred not because of unknown weaknesses in the defensive ...

Privileged Identity Management [ Source: Gemalto ]

November 2014- Every week brings new stories of companies damaged by the breach of sensitive information, a problem that can be prevented by identity-centric best practices. Preventing data loss and protecting sensitive information from unauthorized access should be a top concern of every company. Although implementing strong authentication throughout your organization should be a consideration, starting with those employees who have elevated access is a good start.

Privileged users exist in every organization and they ...

Consumer Web Portals at Risk [ Source: RSA ]

September 2014- This report discusses the top business risks related to the security of consumer facing portals and the latest identity-related technologies that some organizations are already using or plan to adopt to minimize their risk.

The State of Advanced Persistent Threats [ Source: IBM ]

September 2014- Enterprises are unprepared to deal with APT attacks. According to a new Ponemon Institute study, APTs are changing the threat landscape, rendering current security controls ineffective.

In Advanced Persistent Threats (APTs) and targeted attacks, attackers use a myriad of tools and techniques to breach into an organizations' network, steal sensitive information and compromise its operations. Many APTs are launched with a specific purpose such as to gather information, including financial data, PII, or ...

Why Threat Intelligence is Critical for Next-Generation Firewalls [ Source: Dell Software ]

November 2014- Few organizations evaluating a next-generation firewall take the time to look at the threat intelligence network behind it. Yet this security resource analyzes and distributes intelligence that is essential to blocking advanced malware, zero-day attacks, targeted attacks and other advanced threats.

A top-tier threat intelligence network makes a major difference between a really effective next-generation firewall (NGFW) and a mediocre one, and some vendors invest far more in this area than others. This ...

Next-Gen Security [ Source: Dell Software ]

November 2014- SSL decryption and inspection keeps attackers away from your data and out of your network. Today between 25 and 35 percent of enterprise traffic is secured using the secure sockets layer (SSL) protocol, according to NSS Labs. In some vertical industries SSL traffic comprises as much as 70 percent of network traffic. This is expected, since SSL is commonly used for everything from e-commerce to online banking. More recently, however, cybercriminals have started using SSL to hide their ...

Understanding & Addressing OWASP's Newest Top Ten Threat: Using Components with Known Vulnerabilities [ Source: Sonatype ]

August 2014- Many organizations turn to the Open Web Application Security Project (OWASP) to help ensure that their code and applications are secure. Recently OWASP's Top Ten list of application security risks was updated to include "A9: Using components with known vulnerabilities." This means organizations need to expand their security approach to accommodate components - which are reusable blocks of code that are assembled together to create an application. These re-usable components now comprise 90% of an average ...

Information Security Buyer's Guide [ Source: AccessData ]

August 2014- This Buyer's Guide will aid organizations in specifying information security solutions for rapid detection and resolution. The need for these solutions has never been greater as organizations struggle to fight a deluge of sophisticated cyber threats and breaches. Many go undetected until it's too late to do much more than conduct triage, assess the damage and initiate massive shareholder and public damage control. This situation puts board members, c-suite executives and security experts in the ...

Advanced Evasion Techniques for Dummies [ Source: McAfee ]

July 2014- This book provides an overview of network security in general, and explains how cybercriminals can use hidden or currently undetectable methods to penetrate protected network systems. Advanced evasion techniques (AETs) bypass current common network security solutions. They can transport any attack or exploit through network security devices and firewalls, next generation firewalls, intrusion detection and prevention systems, and even routers doing deep packet inspection. In this book you'll find out all about AETs, and get ...

Next 25