April 2014- This new report from BAE Systems Applied Intelligence provides further details on how the recently disclosed 'Snake' cyber espionage toolkit operates. Timelines of the malware development show this to be much bigger campaign than previously known. Specifically it reveals that the malware has actually been in development since at least 2005. From the complexity of the malware, and the range of variants and techniques used to support its operation, the research also suggests that Snake's authors ...
April 2014- As a result of the recent spate of high-profile data breaches at brand name retailers, compromising credit and debit card and other personally identifiable information for hundreds of millions of consumers in the process, data security has become priority No. 1 for many retailers in 2014. And for good reason: The consequences of suffering a data breach are numerous, and none of them are positive - consumer mistrust, a drop in traffic and a decrease in sales, ...
March 2014- You just got news of yet another issue that just happened in your business that now you need to deal with - it could be a sexual harassment claim, a tip on an employee stealing, or just someone goofing off on the Internet for way too long. Some issues only require the employees involved to get in a room with HR to address, while others require extensive detective work by the good folks in IT. ...
Are you Catching the Signals
The insider threat is alive, thriving and often responsible for major data breaches that expose everything from consumer credit-card information to valuable intellectual property (IP), and the findings of our most recent survey support this assertion. The results from a pool of 419 enterprise-security respondents revealed that 23 percent of enterprises have experienced insider-driven data breaches.
Download this report and read more about 10 alarming Insider Threat trends.
Security & Risk professionals recognize the value and benefits of implementing an employee-monitoring program. Privacy advocates and Legal and Human Resources professionals see potentially unwarranted invasion of employee privacy as reasons not to monitor, or at least to restrict monitoring to instances where enough "probable cause" exists to warrant tilting the balance between the privacy of an employee and the interests of the company.
In this whitepaper you will learn how to assist company ...
Unified threat management (UTM) systems are among the most widely used tools in the information security arsenal. The concept of unified threat management is very appealing: multiple critical security technologies, integrated on a single platform, provided by a single vendor. But the process of evaluating UTM options is not simple.
This guide covers the key factors you should consider when evaluating UTM and Next Gen Firewall solutions.
The threat landscape is changing, or is it?
Many papers on the topic of advanced persistent threats (APTs) begin with ominous references to the changing threat landscape and stories of how highly sophisticated cyber attacks are becoming more prevalent. That can be misleading. The majority of attacks today still use many techniques that have been around for years-social engineering, phishing emails, backdoor exploits and drive-by downloads, to name the biggest ones.
When an organization has been compromised, some of the first questions to ask are critical:
•Which systems can I trust?
•What was done to compromise my systems or data?
•How quickly can I figure out where I stand?
Tripwire is often called in after the fact to help answer these questions, even if the breached organization was not monitoring their systems with Tripwire technology. The following ...
In almost every year since 2000, the Internet Crime Complaint Center has reported an increase in cybersecurity crime reports by individuals and organizations. Over the last dozen years, the number of attacks reported in the United States seems to grow consistently over time. After examining this trend, the question arises: Is there anything an organization can do to stop these attacks from occurring and protect their critical information systems from intruders?
Business leaders need ...
March 2014- Domain Name System (DNS) plays a big role in consumers' day-to-day Internet usage and is a critical factor when it comes to distributed denial-of-service (DDoS) attacks. Learn three ways your DNS can have an impact on DDoS attacks.
March 2014- With the sophistication and sheer volume of exploits targeting major applications and operating systems, the speed of assessment and deployment of security patches across your complex IT infrastructure is key to mitigating risks and remediating vulnerabilities. Here are the Lumension-recommended steps to cure your patch management headache.
March 2014- Last year we offered our thoughts on buying Endpoint Security Management offerings - including patching, configuration, device control, and file integrity monitoring - which are increasingly bundled in suites to simplify management. In this updated and revised 2014 Endpoint Security Buyer's Guide we update our research on the management functions described last year and add coverage of antimalware, mobility, and BYOD. All very timely and relevant topics. The goal of this guide remains to provide clear ...
March 2014- Memory injections are on the rise. And traditional endpoint security tools can do little to stop them. Here's what you need to know about memory-based attacks-and how to effectively protect against them.
March 2014- Corporate economic concerns have put increased pressure on already limited IT resources in recent years as the onslaught of malware and sophistication of cyber attacks continues to grow at exponential rates. As a result, 50% of endpoint operating costs are directly attributable to malware, yet corporate IT budgets are still focused on maintaining stand alone antivirus as the keystone in endpoint security. In this paper, we will benchmark the effectiveness of standalone AV and O/S ...
March 2014- Understanding the industry of fraud and its impact on global businesses is critical to defend against the growing sophistication of cyber threats. Learn how organizations are using dynamic, intelligence-driven techniques to redefine fraud risk.
March 2014- In its latest Executive Brief, security industry analyst Frost & Sullivan examines why any organization can be a target, and how robust authentication from leading global vendor RSA is a proven strategy for reducing your vulnerability. RSA's breadth of form factors - including Risk-Based Authentication - is just one aspect that sets RSA solutions apart. The insightful content focuses on: Why even secure passwords aren't enough, what makes an organization a target, four key areas that ...
March 2014- Making the Case for Strong Authentication - in this paper, RSA examines the need for strong authentication and explores the return on investment that can be realized in order to help organizations make an informed decision when contemplating their strategic move toward more effective security.
March 2014- To develop the visibility, agility and speed to deal with advanced threats, security information and event management (SIEM) systems need to evolve into a central nervous system for large-scale security analytics.
March 2014- New security threats demand a new approach to security management. Security teams need a security analytics architecture that can handle a much greater volume and wider scope of data than at present.
March 2014- Starting with a foundational set of data management and analytic capabilities enables organizations to effectively build and scale security management as the enterprise evolves to meet Big Data challenges.
March 2014- This paper details why organization needs to shift more security resources from preventing intrusion toward rapid threat detection and remediation, and the intelligence-driven security approach that is required to do so.
March 2014- This paper focuses on defining levels of critical incident response maturity and how organizations can continually improve their incident response capabilities to help reduce the risk of experiencing a damaging incident. It provides a framework to help organizations determine where they are in the security journey and where they want to be.
March 2014- Learn about the tools, technologies and techniques required for comprehensive detection and remediation of advanced malware threats and why traditional signature-based approaches fall short of protecting your organization.
Threat Intelligence & Incident Response: A Study of U.S. & EMEA Organizations, sponsored by AccessData, surveyed 1,083 CISOs and security technicians in the United States and EMEA about how their company handles the immediate aftermath of a cyber-attack and what would help their teams more successfully detect and remediate these events.
Learn the unsettling truth about how limited today?s information security departments really are when it comes to defending their domains, including:
From sophisticated new forms of malware to nation-state sponsored attacks and the advanced persistent threat, cybersecurity incidents have evolved at a rapid pace and are taking down entire networks, successfully stealing sensitive data and costing organizations millions to remediate.
In this white paper this report, you'll receive a comprehensive overview of survey results and expert analysis on:
• The top security threats for global organizations in 2013;
• The largest gaps in organization's ...
View All Categories
Business Intelligence : Analytics, Business Process Management, Content management, Dashboards, Data Mining, Data Quality, Databases, Datamarts/Data Warehouses, Information Management, Knowledge Management, Performance Management
Hardware : Blades, Data centers, Desktops/PCs, Grid/Cluster Computing, Handhelds/PDAs, Macintosh, Peripherals, Processors, Supercomputers, Unix/Linux servers, Utility/On-demand Computing, Virtualization Hardware, Windows Servers
Infrastructure : ATM, Ethernet/Gigabit Ethernet, Frame relay, IPv6, Traffic Management, Network/Systems Management, PBXs, Printers, Remote Access, Routers, Switches, UPS, VPNs, WAN Optimization/Acceleration, Wide Area File Services
Internet : B2B, B2C, Browsers, E-Business/E-Commerce, E-retail, Google, Internet Policy, Internet Security, Search, Social Networks, Traffic Reporting/Monitoring, Web 2.0, Web Development, Social Business
Management : Career Development, Executive Insights/Interviews, H-1B, Legal, Outsourcing, Personnel Management, Recruiting, Regulation/Compliance, ROI/TCO, Salary/Compensation, Small-Medium Business, Training, Workplace Trends
Personal Tech : Blackberry, Bluetooth, Bluray, Digital Cameras, Digital Music, Digital Rights Management, Global Positioning Systems, iPhone, iPod, Peripherals, Smartphones, TVs/Home Theater, Virtual worlds
Security : Antivirus, Application Security, Attacks/Breaches, Cyberterror, Encryption, End user/Client Security, Intrusion Prevention, NAC, Perimeter Security, Privacy, Security Administration, Storage Security, Vulnerabilities and Threats
Services : Business Process Outsourcing, Business Services, Disaster Recovery, Hosted Applications, Hosted Storage, Internet/Data Services, Outsourcing, Software as a Service, Systems Integration, Telecom/Voice Services
Software : Integration, Application Optimization, Business Systems Management, CRM, Database Applications, Databases, Development Tools, ERP, Hosted Software/Applications, Linux, Open Source, Operating Systems, Productivity Applications, Server Virtualization, Service Oriented Architecture, Web Services