Combining Cloud-Based DDoS Protection and Managed DNS Services to Thwart Large Attacks. [ Source: Verisign ]

May 2013- As businesses continue to move critical operations online, distributed denial of service (DDoS) attacks are increasing in frequency, sophistication and range of targets. In a 2011 Verisign study, 63 percent of respondents reported experiencing at least one attack that year, while 51 percent reported revenue loss as a result of downtime from the attack. Those numbers are undoubtedly higher today as the size, frequency and complexity of DDoS attacks continue to grow.

Mitigation against these types ...

DDoS and Downtime Considerations for Risk Management [ Source: Verisign ]

May 2013- While most enterprise risk managers are accustomed to addressing regulatory compliance, data integrity and data privacy within an IT risk management framework, many have not fully accounted for IT availability as it relates to business continuity. Even risk managers who do consider IT availability may focus only on operational and environmental threats (e.g., human error, fires and floods) while overlooking distributed denial of service (DDoS) attacks, which are one of the leading causes of ...

Reality Check: Putting Next Generation Threat Detection to the Test [ Source: Websense ]

May 2013- Unfortunately, stopping known threats isn't enough to protect real-world networks. Solutions must also stop unknown threats at every stage of an attack. This white paper reveals the results, conducted by the leading independent test laboratory Miercom, from over 2.2 million live web requests of unknown nature simulated as a typical day on a network like yours.

Protect Your Systems from Stealthy Attacks [ Source: McAfee ]

May 2013- The most menacing type of cyberattack is invisible. Using sophisticated techniques to hide its presence, a stealth attack may operate outside of the OS or move dynamically across endpoints to conceal the attackers' actions. The risk to enterprises is real, with high-profile attacks such as Operation High Roller impacting companies around the globe. Traditional antivirus or intrusion prevention systems are no match for this new breed of attack; instead, enterprises need layered security controls that ...

Finding a Strategic Voice: Insights from the 2012 IBM Chief Information Security Officer Assessment [ Source: IBM ]

May 2013- In a hyper-connected era, a proactive integrated and strategic approach to security can empower businesses to do more than just cope with current threats - it can actually help reduce future risks. Read the IBM study, "Finding a strategic voice," and discover more insights from the 2012 IBM Chief Information Security Officer Assessment.

Advanced Threat Landscape: What Organizations Need to Know [ Source: Bit9 ]

April 2013- In the wake of the numerous server data breaches reported this year, it is clear that traditional signature-based blacklisting security strategies are inadequate in addressing today's sophisticated cyber threats. Advanced threats are targeting servers to steal valuable corporate intellectual property. These attacks happen fast - in less than 15-20 minutes - and are bypassing traditional security tools.

In this whitepaper, Industry Analyst Frost and Sullivan examines today's advanced threat landscape and recommends that ...

Detecting and Stopping Advanced Attacks [ Source: Bit9 ]

April 2013- Every enterprise has high-value information that is vital to its success. As cyber-attack techniques become more sophisticated your "digital gold" is increasingly vulnerable. Today's cyber threats have changed in sophistication, in focus, and in their potential impact on your business.

Download this eBook to learn:

•??What cybercriminals are doing to target you and your business
•??Why today's advanced attacks require real-time detection
•??The steps you can take to effectively ...

The State of APT Preparedness [ Source: Lumension ]

March 2013- Many IT security professionals recognize that advanced persistent threats (APTs) pose a growing risk to their organizations. However, recent UBM Tech research discovered that only a few are taking the necessary steps to combat APTs and protect their organizations. In fact, many appear to have a misplaced sense of confidence in their ability to detect these attacks, even though few have developed strategies for dealing with them. This gap is particularly troubling since security experts ...

Securing and Controlling Data in the Cloud [ Source: Vormetric ]

March 2013- The Securing and Controlling Data in the Cloud white paper describes the various cloud formations (Private Cloud, Public Cloud, SaaS, PaaS, IaaS), the new security challenges posed by the cloud and solutions that enterprises can bring to bear for securing and controlling sensitive data in cloud environments.

Cybercriminals Today Mirror Legitimate Business Processes [ Source: Fortinet ]

February 2013- Law enforcement and domain registrars will continue to curb cybercrime efforts. This will likely be coordinated through CERT groups and relations with security firms. However, a more comprehensive, multi-layered approach to security will be key in bolstering that effort.

Close Encounters of the Third Kind [ Source: IBM ]

December 2012- This white paper presents the results of a research study on the prevalence of client-side JavaScript vulnerabilities, conducted by the IBM Security (formerly, IBM Rational) application security team. For this study, the researchers used IBM JavaScript Security Analyzer (JSA) technology, which performs static taint analysis on JavaScript code that was collected from web pages extracted by an automated deep web crawl process. This kind of analysis is superior to and more accurate than regular static ...

Achieving Compliance in Digital Investigations [ Source: Guidance Software ]

October 2012- 80% of organizations suffering payment card breaches had not achieved compliance with PCI DSS at the time of the breach. – Verizon 2011 Data Breach Investigation Report

As regulation and litigation increase, internal investigators must support an alphabet soup of compliance obligations: SOX, GLBA, FISMA, HIPAA, PCI DSS, regional privacy laws, and more. Although each regulation is different, these laws share common investigation requirements in three areas: policy, control infrastructure, and incident response.

This ...

ACAD/Medre. A - The Story of a Computer Worm and Industrial Espionage [ Source: ESET ]

October 2012- Cyber-attacks are now about making money. ACAD/Medre.A is a terrifying worm that stole AutoCAD files. This whitepaper shows how industrial espionage is a new threat.