The last few years have seen a dramatic increase in the use of email as a vehicle for cyberattacks on organizations and large corporations.
Such attacks have evolved from the simple inclusion of malware as a non-disguised executable file, to more socially engineered "phishing"style attacks, which attempt to persuade the recipient voluntarily provide valid security credentials-often simply by clicking a link that leads to a malicious or fraudulent website. But how can ...
February 2013- Law enforcement and domain registrars will continue to curb cybercrime efforts. This will likely be coordinated through CERT groups and relations with security firms. However, a more comprehensive, multi-layered approach to security will be key in bolstering that effort.
October 2012- This document reviews new malware analysis technology, Cerberus, which determines the behavior and intent of suspect binaries without the need for signatures, white lists or a sandbox environment. Using this “triage” approach, organizations are able to detect unknown threats that signature-based technologies will miss. In addition, they are able to gain critical information immediately, allowing them to take decisive action prior to engaging a malware team. There are tens of thousands of static executables on ...
80% of organizations suffering payment card breaches had not achieved compliance with PCI DSS at the time of the breach. – Verizon 2011 Data Breach Investigation Report
As regulation and litigation increase, internal investigators must support an alphabet soup of compliance obligations: SOX, GLBA, FISMA, HIPAA, PCI DSS, regional privacy laws, and more. Although each regulation is different, these laws share common investigation requirements in three areas: policy, control infrastructure, and incident response.
“The theft began with an instant message sent to a Google employee in China who was using Microsoft’s Messenger program… Ultimately, the intruders were able to gain control of a software repository used by the development team.” - New York Times - Cyberattack on Google Said to Hit Password System
While we still use many of the same old names - viruses, Trojans, and worms - today’s malware enables potent multistage ...
October 2012- Cyber-attacks are now about making money. ACAD/Medre.A is a terrifying worm that stole AutoCAD files. This whitepaper shows how industrial espionage is a new threat.
A Distributed Denial of Service (DDoS) attack against your organization’s network and systems can bring your online business to a grinding halt, costing you hundreds of thousands – even millions – of dollars, ruining your brand, and driving away your customers.
Far too many organizations are ill-prepared to deal with the effects of DDoS attacks and other Internet security threats. They rely on traditional security devices including firewalls, intrusion prevention systems (IPS) and other ...
Advanced malware targeting employee endpoints is a major threat to corporate intellectual property, regulated data and financial assets. Perimeter and traditional endpoint defenses are struggling to meet this emerging threat in the face of a changing IT landscape: desktop virtualization, remote access, BYOD and Cloud migration.
This whitepaper explains how advanced malware challenges traditional defenses to take advantage of the increased exposure of employee endpoints. It review's the evolution of advanced targeted attacks, ...
Today's evolving threat landscape requires a new approach to endpoint security. With the exponential growth in malware and the targeted nature of today's attacks, a reactive approach is just not effective enough.
Download this whitepaper and learn how Bit9 integrates into a SIEM console, provides the holistic view necessary to ensure an open network isn’t a vulnerable one, and provides a defense-in-depth security strategy that spans network sensors and endpoints.
One of the biggest challenges in desktop administration is application control. If administrators are to keep desktops secure, then they must be able to ensure only safe applications are installed on user desktops.
Download this whitepaper to learn how Bit9 has emerged as the most effective application control mechanism.
Today's cyber attacks are more targeted and sophisticated than ever. They require a proactive approach to protecting your enterprise. What is needed is more automated, effective correlation and intelligent analysis of the overwhelming quantity of system data. In other words, today's security professional needs more actionable data for faster insight into system usage and activity.
Download this whitepaper to learn how Bit9 extends threat detection to endpoints and provides the information the Security ...
Anonymous hacktivists, cyber criminals and nation-states are viewed as the top three threats in 2012 in this Bit9 survey of more than 1,800 IT professionals. And more than 60 percent of those surveyed believe that they will be the target of a cyber-attack in the next 6 months.
Download this research report to find out how your security and IT colleagues view the world of advanced cyber threats and find out how you compare.
July 2012- SCADA (Supervisory Control and Data Acquisition) describes computerized industrial control systems that monitor and control industrial and infrastructure processes. With recent attacks, manufacturers, utilities and industries must now implement solutions to protect their SCADA systems. See the product sheet to learn how the Norman SCADA Protection system protects against cyber-attacks that target critical SCADA systems.
July 2012- The risks of malware analysis are easily surmountable through the use of an automated dynamic malware analysis platform such as Norman's Malware Analyzer G2 (MAG2). MAG2 provides additional benefits to analysts in their fight against a constantly growing and maturing malware threat landscape. To learn more about Norman?s Malware Analyzer G2 defense-in-depth strategy see the Norman Automated Malware Analysis Whitepaper.
It is said that the notorious gangster Willie Sutton once offered up a simple reply when asked why he robbed banks: "Because that's where the money is." In today's digital world, it is likely gangs of criminal hackers would share a similar sentiment when asked about targeting businesses.
But it's not only large enterprises that have information worth targeting - small to midsized businesses (SMBs) contain their share of valuable data as well. ...
June 2012- As different as IT and business needs might seem, in the case of identity-management and access-governance systems, you cannot meet the needs of one without meeting the needs of the other. It is imperative that both systems work together to meet and exceed business and IT objectives. While IT must support compliance efforts, provide access, keep systems secure and update technology and computing environment, business managers are concerned with staying compliant, passing security/regulatory audits, ...
As compliance demands comprehensive protection of cardholder data, enterprises require comprehensive solutions that support heterogeneous environments with a multitude of servers, operating systems, devices and applications. But getting to that point can be difficult without a good roadmap.
This whitepaper outlines a clear path to full PCI DSS compliance with a cost-effective solution.
June 2012- Despite growing protective security measures, data breaches continue to plague organizations. This paper discusses the importance of file integrity monitoring (FIM), which facilitates the detection of attacks by cybercriminals, as well as insider threats that may result in costly data breaches. It also discusses file integrity monitoring as a critical component of Payment Card Industry Data Security Standard (PCI DSS) compliance, and shows how NetIQ addresses both security and compliance challenges through the NetIQ Identity ...
Hackers continuously attack Websites in order to steal sensitive data and disrupt access. To address the threat from hackers, the PCI Data Security Standard mandates that merchants fortify their Web applications against attack.
This eBook describes today's Web security risks and introduces a new cloud-based solution that protects Websites from hackers and helps meet PCI compliance requirements.
DDoS attacks, aided by off-the-shelf tool kits and simple automation techniques have become the weapon of choice for both financially-motivated cyber criminals and hyper-politicized "hacktivists." Organizations of all sizes must recognize that they are potential targets for the next massive DDoS barrage. Fortunately, there are some key counter-measures that can be employed to protect your organization.
Read this paper to understand the critical security techniques your organization needs to take in order to ...
In 2010, more than 26 million Americans, or nearly 20 percent of the U.S. workforce, worked from home or remotely for an entire day at least once a month, according to Telework 2011, a WorldatWork report. These statistics make it clear: A good chunk of our workforce has more than one office.
Download "Secure Mobility: Inside Windows 2008 DirectAccess" to understand the potential for great job satisfaction, and benefits and challenges to an increasingly remote workforce such ...
April 2012- IBM SmartCloud Notes helps to protect our customers' information through governance, tools, technology, techniques, and personnel. SmartCloud Notes is a full-featured email, calendar, contact management and instant messaging service in the IBM cloud. At IBM, we strive to implement security and privacy best practices. The SmartCloud Notes security controls provide a range of protection of e-mail while enabling business operations.
Federal agencies must take a proactive approach to information and network security due to increasing cybersecurity threats.
IBM Tivoli Endpoint Manager, built on BigFix technology, is the leading enterprise cybersecurity solution to help combat cyber threats and eliminate vulnerabilities.
"It may just seem like DDoS attacks don't exist at all." Find out why Tier1 Research gives the thumbs-up to SiteProtect - Neustar's cloud-based DDoS mitigation solution. Get a knowledgeable third party's take on the benefits of stopping attacks in the cloud, far away from key infrastructure.
Discover why T1R likes SiteProtect's cost-effectiveness, along with the flexibility its on-demand service affords. See what Tier1's expert analyst says about Neustar's 10+ years of ...
View All Categories
Business Intelligence : Analytics, Business Process Management, Content management, Dashboards, Data Mining, Data Quality, Databases, Datamarts/Data Warehouses, Information Management, Knowledge Management, Performance Management
Hardware : Blades, Data centers, Desktops/PCs, Grid/Cluster Computing, Handhelds/PDAs, Macintosh, Peripherals, Processors, Supercomputers, Unix/Linux servers, Utility/On-demand Computing, Virtualization Hardware, Windows Servers
Infrastructure : ATM, Ethernet/Gigabit Ethernet, Frame relay, IPv6, Traffic Management, Network/Systems Management, PBXs, Printers, Remote Access, Routers, Switches, UPS, VPNs, WAN Optimization/Acceleration, Wide Area File Services
Internet : B2B, B2C, Browsers, E-Business/E-Commerce, E-retail, Google, Internet Policy, Internet Security, Search, Social Networks, Traffic Reporting/Monitoring, Web 2.0, Web Development, Social Business
Management : Career Development, Executive Insights/Interviews, H-1B, Legal, Outsourcing, Personnel Management, Recruiting, Regulation/Compliance, ROI/TCO, Salary/Compensation, Small-Medium Business, Training, Workplace Trends
Personal Tech : Blackberry, Bluetooth, Bluray, Digital Cameras, Digital Music, Digital Rights Management, Global Positioning Systems, iPhone, iPod, Peripherals, Smartphones, TVs/Home Theater, Virtual worlds
Security : Antivirus, Application Security, Attacks/Breaches, Cyberterror, Encryption, End user/Client Security, Intrusion Prevention, NAC, Perimeter Security, Privacy, Security Administration, Storage Security, Vulnerabilities and Threats
Services : Business Process Outsourcing, Business Services, Disaster Recovery, Hosted Applications, Hosted Storage, Internet/Data Services, Outsourcing, Software as a Service, Systems Integration, Telecom/Voice Services
Software : Integration, Application Optimization, Business Systems Management, CRM, Database Applications, Databases, Development Tools, ERP, Hosted Software/Applications, Linux, Open Source, Operating Systems, Productivity Applications, Server Virtualization, Service Oriented Architecture, Web Services