Economics of Spam [ Source: GFI Software ]

July 2011- Email security threats do not discriminate. Whether you're an organization with 50 employees or a global corporation with 50,000, the reality is that spam and viruses can wreak havoc on your business, drain users' productivity and take a major toll on IT resources. SMBs need to make sure they are armed with the best security solutions available - demanding enterprise-class protection paired with fast deployment, ease of management and flexible configuration options. And, all at a price ...

5 Reasons why Information Security is now a Business-Critical Function for Law Firms [ Source: Dell SecureWorks ]

June 2011- Information Security is a business-critical function for modern law firms. Through the insights in this report, lawyers and law firm executives will gain a better understanding of the threats, risks and realities challenging today's technology-enabled law firms.

This report seeks to help law firms of any size to ensure continued success and growth through reliable, productive and secure information systems. Understanding the threats posed by the widespread adoption of technology is a business-critical ...

Small Business IT Security: Outsource or In-house? [ Source: Dell ]

June 2011- Does it cost a business more to manage IT security internally than it does to entrust an experienced third party to do it?

Download this whitepaper to discover the 5 cost considerations, 6 best practices to security selection and whether your small organization is best suited for in-house security or for external managed security.

Multi-Program National Laboratory Stays Ahead of Next-Generation Malware By Deploying FireEye Web Malware Protection System [ Source: FireEye ]

May 2011- In this case study, a Multi-Program National Laboratory needs to continually enhance effectiveness of protection against escalating global cyber threats such as advanced malware, zero-day and targeted APT attacks that target sensitive data. The solution is the deployment of FireEye Web Malware Protection System 7000 Series appliance. As a result, rapid appliance deployment facilitated dramatic increase in speed of threat detection, notification and resolution. Appliance accuracy and low false positive rates have elevated usability and productivity, ...

Advanced Malware Exposed [ Source: FireEye ]

May 2011- This handbook shines a light on the dark corners of advanced malware, both to educate as well as to spark renewed efforts against these stealthy and persistent threats. By understanding the tools being used by criminals, we can better defend our nations, our critical infrastructures and our citizens. The "Operation Aurora" incident represents an example of how the threats have escalated, revealing how advanced malware is being used in a systematic, coordinated fashion to achieve ...

See, Analyze and Fix all of Your Endpoints [ Source: Promisec ]

January 2011- Findings of an inspection of over 100,000 endpoints across multiple enterprises confirmed some type of breaches in security and compliance. Typically, 10-35% of endpoints demonstrated some kind of security threat or compliance issue. The most notable findings of the 2010 study were a dramatic rise in unmanaged machines and miss-configured anti-virus software and other third-party agents.

Messaging and Web Security Best Practices for 2011 and Beyond [ Source: GFI ]

March 2011- In this white paper, Osterman Research discusses how the daily occurrence of malware within organizations has become decidedly worse over the past several years. The number of platforms from which threats enter organizations on a daily basis continue to grow and they include but are not limited to email, social media websites, smartphones, flash drives and direct hacker attacks.

Protect Personally Identifiable Information (PII) as if Your Business Depends on It [ Source: nuBridges ]

February 2011- Virtually every business acquires, uses and stores personally identifiable information (PII) about its customers, employees and partners. These organizations are expected to manage this private data appropriately and take every precaution to protect it from loss, unauthorized access or theft. Misusing, losing or otherwise compromising this data can carry a steep financial cost, damage a business’s reputation and even lead to criminal prosecution.

This white paper explores the business and compliance issues ...

A Pragmatic Approach to SIEM: Buy for Compliance, Use for Security [ Source: Tripwire ]

January 2011- Many organizations today are so compliance-focused that they take a bare minimum security approach to securing the organization's sensitive data. They simply purchase an SIEM and/or log management solution and view that as sufficient. What they're really doing is making sure they can check a compliance checkbox for regulations and standards like PCI, ISO 27001, NERC, and others that have log management or SIEM-related requirements. In reality, they're neither truly compliant nor secure.

...

The Importance of Network Time Synchronization [ Source: Symmetricom ]

October 2012- Your network is time stamping files, email, transactions, etc., while your server logs are recording the transactions in case you need that information. Fundamental to all of this is the belief that the time is correct. This paper describes why network time synchronization is critically important.

The Compliance Trap: Compliance for compliance's sake is not a best practice in protecting cardholder data [ Source: MegaPath ]

November 2010- This white paper on PCI compliance explains why compliance for compliance's sake is not a best practice in protecting cardholder data. The Payment Card Industry Data Security Standard (PCI DSS) has been evolving for many years and will continue to be enhanced to address new security threats and protection measures. With maturity of the DSS, many security auditors are beginning to press companies that accept payment cards to demonstrate more than just 'forward progress' toward ...

Business Driven Access Management and Governance: Simplifying the Delivery and Governance of Access Throughout [ Source: Aveksa ]

November 2010- managing access change has increased exponentially due to the fragmentation of information systems and resources .From a business perspective, users require access to what they want, where they want it, when they want it such that business operations are not slowed or blocked altogether. From an IT perspective, operations and security personnel are challenged to field and fulfill requests in a secure and compliant fashion.

Achieving these goals in a highly distributed and ...

Understanding Man in the Browser Attacks and Addressing the Problem [ Source: SafeNet ]

May 2010-  The losses attributed to financial fraud are alarming. The financial services industry has become a primary target of cyber attacks on a global scale and, in 2009 alone, suffered losses totaling $54 billion - an increase from $48 billion in 2008. Of equally grave concern to financial services institutions is the damage cybercrime can cause to reputation, along with customer churn, both of which can have a significant impact, and possibly devastating, effect to revenue.

While all ...