26% of organizations' servers have been hit by advanced malware.
In October 2013, Bit9 conducted its third-annual survey on server security. In the past year, the inability to detect or stop advanced attacks has remained a constant challenge for enterprises. This survey was designed to analyze these challenges from respondents who are responsible for their organization's security posture.
Key findings and takeaways:
• Targeted attacks and data breaches are top concerns for organizations, ...
Today's computing challenges require organizations to take a holistic, end-to-end approach to security, extending the traditional focus on network security to external devices and all endpoints.
For now, the primary requirements are for securing servers, desktop PCs, and laptops and other mobile devices but this will need to be extended to an ever-growing range of endpoints, such as smart grids, medical devices and cars. As the range of endpoint devices expands, so will ...
In any comprehensive cyber security program, especially for federal agencies and government contractors continuous monitoring is the fundamental building block and a core practice.
RedSeal is positioned to find and help eliminate gaps in one's security controls and, more importantly, prioritize or measure the impact of those gaps so that users can balance security investments with the highest return on those investments. RedSeal takes into account the underlying business value of enterprise/individual ...
November 2013- The modern cyber threat landscape requires enterprise organizations to be more vigilant than ever in their mission to protect sensitive data and network resources. Would you like to learn about several new intrusion prevention system (IPS) products, technologies, and features available in the market today that can have a notable impact on security efficacy, cost, scalability and usability? Download this report to learn the top factors that enterprise organizations should consider when evaluating an IPS ...
November 2013- The world is constantly evolving and always connected, and your enterprise must be too. Forward-thinking enterprises realize that they need a sustainable approach to security and risk management -- one that addresses the new wave of vulnerabilities that prevail due to increasing trends in IT consumerization, mobility, social media, cloud computing, cybercrime, and nation-state attacks.
October 2013- Ready your organization for more robust data protection measures by first implementing these five steps to improve data security in a business- and cost-effective manner.
October 2013- The results of the 2013 State of the Endpoint study tracked endpoint risk in organizations, the resources to address the risk and the technologies deployed to manage threats. This study reveals that the state of endpoint risk is not improving and one of the top concerns is the proliferation of personally owned mobile devices in the workplace such as smart phones and iPads. Download "Mobile Devices Drive Majority of Endpoint Security Concerns" to review some of ...
November 2013- This white paper explains an integrated approach for reducing potential security risks and facilitating compliance, and introduces how security risks and facilitating compliance, and introduces how IBM Security QRadar Log Manager can help organizations stay a step ahead of the latest security threats.
October 2013- Advanced malware targeting employee endpoints is a major threat to corporate intellectual property, regulated data and financial assets. Perimeter and traditional endpoint defenses are struggling to meet this emerging threat in the face of a changing IT landscape: desktop virtualization, remote access, BYOD and Cloud migration. This whitepaper explains how advanced malware challenges traditional defenses to take advantage of the increased exposure of employee endpoints. It review's the evolution of advanced targeted attacks, the various ...
October 2013- Securing Web applications against cybercriminals, hacktivists and state-sponsored hackers is a never-ending effort. Why? Because hackers evade traditional network security defenses to take down Websites and to steal data; malicious users probe websites around-the-clock looking for vulnerabilities; and automation tools make it easy to execute large-scale attacks. Web application firewalls (WAFs) have become the central platform for protecting applications against all online threats. This white paper explains in detail the 10 features every web application firewall ...
October 2013- A preemptive security approach requires industry-leading research, a keen eye for attack trends and techniques, and the ability to process and act upon this threat intelligence. Because the X-Force research and development team collects, correlates and analyzes threat information from thousands of customers around the world, it is able to identify new threats earlier. Organizations can leverage this data to help prevent security incidents and/or to minimize the impact of security attacks. Essextec provides ...
September 2013- Compliance barged in and became the defining influence on information security over the last four to five years. While some claim that this is what brought information security to the boardroom and made it mainstream, others say that it nearly destroyed it. In any case, the huge impact of regulations and mandates on the practice of information security cannot be underestimated. It will likely take years before the IT industry will be able to understand ...
Why security data has become a Big Data problem is obvious for anyone who has tried to manage a legacy SIEM, particularly when you look at the definition of Big Data. Big Data consists of data sets that grow so large that they become awkward to work with using existing database management tools. Challenges include capture, storage, search, sharing, analytics, and visualization.
This paper addresses the Big Security Data challenge and highlights the ...
September 2013- To better understand how organizations are managing risk through security and compliance, McAfee retained Evalueserve to conduct an independent assessment of the factors organizations that use risk and compliance products face in 2012. This is the third in a series of global studies that highlights how IT decision-makers view and address the challenges of risk and compliance management in a highly regulated and increasingly complex global business environment.
October 2013- Don't be a target! With the onset of BYOD and IT consumerization, threats to your network security and sensitive corporate information are very real. But there are simple steps you can start implementing today to safeguard your IT environment against these increasing security threats by cybercriminals. Read this checklist to increase your security and update your processes for better protection.
In this unprecedented time of cyber attacks, information about attacker methods is difficult to obtain unless you are the victim, and that is too late.
This whitepaper details lessons learned from extensive interviews with security analysts at Bit9, Bit9 customers, and others.
A common thread that emerged was the difficulty of preventing the delivery of APT malware to systems or of quickly detecting the attack once the malware was active. In ...
Java's ubiquity and vulnerabilities have made it the technology most frequently exploited by cyber attackers. So it is timely to closely explore the breadth and state of its deployment among enterprises. Bit9 undertook an examination of these questions, leveraging endpoint data across many organizations. The results are surprising and concerning:
• Java has become the most targeted endpoint technology.
• Most endpoints have multiple versions of Java installed, in part because the Java installation ...
Many organizations are struggling with security issues. Typically, organizations do not find out about security problems for weeks, months and sometimes even years—and when they do, it is usually by third parties alerting them.
In this whitepaper, The SANS institute discusses how endpoint visibility, coordinated with network intelligence, can help identify threats that were not discovered by other means, determine the level of threat, recognize previously unknown threats and follow up with ...
September 2013- Maintaining control over the data is paramount to cloud success. In this CSO Magazine whitepaper, learn about Cloud Computing Security Challenges, Techniques for Protecting Data in the Cloud and Strategies for Secure Transition to the Cloud.
The Path to Increased Productivity and Reduced Risk
Enterprise File Sharing and Sync (EFSS) products are making inroads into the enterprise -in fact, Forrester analyst Ted Schadler recently called the space the "hottest technology category since social networking". However, many EFSS implementations leave many issues unanswered, such as:
How will intellectual property be protected if a user shares or syncs it?
How will compliance be handled if regulated data ends ...
February 2014- In today's cyber climate Distributed Denial of Service (DDoS) attacks are a matter of when, not if. This article provides an expert overview of the most common types of attacks and five key DDoS mitigation steps enterprises can take now to prepare for a future attack.
September 2013- Given the extraordinary and rapid changes in the DDoS terrain, traditional DDoS mitigation tactics are no longer sufficient to protect an organization's critical web systems. Verisign has identified a set of best practices that enables organizations to keep pace with DDoS attacks while minimizing impact on business operations.
February 2014- Distributed Denial of Service (DDoS) attacks today are targeting businesses of all sizes and types. This article provides an expert overview of common methods of DDoS attacks and four main ways enterprises and providers of Web applications can protect themselves and their customers from falling victim to this type of attack.
September 2013- Proactive DDoS threat mitigation may be one of the easiest and most cost-effective tactics for minimizing financial risk associated with IT-related downtime. This paper draws on Verisign's DDoS mitigation expertise to examine the threat of DDoS in the context of IT availability and enterprise risk management.
Mobility is changing the way we work, allowing employees to be productive in new ways; however, enterprise IT is still trying to get a grasp on managing, enabling and securing this modern mobility.
In this white paper, Jack Madden, enterprise mobility management expert at BrianMadden.com, provides a summary of the basic concepts within Mobile Device Management (MDM), as well as some guidelines and suggestions for how IT pros can create an enterprise ...
View All Categories
Business Intelligence : Analytics, Business Process Management, Content management, Dashboards, Data Mining, Data Quality, Databases, Datamarts/Data Warehouses, Information Management, Knowledge Management, Performance Management
Hardware : Blades, Data centers, Desktops/PCs, Grid/Cluster Computing, Handhelds/PDAs, Macintosh, Peripherals, Processors, Supercomputers, Unix/Linux servers, Utility/On-demand Computing, Virtualization Hardware, Windows Servers
Infrastructure : ATM, Ethernet/Gigabit Ethernet, Frame relay, IPv6, Traffic Management, Network/Systems Management, PBXs, Printers, Remote Access, Routers, Switches, UPS, VPNs, WAN Optimization/Acceleration, Wide Area File Services
Internet : B2B, B2C, Browsers, E-Business/E-Commerce, E-retail, Google, Internet Policy, Internet Security, Search, Social Networks, Traffic Reporting/Monitoring, Web 2.0, Web Development, Social Business
Management : Career Development, Executive Insights/Interviews, H-1B, Legal, Outsourcing, Personnel Management, Recruiting, Regulation/Compliance, ROI/TCO, Salary/Compensation, Small-Medium Business, Training, Workplace Trends
Personal Tech : Blackberry, Bluetooth, Bluray, Digital Cameras, Digital Music, Digital Rights Management, Global Positioning Systems, iPhone, iPod, Peripherals, Smartphones, TVs/Home Theater, Virtual worlds
Security : Antivirus, Application Security, Attacks/Breaches, Cyberterror, Encryption, End user/Client Security, Intrusion Prevention, NAC, Perimeter Security, Privacy, Security Administration, Storage Security, Vulnerabilities and Threats
Services : Business Process Outsourcing, Business Services, Disaster Recovery, Hosted Applications, Hosted Storage, Internet/Data Services, Outsourcing, Software as a Service, Systems Integration, Telecom/Voice Services
Software : Integration, Application Optimization, Business Systems Management, CRM, Database Applications, Databases, Development Tools, ERP, Hosted Software/Applications, Linux, Open Source, Operating Systems, Productivity Applications, Server Virtualization, Service Oriented Architecture, Web Services