Coping with the complexities of IT GRC is a growing market dilemma for small and medium organizations (SMEs) and a new IT GRC prescription is well overdue - one that provides true enterprise-class capabilities, but without the enterprise burden on resources.
This paper explains the SME information security landscape and how to best leverage an integrated, cloud-based approach to adopt an IT GRC strategy that reveals your organization's risk posture, enforces security policies, ...
February 2013- Threats and vulnerabilities are a way of life for IT admins. This paper focuses on how McAfee's Vulnerability Manager and McAfee ePolicy Orchestrator provide IT Admins with powerful and effective tool for identifying and remediating vulnerable systems.
February 2013- Information security based on regulatory compliance stipulations cannot keep up with today's sophisticated and rapidly changing threat landscape. CISOs need to implement a new discipline that ESG calls, "Real-time Risk Management."
February 2013- Taking a risk-based approach to vulnerability lifecycle management is becoming the norm for vulnerability assessment vendors. This paper reports on the findings when testing McAfee's Risk Management solution from a holistic risk management and vulnerability lifecycle management perspective.
February 2013- Vulnerability assessment vendors compete on management features, configuration assessment, price, reporting and integratin with other security products. Buyers must consider how VA will fit into their overal vulnerability management process when evaluatiing VA products and services.
February 2013- Some IT and Security teams wonder if automated vulnerability management is important given the many pressing demands for other IT projects and investments they face. The purpose of this paper is to help these IT and Security professionals evaluate their security posture and risk.
February 2013- As long as there is software, there will be software vulnerabilities. And wherever there are vulnerabilities, you will find malware and cybercriminals. This paper will examine that risk and provide a step by step process to protect your companies critical assets.
February 2013- Up until now, your view of risk while monitoring your network has been incomplete. This white paper discusses a new, innovative approach to protecting your network through a combination of active and passive network discovery and monitoring, in real-time.
Security is a competitive differentiator for SmartCloud for Social Business. SmartCloud for Social Business's business-ready security is based on a deep understanding of security and privacy best practices developed at IBM over decades of managing data and systems on behalf of IBM and its clients.
IBM's security controls provide privacy and controlled authorization to sensitive information while enabling business operations. SC4SB protects our customers' information through governance, tools, technology, techniques, and personnel, ...
December 2012- 2011 was the year of the security breach. And while many security organizations remain in crisis response mode, some security leaders have moved to take a more proactive position, taking steps to reduce future risk. These leaders see their organizations as more mature in their security-related capabilities and better prepared to meet new threats. What have they done to create greater confidence? More importantly, can their actions show the way forward for others?
December 2012- IBM Security and IBM Information Management solutions for security work with the IBM System z platform to allow the mainframe to serve as an enterprise security hub, providing comprehensive, centralized security capabilities for organizations with distributed, multiplatform IT environments.
December 2012- In complex organizations with sprawling role structures, managing user access and entitlements can be overwhelming. As part of an effective strategy for identity and access management governance, role management is a powerful method with which to strengthen and streamline the management process. Although role management solutions may help, many are overly complex and are not suited for business users. To find out how the integrated Role and Policy Modeler component of IBM Security Identity Manager ...
October 2012- This White Paper discusses how you can generate tokens that replace credit card numbers with surrogates, removing systems from PCI DSS "Scope" -- which include any network components that are the primary focus of PCI DSS regulation, compliance and assessment.
October 2012- PCI DSS expert and QSA Walter Conway takes you on a deep dive tour of tokenization techniques and their merits. He also demystifies tokenization by discussing use cases, comparing tokenization vs. encryption and providing various alternatives for implementing tokenization. Finally, Walter provides guidance on how to prepare for implementing tokenization and select a solution appropriate for your needs.
October 2012- Does your anti-virus bring your systems to a crawl? Is it causing administrators to pull their hair out? This whitepaper shows you how to solve both problems with one product!
October 2012- Get the most up-to-date view of the IT security threat landscape from the experts at ESET. This monthly threat report is required reading for anyone involved with IT Security.
A Comprehensive Data Privacy Plan
As the increase in doing business and sharing of information, or data, online continues to grow exponentially, the importance of developing a data privacy strategy is critical.
Websites, online ads, mobile apps, and cloud services give you more information about your customer than ever before. Who owns what data and who has access to it gets complicated fast. You may be collecting:
• Individual identity ...
As advances in mobility and client computing technology extend from the home into the work place, the classroom and even into government entities, CIOs should consider seriously the opportunities for increased productivity and communication with customers and constituents, as well as understand the increased security risks posed by online, anytime access to private networks and data.
Read this paper to learn more about how CIOs can proactively respond to these trends by developing ...
Today's cyber attacks are more targeted and sophisticated than ever. They require a proactive approach to protecting your enterprise. What is needed is more automated, effective correlation and intelligent analysis of the overwhelming quantity of system data. In other words, today's security professional needs more actionable data for faster insight into system usage and activity.
Download this whitepaper to learn how Bit9 extends threat detection to endpoints and provides the information the Security ...
Anonymous hacktivists, cyber criminals and nation-states are viewed as the top three threats in 2012 in this Bit9 survey of more than 1,800 IT professionals. And more than 60 percent of those surveyed believe that they will be the target of a cyber-attack in the next 6 months.
Download this research report to find out how your security and IT colleagues view the world of advanced cyber threats and find out how you compare.
August 2012- Company directors have a duty to protect the assets of their organizations. Now, this duty extends to digital assets, and has been expanded by laws and regulations that impose specific privacy and cyber security obligations on companies. This 2012 survey is the first global governance survey, comparing responses from industry sectors and geographical regions.
RSA, The Security Division of EMC released key findings from the RSA Archer GRC Executive Forum it hosted recently, where governance, risk and compliance (GRC) leaders from 34 leading corporations discussed enterprise risk management strategies and best practices.
A dominant theme from the forum's executive participants was that corporate boards of directors are taking note of GRC demands and are now looking for greater visibility into the risks that could negatively impact their organizations.<...
August 2012- The focus of this research is to examine the challenges global organizations face in meeting escalating enterprise Governance, Risk and Compliance (eGRC) objectives.
August 2012- An EMC perspective that discusses the Marketplace changes and organizational changes that make a compelling case for companies to unify their approach to governance, risk and compliance approach where policies, data and controls are strategically managed and visible throughout the enterprise.
August 2012- Organizations must look to improve operational efficiency in enterprise governance, risk and compliance (eGRC) initiatives to meet current fiscal concerns while providing a framework on which to build a rigorous eGRC program.
View All Categories
Business Intelligence : Analytics, Business Process Management, Content management, Dashboards, Data Mining, Data Quality, Databases, Datamarts/Data Warehouses, Information Management, Knowledge Management, Performance Management
Hardware : Blades, Data centers, Desktops/PCs, Grid/Cluster Computing, Handhelds/PDAs, Macintosh, Peripherals, Processors, Supercomputers, Unix/Linux servers, Utility/On-demand Computing, Virtualization Hardware, Windows Servers
Infrastructure : ATM, Ethernet/Gigabit Ethernet, Frame relay, IPv6, Traffic Management, Network/Systems Management, PBXs, Printers, Remote Access, Routers, Switches, UPS, VPNs, WAN Optimization/Acceleration, Wide Area File Services
Internet : B2B, B2C, Browsers, E-Business/E-Commerce, E-retail, Google, Internet Policy, Internet Security, Search, Social Networks, Traffic Reporting/Monitoring, Web 2.0, Web Development, Social Business
Management : Career Development, Executive Insights/Interviews, H-1B, Legal, Outsourcing, Personnel Management, Recruiting, Regulation/Compliance, ROI/TCO, Salary/Compensation, Small-Medium Business, Training, Workplace Trends
Personal Tech : Blackberry, Bluetooth, Bluray, Digital Cameras, Digital Music, Digital Rights Management, Global Positioning Systems, iPhone, iPod, Peripherals, Smartphones, TVs/Home Theater, Virtual worlds
Security : Antivirus, Application Security, Attacks/Breaches, Cyberterror, Encryption, End user/Client Security, Intrusion Prevention, NAC, Perimeter Security, Privacy, Security Administration, Storage Security, Vulnerabilities and Threats
Services : Business Process Outsourcing, Business Services, Disaster Recovery, Hosted Applications, Hosted Storage, Internet/Data Services, Outsourcing, Software as a Service, Systems Integration, Telecom/Voice Services
Software : Integration, Application Optimization, Business Systems Management, CRM, Database Applications, Databases, Development Tools, ERP, Hosted Software/Applications, Linux, Open Source, Operating Systems, Productivity Applications, Server Virtualization, Service Oriented Architecture, Web Services