This white paper seeks to describe nine schemes used by criminal entities targeting
employee-owned mobile devices to penetrate the corporate firewall and the risks they
pose. The threats discussed here include:
• Malware, trojans and zero-day attacks
• Key loggers
• Compromised Wi-Fi hotspots
• Poisoned DNS
• Malicious and privacy leaking apps
• Jail broken and rooted devices
• Unpatched OS Versions
• Spear phishing
• Advanced persistent threats
In addition, ...
May 2013- The mobile market is evolving rapidly. Both the consumer and enterprise markets are experiencing major changes. Room exists for new innovations as well as for established players to develop new revenue opportunities. What challenges will various players in the mobile ecosystem face in the near future, and what opportunities will the market present to them? In this report, Forrester looks at current market and technology adoption trends and makes its mobile security predictions.
May 2013- The IBM X-Force Trend and Risk Report is produced twice per year: once at mid-year and once at year-end. This report provides statistical information about all aspects of threats that affect Internet security, including software vulnerabilities and public exploitation, malware, spam, phishing, web-based threats, and general cyber criminal activity. They are intended to help customers, fellow researchers, and the public at large understand the changing nature of the threat landscape and what might be done ...
May 2013- In a hyper-connected era, a proactive integrated and strategic approach to security can empower businesses to do more than just cope with current threats - it can actually help reduce future risks. Read the IBM study, "Finding a strategic voice," and discover more insights from the 2012 IBM Chief Information Security Officer Assessment.
February 2013- Current market solutions are built to protect the enterprise and are too resource intensive for most organizations to manage. Learn about five key components that any risk-based information security solution must include to cost effectively and efficiently protect information and meet regulatory requirements - regardless of industry, organization size or security skill set.
Coping with the complexities of IT GRC is a growing market dilemma for small and medium organizations (SMEs) and a new IT GRC prescription is well overdue - one that provides true enterprise-class capabilities, but without the enterprise burden on resources.
This paper explains the SME information security landscape and how to best leverage an integrated, cloud-based approach to adopt an IT GRC strategy that reveals your organization's risk posture, enforces security policies, ...
February 2013- Threats and vulnerabilities are a way of life for IT admins. This paper focuses on how McAfee's Vulnerability Manager and McAfee ePolicy Orchestrator provide IT Admins with powerful and effective tool for identifying and remediating vulnerable systems.
February 2013- Information security based on regulatory compliance stipulations cannot keep up with today's sophisticated and rapidly changing threat landscape. CISOs need to implement a new discipline that ESG calls, "Real-time Risk Management."
February 2013- Taking a risk-based approach to vulnerability lifecycle management is becoming the norm for vulnerability assessment vendors. This paper reports on the findings when testing McAfee's Risk Management solution from a holistic risk management and vulnerability lifecycle management perspective.
February 2013- Vulnerability assessment vendors compete on management features, configuration assessment, price, reporting and integratin with other security products. Buyers must consider how VA will fit into their overal vulnerability management process when evaluatiing VA products and services.
February 2013- Some IT and Security teams wonder if automated vulnerability management is important given the many pressing demands for other IT projects and investments they face. The purpose of this paper is to help these IT and Security professionals evaluate their security posture and risk.
February 2013- As long as there is software, there will be software vulnerabilities. And wherever there are vulnerabilities, you will find malware and cybercriminals. This paper will examine that risk and provide a step by step process to protect your companies critical assets.
February 2013- Up until now, your view of risk while monitoring your network has been incomplete. This white paper discusses a new, innovative approach to protecting your network through a combination of active and passive network discovery and monitoring, in real-time.
Security is a competitive differentiator for SmartCloud for Social Business. SmartCloud for Social Business's business-ready security is based on a deep understanding of security and privacy best practices developed at IBM over decades of managing data and systems on behalf of IBM and its clients.
IBM's security controls provide privacy and controlled authorization to sensitive information while enabling business operations. SC4SB protects our customers' information through governance, tools, technology, techniques, and personnel, ...
December 2012- 2011 was the year of the security breach. And while many security organizations remain in crisis response mode, some security leaders have moved to take a more proactive position, taking steps to reduce future risk. These leaders see their organizations as more mature in their security-related capabilities and better prepared to meet new threats. What have they done to create greater confidence? More importantly, can their actions show the way forward for others?
December 2012- IBM Security and IBM Information Management solutions for security work with the IBM System z platform to allow the mainframe to serve as an enterprise security hub, providing comprehensive, centralized security capabilities for organizations with distributed, multiplatform IT environments.
December 2012- In complex organizations with sprawling role structures, managing user access and entitlements can be overwhelming. As part of an effective strategy for identity and access management governance, role management is a powerful method with which to strengthen and streamline the management process. Although role management solutions may help, many are overly complex and are not suited for business users. To find out how the integrated Role and Policy Modeler component of IBM Security Identity Manager ...
October 2012- This White Paper discusses how you can generate tokens that replace credit card numbers with surrogates, removing systems from PCI DSS "Scope" -- which include any network components that are the primary focus of PCI DSS regulation, compliance and assessment.
October 2012- PCI DSS expert and QSA Walter Conway takes you on a deep dive tour of tokenization techniques and their merits. He also demystifies tokenization by discussing use cases, comparing tokenization vs. encryption and providing various alternatives for implementing tokenization. Finally, Walter provides guidance on how to prepare for implementing tokenization and select a solution appropriate for your needs.
October 2012- Does your anti-virus bring your systems to a crawl? Is it causing administrators to pull their hair out? This whitepaper shows you how to solve both problems with one product!
October 2012- Get the most up-to-date view of the IT security threat landscape from the experts at ESET. This monthly threat report is required reading for anyone involved with IT Security.
A Comprehensive Data Privacy Plan
As the increase in doing business and sharing of information, or data, online continues to grow exponentially, the importance of developing a data privacy strategy is critical.
Websites, online ads, mobile apps, and cloud services give you more information about your customer than ever before. Who owns what data and who has access to it gets complicated fast. You may be collecting:
• Individual identity ...
As advances in mobility and client computing technology extend from the home into the work place, the classroom and even into government entities, CIOs should consider seriously the opportunities for increased productivity and communication with customers and constituents, as well as understand the increased security risks posed by online, anytime access to private networks and data.
Read this paper to learn more about how CIOs can proactively respond to these trends by developing ...
Today's cyber attacks are more targeted and sophisticated than ever. They require a proactive approach to protecting your enterprise. What is needed is more automated, effective correlation and intelligent analysis of the overwhelming quantity of system data. In other words, today's security professional needs more actionable data for faster insight into system usage and activity.
Download this whitepaper to learn how Bit9 extends threat detection to endpoints and provides the information the Security ...
Anonymous hacktivists, cyber criminals and nation-states are viewed as the top three threats in 2012 in this Bit9 survey of more than 1,800 IT professionals. And more than 60 percent of those surveyed believe that they will be the target of a cyber-attack in the next 6 months.
Download this research report to find out how your security and IT colleagues view the world of advanced cyber threats and find out how you compare.
View All Categories
Business Intelligence : Analytics, Business Process Management, Content management, Dashboards, Data Mining, Data Quality, Databases, Datamarts/Data Warehouses, Information Management, Knowledge Management, Performance Management
Hardware : Blades, Data centers, Desktops/PCs, Grid/Cluster Computing, Handhelds/PDAs, Macintosh, Peripherals, Processors, Supercomputers, Unix/Linux servers, Utility/On-demand Computing, Virtualization Hardware, Windows Servers
Infrastructure : ATM, Ethernet/Gigabit Ethernet, Frame relay, IPv6, Traffic Management, Network/Systems Management, PBXs, Printers, Remote Access, Routers, Switches, UPS, VPNs, WAN Optimization/Acceleration, Wide Area File Services
Internet : B2B, B2C, Browsers, E-Business/E-Commerce, E-retail, Google, Internet Policy, Internet Security, Search, Social Networks, Traffic Reporting/Monitoring, Web 2.0, Web Development, Social Business
Management : Career Development, Executive Insights/Interviews, H-1B, Legal, Outsourcing, Personnel Management, Recruiting, Regulation/Compliance, ROI/TCO, Salary/Compensation, Small-Medium Business, Training, Workplace Trends
Personal Tech : Blackberry, Bluetooth, Bluray, Digital Cameras, Digital Music, Digital Rights Management, Global Positioning Systems, iPhone, iPod, Peripherals, Smartphones, TVs/Home Theater, Virtual worlds
Security : Antivirus, Application Security, Attacks/Breaches, Cyberterror, Encryption, End user/Client Security, Intrusion Prevention, NAC, Perimeter Security, Privacy, Security Administration, Storage Security, Vulnerabilities and Threats
Services : Business Process Outsourcing, Business Services, Disaster Recovery, Hosted Applications, Hosted Storage, Internet/Data Services, Outsourcing, Software as a Service, Systems Integration, Telecom/Voice Services
Software : Integration, Application Optimization, Business Systems Management, CRM, Database Applications, Databases, Development Tools, ERP, Hosted Software/Applications, Linux, Open Source, Operating Systems, Productivity Applications, Server Virtualization, Service Oriented Architecture, Web Services