March 2014- You just got news of yet another issue that just happened in your business that now you need to deal with - it could be a sexual harassment claim, a tip on an employee stealing, or just someone goofing off on the Internet for way too long. Some issues only require the employees involved to get in a room with HR to address, while others require extensive detective work by the good folks in IT. ...
Are you Catching the Signals
The insider threat is alive, thriving and often responsible for major data breaches that expose everything from consumer credit-card information to valuable intellectual property (IP), and the findings of our most recent survey support this assertion. The results from a pool of 419 enterprise-security respondents revealed that 23 percent of enterprises have experienced insider-driven data breaches.
Download this report and read more about 10 alarming Insider Threat trends.
Security & Risk professionals recognize the value and benefits of implementing an employee-monitoring program. Privacy advocates and Legal and Human Resources professionals see potentially unwarranted invasion of employee privacy as reasons not to monitor, or at least to restrict monitoring to instances where enough "probable cause" exists to warrant tilting the balance between the privacy of an employee and the interests of the company.
In this whitepaper you will learn how to assist company ...
March 2014- It isn?t hard to set up security for the wireless router in your basement: change the SSID, pick a strong password and perhaps install VPN software for remote access. But securing wireless networks in a business environment is much more demanding. Learn best practices that can help administrators go beyond the basics of wireless security to provide advanced security, manageability and accessibility.
The threat landscape is changing, or is it?
Many papers on the topic of advanced persistent threats (APTs) begin with ominous references to the changing threat landscape and stories of how highly sophisticated cyber attacks are becoming more prevalent. That can be misleading. The majority of attacks today still use many techniques that have been around for years-social engineering, phishing emails, backdoor exploits and drive-by downloads, to name the biggest ones.
When an organization has been compromised, some of the first questions to ask are critical:
•Which systems can I trust?
•What was done to compromise my systems or data?
•How quickly can I figure out where I stand?
Tripwire is often called in after the fact to help answer these questions, even if the breached organization was not monitoring their systems with Tripwire technology. The following ...
May 2012- Organizations have traditionally viewed vulnerability scanners as a tactical product, largely commoditized, and only providing value around audit time. How useful is a 100-page vulnerability report to an operations person trying to figure out what to fix next? But the tide is definitely turning?there is now a clear shift from a largely compliance-driven orientation to a more security-centric view. It?s widely acknowledged that compliance provides a low bar for security, and it just ...
In almost every year since 2000, the Internet Crime Complaint Center has reported an increase in cybersecurity crime reports by individuals and organizations. Over the last dozen years, the number of attacks reported in the United States seems to grow consistently over time. After examining this trend, the question arises: Is there anything an organization can do to stop these attacks from occurring and protect their critical information systems from intruders?
Business leaders need ...
March 2014- Measuring and managing the security risk associated with information and information technology remains one of the most challenging and elusive problems faced by all levels of an organization. The challenge of how to measure, and therefore how to manage, risk is ever-present and top of mind for information security professionals. Unfortunately, most of the tools for vulnerability and risk management that exist today do not provide a suitable metric and consequently do not improve an ...
Most organizations understand the critical role that vulnerability management (VM) plays in helping them meet compliance requirements,ensure security and reduce risk. However, many organizations discover,only after investing in a solution, that it doesn't properly address their needs. Avoiding this costly mistake can be difficult though, because at first glance many VM solutions appear similar.
This guide helps you objectively choose a new or replacement VM solution by teasing out the real ...
March 2014- With the sophistication and sheer volume of exploits targeting major applications and operating systems, the speed of assessment and deployment of security patches across your complex IT infrastructure is key to mitigating risks and remediating vulnerabilities. Here are the Lumension-recommended steps to cure your patch management headache.
March 2014- Last year we offered our thoughts on buying Endpoint Security Management offerings - including patching, configuration, device control, and file integrity monitoring - which are increasingly bundled in suites to simplify management. In this updated and revised 2014 Endpoint Security Buyer's Guide we update our research on the management functions described last year and add coverage of antimalware, mobility, and BYOD. All very timely and relevant topics. The goal of this guide remains to provide clear ...
March 2014- Memory injections are on the rise. And traditional endpoint security tools can do little to stop them. Here's what you need to know about memory-based attacks-and how to effectively protect against them.
March 2014- Corporate economic concerns have put increased pressure on already limited IT resources in recent years as the onslaught of malware and sophistication of cyber attacks continues to grow at exponential rates. As a result, 50% of endpoint operating costs are directly attributable to malware, yet corporate IT budgets are still focused on maintaining stand alone antivirus as the keystone in endpoint security. In this paper, we will benchmark the effectiveness of standalone AV and O/S ...
March 2014- Understanding the industry of fraud and its impact on global businesses is critical to defend against the growing sophistication of cyber threats. Learn how organizations are using dynamic, intelligence-driven techniques to redefine fraud risk.
March 2014- In its latest Executive Brief, security industry analyst Frost & Sullivan examines why any organization can be a target, and how robust authentication from leading global vendor RSA is a proven strategy for reducing your vulnerability. RSA's breadth of form factors - including Risk-Based Authentication - is just one aspect that sets RSA solutions apart. The insightful content focuses on: Why even secure passwords aren't enough, what makes an organization a target, four key areas that ...
March 2014- Making the Case for Strong Authentication - in this paper, RSA examines the need for strong authentication and explores the return on investment that can be realized in order to help organizations make an informed decision when contemplating their strategic move toward more effective security.
March 2014- This paper focuses on defining levels of critical incident response maturity and how organizations can continually improve their incident response capabilities to help reduce the risk of experiencing a damaging incident. It provides a framework to help organizations determine where they are in the security journey and where they want to be.
March 2014- Learn about the tools, technologies and techniques required for comprehensive detection and remediation of advanced malware threats and why traditional signature-based approaches fall short of protecting your organization.
March 2014- The demand for new and innovative technology solutions has created a software industry laser focused on speed to market, costs and product functionality. While this may help companies achieve a first-to-market advantage, it has also led to an environment where developers are more focused on meeting unrealistic schedule commitments than producing high-quality software. The result is a "deliver now, fix later" software development culture, where it is acceptable to leave the task of finding and ...
From sophisticated new forms of malware to nation-state sponsored attacks and the advanced persistent threat, cybersecurity incidents have evolved at a rapid pace and are taking down entire networks, successfully stealing sensitive data and costing organizations millions to remediate.
In this white paper this report, you'll receive a comprehensive overview of survey results and expert analysis on:
• The top security threats for global organizations in 2013;
• The largest gaps in organization's ...
If information is the lifeblood of today's digital economy, data centers are the heart. These mini-metropolises of silicon, metal, and cable are as essential to modern business as steel, motors, and coal were to the last great industrial revolution. In addition to their vital role in most business processes, data centers are the building blocks of emerging trends such as Big Data, global collaboration, and even bring-your-own-device (BYOD).
The white paper describes:
Today's cyber attacks have changed radically from just a few years ago. No longer are they the sole province of opportunistic crooks, online vandals and digitial ""hacktivists."" Today, advanced cyber attacks are the weapon of choice for organized criminal enterprises and nation-states.
This white paper highlights:
• Why organizations need much more than fundamental security tools;
• Strategies for dealing with advanced targeted attacks.
Whether they work for an up-and-coming startup or an industry giant, security response teams are under siege as never before. Today's cyber attacks are sophisticated, relentless, and devastating, costing U.S. businesses $8.9 million a year each on average. Attacking in multiple stages across multiple vectors, advanced persistent threats (APTs) and other sophisticated attacks easily evade signature-based detection and other traditional defenses.
Thiswhite paper describes:
• The 10 most common mistakes, strategic and technical, ...
March 2014- Learn about how your NGFW must be able to deliver a deeper level of network security to safeguard your organization from ever-evolving threats.
View All Categories
Business Intelligence : Analytics, Business Process Management, Content management, Dashboards, Data Mining, Data Quality, Databases, Datamarts/Data Warehouses, Information Management, Knowledge Management, Performance Management
Hardware : Blades, Data centers, Desktops/PCs, Grid/Cluster Computing, Handhelds/PDAs, Macintosh, Peripherals, Processors, Supercomputers, Unix/Linux servers, Utility/On-demand Computing, Virtualization Hardware, Windows Servers
Infrastructure : ATM, Ethernet/Gigabit Ethernet, Frame relay, IPv6, Traffic Management, Network/Systems Management, PBXs, Printers, Remote Access, Routers, Switches, UPS, VPNs, WAN Optimization/Acceleration, Wide Area File Services
Internet : B2B, B2C, Browsers, E-Business/E-Commerce, E-retail, Google, Internet Policy, Internet Security, Search, Social Networks, Traffic Reporting/Monitoring, Web 2.0, Web Development, Social Business
Management : Career Development, Executive Insights/Interviews, H-1B, Legal, Outsourcing, Personnel Management, Recruiting, Regulation/Compliance, ROI/TCO, Salary/Compensation, Small-Medium Business, Training, Workplace Trends
Personal Tech : Blackberry, Bluetooth, Bluray, Digital Cameras, Digital Music, Digital Rights Management, Global Positioning Systems, iPhone, iPod, Peripherals, Smartphones, TVs/Home Theater, Virtual worlds
Security : Antivirus, Application Security, Attacks/Breaches, Cyberterror, Encryption, End user/Client Security, Intrusion Prevention, NAC, Perimeter Security, Privacy, Security Administration, Storage Security, Vulnerabilities and Threats
Services : Business Process Outsourcing, Business Services, Disaster Recovery, Hosted Applications, Hosted Storage, Internet/Data Services, Outsourcing, Software as a Service, Systems Integration, Telecom/Voice Services
Software : Integration, Application Optimization, Business Systems Management, CRM, Database Applications, Databases, Development Tools, ERP, Hosted Software/Applications, Linux, Open Source, Operating Systems, Productivity Applications, Server Virtualization, Service Oriented Architecture, Web Services