http://www.infosecurity-magazine.com/ Copyright Elsevier Ltd Intuitiv Ltd (www.intuitiv.net) Sun, 14 Mar 2010 12:37:55 GMT http://www.infosecurity-magazine.com/ http://www.infosecurity-magazine.com/_common/img/template/infosec-uk/site-logo.gif http://www.infosecurity-magazine.com/download/174/ Learn how to simplify compliance reporting for stringent PCI DSS regulations by linking all access rights, privileges, and audit logs to a single, definitive Active Directory identity. Wed, 03 Feb 2010 00:00:00 GMT http://www.infosecurity-magazine.com/download/174/ http://www.infosecurity-magazine.com/download/168/ The Cabinet Office published the "Data Handling Procedures in UK Government", which highlights the need to restrict access to public sector data and encrypt data held on removable storage media such as CDs, USB keys and laptops. Mon, 01 Feb 2010 00:00:00 GMT http://www.infosecurity-magazine.com/download/168/ http://www.infosecurity-magazine.com/download/169/ Managing IT risk is part of running any business these days. Regardless of what business you’re in, understanding IT risk can help you increase network security, reduce management costs and achieve greater compliance. Corporate leaders who fail to identify, assess and mitigate IT risk are setting themselves up for serious security breaches and financial losses down the road. And those leaders who think that managing IT risk is the job solely of the IT staff may be in for a big shock. Mon, 01 Feb 2010 00:00:00 GMT http://www.infosecurity-magazine.com/download/169/ http://www.infosecurity-magazine.com/download/158/ Mon, 18 Jan 2010 14:51:13 GMT http://www.infosecurity-magazine.com/download/158/ http://www.infosecurity-magazine.com/download/131/ Maintaining information security is a multi-faceted operation that is best managed with a single comprehensive strategy rather than mix of tactics based on whatever point solutions are already deployed. Learn about the processes and technologies that support security information management (SIM) operations, as well as the business case for SIM. Tue, 15 Dec 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/131/ http://www.infosecurity-magazine.com/download/132/ Learn the strategies, actions, and capabilities that Best-in-Class organizations employ and technologies they choose to obtain superior performance against various security performance metrics. Tue, 15 Dec 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/132/ http://www.infosecurity-magazine.com/download/133/ In this podcast transcript, Jon Ramsey, Chief Technology Officer at SecureWorks, addresses an array of security issues currently facing businesses, including security in the cloud, insider attacks, securing mobile devices and how to manage spam and malware. Tue, 15 Dec 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/133/ http://www.infosecurity-magazine.com/download/113/ You know your organisation's data is its lifeblood, yet the protection of IP and sensitive information is all too often inadequate in today's networked world. Fri, 13 Nov 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/113/ http://www.infosecurity-magazine.com/download/114/ Blended threats are spam stealth attacks - moving undetected through your mail servers and blending in with all the other email - until they strike. They can compromise personal or corporate data, "recruit" computers into a network of bots, or initiate keystroke recording that collects passwords and other information. Fri, 13 Nov 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/114/ http://www.infosecurity-magazine.com/download/110/ A new report based, provided by Eset, provides details on the changing threat landscape in the United Kingdom. Fri, 06 Nov 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/110/ http://www.infosecurity-magazine.com/download/111/ This report, provided by Eset, offers an in-depth look at the top 10 malware threats through Sept. Fri, 06 Nov 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/111/ http://www.infosecurity-magazine.com/download/107/ IT organisations want to provide high-quality, low-cost technology services to business units as part of their basic mission. However, software complexity, manpower changes, mergers and acquisitions, and changing business requirements have complicated that mission. Trends such as managing mobility, virtualisation adoption, new and increasing compliance and governance requirements, and the need to modernise existing infrastructure add further complication to managing the IT environment. Tue, 27 Oct 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/107/ http://www.infosecurity-magazine.com/download/108/ Industry standards and government regulations such as Sarbanes-Oxley, PCI-DSS, HIPAA, Gramm-Leach-Bliley Act, and FISMA require organizations to constantly strengthen the protection of mission-critical information. With billions of dollars of annual losses attributed to security breaches, corporations are under pressure to eliminate non-secure legacy systems. Tue, 27 Oct 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/108/ http://www.infosecurity-magazine.com/download/103/ Capital Card Services provides credit card service management to financial and non-financial companies that desire to offer credit products and wish to outsource the necessary back office services. Thu, 22 Oct 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/103/ http://www.infosecurity-magazine.com/download/104/ More than 250 online sites entrust MarketLive to deliver stellar shopping experiences to their customers, necessitating both safeguards to protect cardholder information and compliance with industry regulations such as the Payment Card Industry’s Data Security Standard (PCI). With an increasing number of retailers facing PCI requirements, MarketLive decided to cre¬ate a strategic market advantage and become PCI compliant themselves. Thu, 22 Oct 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/104/ http://www.infosecurity-magazine.com/download/105/ Security threats are real-time and continual and changes occur overnight.. Thu, 22 Oct 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/105/ http://www.infosecurity-magazine.com/download/97/ Compliance is a key driver for deployment of IT security controls, and many organisations are pursuing automation to improve accuracy and lower costs of fulfilling requirements. Automating controls is not just laudable – it’s essential for finding and fixing a myriad of vulnerabilities that enable criminals to breach enterprise IT, disrupt electronic business processes, and steal confidential business and customer data. Wed, 21 Oct 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/97/ http://www.infosecurity-magazine.com/download/99/ Compliance with the Payment Card Industry (PCI) Data Security Standard (DSS) is mandatory if your company stores, processes, or transmits payment cardholder data. This reference source, provided by Qualys, is all about understanding PCI and how merchants can comply with its requirements. Wed, 21 Oct 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/99/ http://www.infosecurity-magazine.com/download/95/ How do organisations pass their PCI DSS audits yet still suffer security breaches? Paying attention to PCI DSS checklists only partially secures the cardholder environment. Fri, 16 Oct 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/95/ http://www.infosecurity-magazine.com/download/96/ Learn how to align PCI compliance with business processes for a more streamlined and reliable IT infrastructure with this whitepaper from the IT Compliance Institute. Fri, 16 Oct 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/96/ http://www.infosecurity-magazine.com/download/92/ With an increasing mobile force using a variety of wireless devices to access the Internet and download applications, confidential information becomes more easily accessible to hackers. This has complicated the job of information security professionals and raised awareness of how vulnerable mobile computing devices can be. Wed, 14 Oct 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/92/ http://www.infosecurity-magazine.com/download/91/ From compliance requirements to data gathering for forensic purposes, companies have opened up the floodgates to log data. Based on audit findings and internal investigations, they have deployed expensive technologies and lots of personnel without a full understanding of what to log and why. Companies and organizations need a log management strategy that combines requirements from auditors with a process for the security team based on risk to gain better visibility into log data. Tue, 13 Oct 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/91/ http://www.infosecurity-magazine.com/download/88/ At the Infosecurity Virtual Conference 2009, Eleanor Laing, Conservative MP, presented in our session, 'Infosecurity in government: What's going wrong, and how to fix it'. This download is the Conservative policy paper, titled Reversing the rise of the surveillance state. Tue, 29 Sep 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/88/ http://www.infosecurity-magazine.com/download/82/ The past few years have witnessed several highly publicized cases of security breaches at major corporations. These high-profile incidents have emphasized the need to protect and control sensitive corporate information within the enterprise environment. As more data resides at the endpoint, administrators are being forced to defend a new architecture that has critical corporate resources dispersed around the globe. Tue, 01 Sep 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/82/ http://www.infosecurity-magazine.com/download/83/ The responses received in a recent IDC survey regarding corporate IT security give rise to serious concerns about the pace at which enterprises are responding (or are able to respond) to the growing security threat to the endpoints of their IT infrastructure. In particular, the responses show that enterprises appear to be falling behind in the following areas: HIPS usage, layered protection, mobility security. Tue, 01 Sep 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/83/ http://www.infosecurity-magazine.com/download/81/ Organizations oftentimes spend upwards of 50% more on compliance efforts than necessary. This is due to the inefficient deployment of resources and manpower to satisfy the burgeoning set of internal and external compliance and audit mandates. This whitepaper outlines five ways to streamline compliance efforts and thereby reduce the IT audit tax. Wed, 26 Aug 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/81/ http://www.infosecurity-magazine.com/download/78/ White paper offers practical advice to ensure success. Tue, 18 Aug 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/78/ http://www.infosecurity-magazine.com/download/72/ Fri, 07 Aug 2009 10:49:40 GMT http://www.infosecurity-magazine.com/download/72/ http://www.infosecurity-magazine.com/download/70/ As businesses embrace mobility, IT professionals are facing new challenges. But gone are the days when stodgy IT departments would fight this business imperative. Most organisations today are simply trying to get smarter about how to manage and secure their increasingly mobile population and distributed assets. Wed, 22 Jul 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/70/ http://www.infosecurity-magazine.com/download/69/ You can’t afford to ignore email archiving, security, internal policy or regulatory requirements, but can you afford to keep paying for it as multiple systems on top of your email system? Fri, 17 Jul 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/69/ http://www.infosecurity-magazine.com/download/68/ To develop the necessary trust and confidence within the Public Sector communities and between Government and the citizens, a common approach to risk management and the implementation of anInformation Assurance framework becomes increasingly important. Thu, 16 Jul 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/68/ http://www.infosecurity-magazine.com/download/64/ The archiving market continues to expand as ‘cool’ vendors enter with new storage options and services that make archiving more cost-effective and ease the migration of older data. Wed, 17 Jun 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/64/ http://www.infosecurity-magazine.com/download/46/ Once a mere novelty peripheral, USB storage devices are now as common as the mouse and keyboard. Analysts say by 2010 the market will have shipped 2.8 billion USB-enabled devices. Unfortunately, even as USB devices have evolved into useful storage media, they’ve also turned into a security nightmare for organisations. Fri, 05 Jun 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/46/ http://www.infosecurity-magazine.com/download/42/ The rise of identity and access management has revolutionized how the enterprise defines a key domain of IT risk control. Access management has become a cornerstone of best practice in IT governance, risk and compliance control — except for the most important access of all, the privileged user for shared administrative accounts, and the embedded application identities found within applications, scripts and application servers. Mon, 01 Jun 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/42/ http://www.infosecurity-magazine.com/download/44/ When you talk about document security, there are many different ideas as to what security is actually wanted or needed. But the important question is, “what are you trying to achieve?” Mon, 01 Jun 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/44/ http://www.infosecurity-magazine.com/download/36/ eBook reports on how data-stealing malware is thwarting enterprise security, and offers solutions to combating these threats. Tue, 19 May 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/36/ http://www.infosecurity-magazine.com/download/35/ This whitepaper will examine PCI DSS and explain how Lumension® Compliance and IT Risk Management can help organizations reduce the cost of addressing compliance by streamlining and automating the IT audit process, unifying control and compliance frameworks, automating assessment and remediation processes, and enabling continuous monitoring of their compliance and IT risk management posture. Fri, 15 May 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/35/