http://www.infosecurity-magazine.com/ Copyright Elsevier Ltd Intuitiv Ltd (www.intuitiv.net) Tue, 18 Jun 2013 04:33:29 GMT http://www.infosecurity-magazine.com/ http://www.infosecurity-magazine.com/_common/img/template/infosec-uk/site-logo.gif http://www.infosecurity-magazine.com/download/1141/ The new Gartner case study highlights how an organization utilized NAC and mobile device management solutions to establish policies for enabling a BYOD environment with an acceptable level of risk. Sat, 01 Jun 2013 00:00:00 GMT http://www.infosecurity-magazine.com/download/1141/ http://www.infosecurity-magazine.com/download/1148/ Java vulnerabilities have dominated the security headlines. Some observers now say organizations should simply turn off the ubiquitous software platform. Wed, 29 May 2013 00:00:00 GMT http://www.infosecurity-magazine.com/download/1148/ http://www.infosecurity-magazine.com/download/1133/ Every enterprise is potentially risking upwards of $400 million from attacks against cryptographic keys and digital certificates—yet few enterprises are managing these critical resources. Fri, 10 May 2013 00:00:00 GMT http://www.infosecurity-magazine.com/download/1133/ http://www.infosecurity-magazine.com/download/1109/ Read the Gartner report on Network Access Control with ForeScout as a Magic Quadrant Leader. Find out how all the NAC vendors stack up and the importance of Magic Quadrant leadership for your company. Thu, 04 Apr 2013 00:00:00 GMT http://www.infosecurity-magazine.com/download/1109/ http://www.infosecurity-magazine.com/download/1101/ Third-party applications, browsers and plugins have become the attack vector of choice for the modern cyber criminal. Computing surveyed over 200 UK business decision makers to understand how they perceived the risks that they faced from third-party applications. Wed, 20 Mar 2013 00:00:00 GMT http://www.infosecurity-magazine.com/download/1101/ http://www.infosecurity-magazine.com/download/1100/ The Payment Card Industry Data Security Standards (PCI DSS), with its over 200 requirements, can seem like a daunting set of regulations. Nonetheless, if your organization handles any kind of credit card information, you must be PCI DSS compliant. Tue, 19 Mar 2013 00:00:00 GMT http://www.infosecurity-magazine.com/download/1100/ http://www.infosecurity-magazine.com/download/1094/ After Hurricane Sandy struck, companies with well-architected, thoroughly tested, and fully documented disaster recovery (DR) plans and solutions were able to bounce back quickly. Wed, 13 Mar 2013 00:00:00 GMT http://www.infosecurity-magazine.com/download/1094/ http://www.infosecurity-magazine.com/download/1067/ This white paper analyses how emerging key management and access control technologies will likely impact PCI compliance mandates and presents SSH’s Universal SSH Key Manager as a solution that can be implemented today to both increase security controls and meet the coming, common sense changes to compliance mandates. Fri, 22 Feb 2013 00:00:00 GMT http://www.infosecurity-magazine.com/download/1067/ http://www.infosecurity-magazine.com/download/1068/ The January 2013 report from ESET covering the top threat trends occurring globally in the past month. Plus a feature article from ESET Senior Research Fellow, David Harley, on how viruses are circulated in email hoaxes. Fri, 22 Feb 2013 00:00:00 GMT http://www.infosecurity-magazine.com/download/1068/ http://www.infosecurity-magazine.com/download/1069/ Why are so many companies uncomfortable with their ability to manage active business data - and where is this data coming from? Companies are experiencing new challenges from the ever-increasing size, speed and variety of data. Social media has exploded in recent years, but other business issues are contributing to the dilemma. Fri, 22 Feb 2013 00:00:00 GMT http://www.infosecurity-magazine.com/download/1069/ http://www.infosecurity-magazine.com/download/1062/ The new threat landscape has changed. Next generation firewalls, intrusion prevention systems (IPS), anti-virus and security gateways are not adequately protecting organisations from next generation threats. Mon, 18 Feb 2013 00:00:00 GMT http://www.infosecurity-magazine.com/download/1062/ http://www.infosecurity-magazine.com/download/1045/ The sheer magnitude of the enterprise vulnerability problem is daunting. In today’s enterprise-scale networks, scanners may identify tens of thousands or hundreds of thousands of vulnerabilities at once. Review and remediation efforts may take weeks. New vulnerabilities and threats are introduced daily. Fri, 08 Feb 2013 00:00:00 GMT http://www.infosecurity-magazine.com/download/1045/ http://www.infosecurity-magazine.com/download/1043/ Keeping track of 10,000+ of anything is a management nightmare. With ongoing compliance oversight and evolving security attacks against vulnerable endpoint devices, getting a handle on managing endpoint becomes more important every day. Thu, 07 Feb 2013 00:00:00 GMT http://www.infosecurity-magazine.com/download/1043/ http://www.infosecurity-magazine.com/download/1041/ Cyber threats are becoming ever more insidious and affect organizations of all sizes, spanning all industries. Organizations need to take a more proactive stance on security, and focus on only allowing what is good to execute on their networks to create an atmosphere of trust. Tue, 05 Feb 2013 00:00:00 GMT http://www.infosecurity-magazine.com/download/1041/ http://www.infosecurity-magazine.com/download/1037/ Companies must achieve and maintain compliance with PCI DSS, but also manage geographically distributed networks, usually containing both structured and unstructured data. Learn how Vormetric Data Security helps organisations meet PCI DSS compliance demands with a transparent data security approach that requires minimal administrative support and does not undermine performance. Fri, 01 Feb 2013 00:00:00 GMT http://www.infosecurity-magazine.com/download/1037/ http://www.infosecurity-magazine.com/download/1035/ We are pleased to present the results of the 2013 State of the Endpoint study sponsored by Lumension® and conducted by Ponemon Institute. Since 2010, we have tracked endpoint risk in organizations, the resources to address the risk and the technologies deployed to manage threats. Thu, 24 Jan 2013 00:00:00 GMT http://www.infosecurity-magazine.com/download/1035/ http://www.infosecurity-magazine.com/download/1034/ The cornerstones of a proactive security strategy are vulnerability management and risk assessment. However, traditional “scan-and-patch” vulnerability scanning approaches are inadequate for dynamic, virtualized environments. Tue, 22 Jan 2013 00:00:00 GMT http://www.infosecurity-magazine.com/download/1034/ http://www.infosecurity-magazine.com/download/1024/ Use predictive solutions to stay ahead of cyber security threats using security risk management. Wed, 02 Jan 2013 00:00:00 GMT http://www.infosecurity-magazine.com/download/1024/ http://www.infosecurity-magazine.com/download/1023/ Without an on-going security testing regiment in place, even the most sophisticated IT defence measures will not guard organizations against crippling attacks, data leaks or internal sabotage. Thu, 20 Dec 2012 00:00:00 GMT http://www.infosecurity-magazine.com/download/1023/ http://www.infosecurity-magazine.com/download/967/ Are you considering a secure, managed file transfer solution to address the security of information and data transferred to, from and inside your organization? Wed, 31 Oct 2012 00:00:00 GMT http://www.infosecurity-magazine.com/download/967/ http://www.infosecurity-magazine.com/download/943/ According to the results of a recent survey conducted by Bit9, European IT managers in France, Germany, Spain and the UK are aware of the changing nature of cyber attacks; how these more advanced attacks target their infrastructure; and what they would like to see as the most effective strategies for protecting their organisations. Tue, 09 Oct 2012 00:00:00 GMT http://www.infosecurity-magazine.com/download/943/ http://www.infosecurity-magazine.com/download/946/ Managing risk within today’s enterprise network environments represents a significant challenge. Enterprises have more IP addresses, servers, mobile phones, partners, applications and data than ever before. Tue, 09 Oct 2012 00:00:00 GMT http://www.infosecurity-magazine.com/download/946/ http://www.infosecurity-magazine.com/download/934/ Securing any device used by mobile workers is a challenge but laptop computers, still the most vulnerable of all endpoint devices, presents the biggest threat to corporate security. Laptops today are far more numerous that other mobile devices and are more tightly integrated into the enterprise infrastructure. They are prime targets for malware attacks. Wed, 26 Sep 2012 00:00:00 GMT http://www.infosecurity-magazine.com/download/934/ http://www.infosecurity-magazine.com/download/962/ Malnets (malware networks) are extensive infrastructures embedded in the Internet that are designed to deliver mass market attacks to the largest possible audience on a continuous basis. In 2012, Blue Coat expects these infrastructures will be responsible for more than two thirds of all malicious cyber-attacks. Wed, 26 Sep 2012 00:00:00 GMT http://www.infosecurity-magazine.com/download/962/ http://www.infosecurity-magazine.com/download/928/ The FireEye® Advanced Threat Report for the first half of 2012 is based on research and trend analysis conducted by the FireEye Malware Intelligence Lab. This report provides an overview of the current threat landscape, evolving advanced malware and advanced persistent threat (APT) tactics, and the level of infiltration seen in organizations’ networks today. Mon, 24 Sep 2012 00:00:00 GMT http://www.infosecurity-magazine.com/download/928/ http://www.infosecurity-magazine.com/download/912/ In the real world the security landscape can be a harsh environment. Hackers are using more sophisticated attack methods to penetrate networks and steal company data; social networks are being compromised and used to distribute malware, and instigate phishing attacks; and the proliferation of mobile and cloud applications are opening new vulnerabilities ripe for exploitation. Mon, 10 Sep 2012 00:00:00 GMT http://www.infosecurity-magazine.com/download/912/ http://www.infosecurity-magazine.com/download/901/ Despite spending more than $20 billion annually on IT security, over 95 percent of companies harbor advanced malware within their networks. Learn how to combat the cybercriminals that continue to outsmart older, signature-based security technologies. Wed, 22 Aug 2012 00:00:00 GMT http://www.infosecurity-magazine.com/download/901/ http://www.infosecurity-magazine.com/download/867/ What happens when employees go around IT and use their own Dropbox-like services, webmail or USB drives to send company information? This behavior presents significant security and compliance risks including: Loss of control over who has access to files and data, lack of visibility and audit trails, risk of data breaches and compliance violations. Fri, 20 Jul 2012 00:00:00 GMT http://www.infosecurity-magazine.com/download/867/ http://www.infosecurity-magazine.com/download/854/ One of the most essential elements of monitoring employees’ online behavior is crafting a strong, updated policy for Internet use. Tue, 26 Jun 2012 00:00:00 GMT http://www.infosecurity-magazine.com/download/854/ http://www.infosecurity-magazine.com/download/823/ As organizations increasingly participate in a collaborative economy, sharing documents becomes ever more crucial. Fri, 01 Jun 2012 00:00:00 GMT http://www.infosecurity-magazine.com/download/823/ http://www.infosecurity-magazine.com/download/824/ Today, what virtualization software can accomplish is nearly limitless. But has your computer security methodology and software kept up? Tue, 29 May 2012 00:00:00 GMT http://www.infosecurity-magazine.com/download/824/ http://www.infosecurity-magazine.com/download/810/ Business users are a key part of a company's security, and even the most conscientious employees can introduce serious breaches of security policy. Wed, 23 May 2012 00:00:00 GMT http://www.infosecurity-magazine.com/download/810/ http://www.infosecurity-magazine.com/download/802/ The Internet powers almost every aspect of business operations today, from websites, email and ecommerce payments to behind-the-scenes data exchanges. During a distributed denial of service (DDoS) attack, the entire enterprise is at risk. Wed, 16 May 2012 00:00:00 GMT http://www.infosecurity-magazine.com/download/802/ http://www.infosecurity-magazine.com/download/803/ Ready your organization for more robust data protection measures by first implementing these five steps to improve data security in a business- and cost-effective manner. Wed, 16 May 2012 00:00:00 GMT http://www.infosecurity-magazine.com/download/803/ http://www.infosecurity-magazine.com/download/791/ It’s no secret: end users take huge security risks in order to get their jobs done. One of the biggest sources of information risk companies face is collaboration with externals. Companies can’t operate without sharing sensitive information with strategic partners, regulatory authorities, board members, consultants, acquisition partners, contractors and legions of other individuals outside the corporate network. Tue, 01 May 2012 00:00:00 GMT http://www.infosecurity-magazine.com/download/791/ http://www.infosecurity-magazine.com/download/768/ Corporate and regulatory compliance policies have forced companies to ensure that information flows are documented, auditable, and highly secure. Yet in order to conduct their business, companies must share sensitive information outside the firewall, introducing serious potential information risk. How can companies enforce security policy and cost-effectively meet compliance objectives when documents must be shared with partners, investors, board members, bidders and others outside the enterprise? Tue, 17 Apr 2012 00:00:00 GMT http://www.infosecurity-magazine.com/download/768/ http://www.infosecurity-magazine.com/download/776/ The FireEye Advanced Threat Report is based on research and trend analysis conducted by the FireEye Malware Intelligence Labs. Wed, 11 Apr 2012 00:00:00 GMT http://www.infosecurity-magazine.com/download/776/ http://www.infosecurity-magazine.com/download/729/ Many of today’s endpoints are neither known nor protected. According to Gartner, enterprises are only aware of 80 percent of the devices on their network. Those 20 percent of unknown devices are inside the perimeter of the network, are unmanaged and provide users with access.They are small, varied and highly mobile, and they are loaded with their own applications, can act as WAPs, and often contain outdated firmware or are jailbroken. Wed, 29 Feb 2012 00:00:00 GMT http://www.infosecurity-magazine.com/download/729/ http://www.infosecurity-magazine.com/download/711/ Over 95% of businesses unknowingly host compromised endpoints, despite their use of firewalls, intrusion prevention systems (IPS), antivirus and Web gateways. Mon, 20 Feb 2012 00:00:00 GMT http://www.infosecurity-magazine.com/download/711/ http://www.infosecurity-magazine.com/download/695/ In the world of identity and access management, Role Based Access Control (RBAC) is gradually becoming a frequently used term. Dictated in part by legislative and regulatory norms, an increasing number of organizations wish to manage and assign all access privileges across the network in a structured way. This is possible through the use of RBAC software. So how can companies achieve an adequate implementation of RBAC across their entire organization? Mon, 06 Feb 2012 00:00:00 GMT http://www.infosecurity-magazine.com/download/695/ http://www.infosecurity-magazine.com/download/690/ The 2012 State of the Endpoint study sponsored by Lumension® and conducted by Ponemon Institute is the third annual study to determine how effective organizations are in the protection of their endpoints and what they perceive are the biggest obstacles to reducing risk. Tue, 24 Jan 2012 00:00:00 GMT http://www.infosecurity-magazine.com/download/690/ http://www.infosecurity-magazine.com/download/642/ Both Denial-of-Service (DoS) and Brute Force Attacks have existed for many years, and many network devices tout the ability to withstand them. However, most of today’s DoS attacks target layer 7 (L7) by overwhelming applications with seemingly valid requests and Brute Force programs can send more than one million attempts per second. This paper will discuss how to intelligently mitigate these types of attacks. Mon, 07 Nov 2011 00:00:00 GMT http://www.infosecurity-magazine.com/download/642/ http://www.infosecurity-magazine.com/download/635/ This whitepaper outlines the possible benefits that Enterprise SSO and authentication management (smart card-based login) can offer organizations. Mon, 24 Oct 2011 00:00:00 GMT http://www.infosecurity-magazine.com/download/635/ http://www.infosecurity-magazine.com/download/606/ Domain Name System (DNS) provides one of the most basic but critical functions on the Internet. If DNS isn’t working, then your business likely isn’t either. Secure your business and web presence with Domain Name System Security Extensions (DNSSEC). Fri, 02 Sep 2011 00:00:00 GMT http://www.infosecurity-magazine.com/download/606/ http://www.infosecurity-magazine.com/download/607/ The way corporations operate around mobile devices is currently shifting—employees are starting to use their own devices for business purposes, rather than company-owned devices. With no direct control of the endpoints, IT departments have generally had to prohibit this or risk insecure access inside the firewall. But as more mobile devices appear on the corporate network, mobile device management has become a key IT initiative. Fri, 02 Sep 2011 00:00:00 GMT http://www.infosecurity-magazine.com/download/607/ http://www.infosecurity-magazine.com/download/592/ Five factors to look for in endpoint management and security solutions that will help reduce endpoint cost, simplify management and improve overall performance. Tue, 16 Aug 2011 00:00:00 GMT http://www.infosecurity-magazine.com/download/592/ http://www.infosecurity-magazine.com/download/593/ The volume and sophistication of malware is skyrocketing, and traditional anti-virus approaches are struggling to keep up. It’s time to rethink how we protect our endpoints. Instead of trying to build a better anti-virus “mousetrap,” without any shift in the underlying management model for vetting change in endpoint environments, security professionals should investigate more innovative approaches to endpoint security that can automate trusted change policies. Tue, 16 Aug 2011 00:00:00 GMT http://www.infosecurity-magazine.com/download/593/ http://www.infosecurity-magazine.com/download/567/ The ability to detect complex cases of computer misuse within an organisation, whether perpetrated by outsiders or from within, is vital to the continuing survival of the company. But as computer criminals refine their techniques, so must the detection methods evolve. To enable this, modern-day IT departments need to employ techniques and tools previously only available to forensic investigators within the law enforcement community. Thankfully, those tools are becoming available outside of the justice environment, and are proving highly effective in solving cases that would otherwise have remained impossible to close. Mon, 08 Aug 2011 00:00:00 GMT http://www.infosecurity-magazine.com/download/567/ http://www.infosecurity-magazine.com/download/583/ IT departments are facing three big issues when it comes to protecting the data created and stored on the systems they manage. First, the value of the data is often only realised when it is legitimately shared in some way; second, that sharing is increasingly taking place across public networks and third, the users doing the sharing are doing so on a growing diversity of devices in locations that are convenient to them. Fri, 29 Jul 2011 00:00:00 GMT http://www.infosecurity-magazine.com/download/583/ http://www.infosecurity-magazine.com/download/568/ TLS (Transport Layer Security), widely known as SSL (Secure Sockets Layer), is the most well known method to secure your web site. But it can also be used for much more. Read the white paper, "Best Practices and Applications of TLS/SSL," to learn how TLS works, best practices for its use and the various applications in which it can secure business computing. Thu, 21 Jul 2011 00:00:00 GMT http://www.infosecurity-magazine.com/download/568/ http://www.infosecurity-magazine.com/download/563/ While tools such as Web 2.0 applications, IM, P2P and portable USB media can be great for business innovation and productivity, they can introduce significant risks when not managed properly. Fri, 15 Jul 2011 00:00:00 GMT http://www.infosecurity-magazine.com/download/563/ http://www.infosecurity-magazine.com/download/536/ The actions of users who intentionally or accidentally cause damage to an organization is now one of the most complex and difficult problems facing IT security teams. In this short whitepaper, learn: • Important aspects of insider threat • How to reduce the risk of attack • The essential role encryption plays in these attacks Mon, 13 Jun 2011 00:00:00 GMT http://www.infosecurity-magazine.com/download/536/ http://www.infosecurity-magazine.com/download/513/ Take advantage of BitLocker® for Windows 7® by integrating it with the right data protection management solution to ensure and prove compliance. Download to learn best practices for managing BitLocker, how to easily integrate BitLocker into your security program plus how to reduce key management overhead and reporting. Mon, 09 May 2011 00:00:00 GMT http://www.infosecurity-magazine.com/download/513/ http://www.infosecurity-magazine.com/download/512/ Sophisticated malware is proliferating, especially at the endpoints that connect your environment to the rest of the world. Here’s what you need to know about protecting your PCs, laptops and other endpoints in the new security arms race. Thu, 05 May 2011 00:00:00 GMT http://www.infosecurity-magazine.com/download/512/ http://www.infosecurity-magazine.com/download/486/ As attacks proliferate, anti-virus software can't keep up. Fortunately, there's a better way. Fri, 01 Apr 2011 00:00:00 GMT http://www.infosecurity-magazine.com/download/486/ http://www.infosecurity-magazine.com/download/484/ It's pretty easy for organizations to get so wrapped up about what goes out on USB drives that they forget to protect against what comes in their environments via USB Thu, 31 Mar 2011 00:00:00 GMT http://www.infosecurity-magazine.com/download/484/ http://www.infosecurity-magazine.com/download/473/ Although most organizations employ email filtering, anti-virus, firewall, and anti-spyware technologies to defend against known threats, far fewer use web or URL filtering appliances to protect themselves against malware picked up on websites. In today’s shifting environment, defending against blended threats that take advantage of multiple attack vectors is imperative. Wed, 09 Mar 2011 00:00:00 GMT http://www.infosecurity-magazine.com/download/473/ http://www.infosecurity-magazine.com/download/474/ Comprehensive email archiving, at one time, was a luxury that only larger organizations could afford. But the advent of cloud-based storage and services has changed the economics of email archiving. Wed, 09 Mar 2011 00:00:00 GMT http://www.infosecurity-magazine.com/download/474/ http://www.infosecurity-magazine.com/download/469/ The rapid growth of removable media has revolutionized the way we store and transport information, encouraging increased productivity - as well as a higher risk for a data breach. Download this whitepaper to learn the top five removable media considerations to better secure these devices and avoid a serious breach. Mon, 07 Mar 2011 00:00:00 GMT http://www.infosecurity-magazine.com/download/469/ http://www.infosecurity-magazine.com/download/453/ When trying to achieve continuous compliance with internal policies and external regulations, organizations need to replace traditional processes with a new best practice approach and new innovative technology. This white paper aims to explore these themes to help organisations develop a strategy that will aid them in maintaining continuous compliance. Wed, 16 Feb 2011 00:00:00 GMT http://www.infosecurity-magazine.com/download/453/ http://www.infosecurity-magazine.com/download/446/ While tools such as Web 2.0 applications, IM, P2P and portable USB media can be great for business innovation and productivity, they can introduce significant risks when not managed properly. Mon, 31 Jan 2011 00:00:00 GMT http://www.infosecurity-magazine.com/download/446/ http://www.infosecurity-magazine.com/download/440/ Interrupting information flows, which are increasingly transmitted over the internet, has become the prime focus for today’s financially motivated hackers. With web-based malware threats becoming more complex and sophisticated, trying to counter them with software deployed within an organization is becoming a growing headache. Wed, 26 Jan 2011 00:00:00 GMT http://www.infosecurity-magazine.com/download/440/ http://www.infosecurity-magazine.com/download/425/ Small businesses can suffer hours of downtime per year for every computer used in their company, whilst the last two years have seen identity and information theft become the top security concern for the majority of business owners. Wed, 22 Dec 2010 00:00:00 GMT http://www.infosecurity-magazine.com/download/425/ http://www.infosecurity-magazine.com/download/402/ Enterprise authentication used to be simple: passwords for everyone, expensive tokens for a small number who work remotely. But the world is changing. Experts agree that username/password authentication does not provide enough protection against unauthorized access. CIOs are challenged to increase authentication security while preserving operational and budget efficiency. Organisations need stronger forms of authentication that are easy to use and less costly to purchase, deploy and maintain than traditional “one-size-fits-all” options. Mon, 15 Nov 2010 00:00:00 GMT http://www.infosecurity-magazine.com/download/402/ http://www.infosecurity-magazine.com/download/315/ Dr. Eugene Schultz, Chief Technology Officer, Emagined Security presented at our webinar titled ‘Unifying inbound and outbound content control: Secure your organisation’s web and email traffic’. This is the presentation that he gave. Wed, 07 Jul 2010 00:00:00 GMT http://www.infosecurity-magazine.com/download/315/ http://www.infosecurity-magazine.com/download/304/ Today's businesses are often under the gun to meet certain data protection requirements. Unfortunately, many companies lack a cohesive strategy for assimilating, managing, and protecting that data. New regulatory requirements are often placed upon businesses with stiff penalties for noncompliance, with equally demanding deliverable dates. Global organizations are even more complex due to international laws. In Data Protection and Compliance in Complex Environments: The CSO Executive Series by information security expert and author Kevin Beaver, readers will learn how to clearly classify, protect, and report on critical data that requires the highest due diligence and protection efforts. Wed, 16 Jun 2010 00:00:00 GMT http://www.infosecurity-magazine.com/download/304/ http://www.infosecurity-magazine.com/download/287/ Retailers and merchant service providers are under increasing pressure to adhere to PCI DSS in an effort to avoid costly fines — and the even more detrimental loss of customer confidence that results from data leakage or data breaches. Tue, 11 May 2010 00:00:00 GMT http://www.infosecurity-magazine.com/download/287/ http://www.infosecurity-magazine.com/download/288/ USB flash drives, removable disk drives and cell phones are making it easier than ever for employees who need to transfer large files – and harder than ever for companies to monitor and protect sensitive information. Tue, 11 May 2010 00:00:00 GMT http://www.infosecurity-magazine.com/download/288/ http://www.infosecurity-magazine.com/download/282/ With awareness of data breaches at an all-time high, banking institutions are working hard to implement policies and solutions that protect sensitive financial information along with their reputations and industry competitiveness. Mon, 10 May 2010 00:00:00 GMT http://www.infosecurity-magazine.com/download/282/ http://www.infosecurity-magazine.com/download/265/ Hackers are manipulating the trusted nature of Facebook, MySpace and other social networks to launch exploits and spread malware attacks. Thu, 08 Apr 2010 00:00:00 GMT http://www.infosecurity-magazine.com/download/265/ http://www.infosecurity-magazine.com/download/263/ Preventing the installation and execution of unauthorized software should be a high priority for any IT security conscious organization. Allowing users to install or execute unauthorized software can expose an organization to a variety of security and legal risks, not to mention the burden of increased support costs. This paper will compare and contrast a variety of techniques for detecting and preventing unauthorized code. Wed, 07 Apr 2010 00:00:00 GMT http://www.infosecurity-magazine.com/download/263/ http://www.infosecurity-magazine.com/download/131/ Maintaining information security is a multi-faceted operation that is best managed with a single comprehensive strategy rather than mix of tactics based on whatever point solutions are already deployed. Learn about the processes and technologies that support security information management (SIM) operations, as well as the business case for SIM. Tue, 15 Dec 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/131/ http://www.infosecurity-magazine.com/download/132/ Learn the strategies, actions, and capabilities that Best-in-Class organizations employ and technologies they choose to obtain superior performance against various security performance metrics. Tue, 15 Dec 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/132/ http://www.infosecurity-magazine.com/download/133/ In this podcast transcript, Jon Ramsey, Chief Technology Officer at SecureWorks, addresses an array of security issues currently facing businesses, including security in the cloud, insider attacks, securing mobile devices and how to manage spam and malware. Tue, 15 Dec 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/133/ http://www.infosecurity-magazine.com/download/127/ Cloud computing promises to deliver IT infrastructure services via the Internet on an “as-needed, pay-per-use” basis. Cloud resources can be provisioned on-the-fly to support specific project needs, or they can be leveraged on a longer-term basis to add capability to an existing IT infrastructure. For some companies, cloud resources even serve as the entire IT infrastructure because of the ease and speed of deployment and cost-effectiveness compared to deploying an in-house infrastructure. Thu, 10 Dec 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/127/ http://www.infosecurity-magazine.com/download/128/ This white paper, written by two security experts from Stach & Liu, Rob Ragan and Vincent Liu, describes the challenges of automated penetration testing or application scanning of Web 2.0 applications. Thu, 10 Dec 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/128/ http://www.infosecurity-magazine.com/download/130/ This study reveals some eye-opening database security and compliance trends based on research from 175 enterprise organizations. Thu, 10 Dec 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/130/ http://www.infosecurity-magazine.com/download/113/ You know your organisation's data is its lifeblood, yet the protection of IP and sensitive information is all too often inadequate in today's networked world. Fri, 13 Nov 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/113/ http://www.infosecurity-magazine.com/download/114/ Blended threats are spam stealth attacks - moving undetected through your mail servers and blending in with all the other email - until they strike. They can compromise personal or corporate data, "recruit" computers into a network of bots, or initiate keystroke recording that collects passwords and other information. Fri, 13 Nov 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/114/ http://www.infosecurity-magazine.com/download/115/ The problem of Web-borne threats is not theoretical: millions of users have been impacted and the threat is getting worse. Today, Web threats are more numerous and virulent than those delivered in email, and it is easier to be infected by them. Fri, 13 Nov 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/115/ http://www.infosecurity-magazine.com/download/109/ As the first decade of the new century draws to a close, organisations are increasingly being asked to prove that they have achieved compliance - as well as actually complying with - a raft of relevant data and privacy protection. Fri, 06 Nov 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/109/ http://www.infosecurity-magazine.com/download/110/ A new report based, provided by Eset, provides details on the changing threat landscape in the United Kingdom. Fri, 06 Nov 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/110/ http://www.infosecurity-magazine.com/download/111/ This report, provided by Eset, offers an in-depth look at the top 10 malware threats through Sept. Fri, 06 Nov 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/111/ http://www.infosecurity-magazine.com/download/107/ IT organisations want to provide high-quality, low-cost technology services to business units as part of their basic mission. However, software complexity, manpower changes, mergers and acquisitions, and changing business requirements have complicated that mission. Trends such as managing mobility, virtualisation adoption, new and increasing compliance and governance requirements, and the need to modernise existing infrastructure add further complication to managing the IT environment. Tue, 27 Oct 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/107/ http://www.infosecurity-magazine.com/download/108/ Industry standards and government regulations such as Sarbanes-Oxley, PCI-DSS, HIPAA, Gramm-Leach-Bliley Act, and FISMA require organizations to constantly strengthen the protection of mission-critical information. With billions of dollars of annual losses attributed to security breaches, corporations are under pressure to eliminate non-secure legacy systems. Tue, 27 Oct 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/108/ http://www.infosecurity-magazine.com/download/103/ Capital Card Services provides credit card service management to financial and non-financial companies that desire to offer credit products and wish to outsource the necessary back office services. Thu, 22 Oct 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/103/ http://www.infosecurity-magazine.com/download/104/ More than 250 online sites entrust MarketLive to deliver stellar shopping experiences to their customers, necessitating both safeguards to protect cardholder information and compliance with industry regulations such as the Payment Card Industry’s Data Security Standard (PCI). With an increasing number of retailers facing PCI requirements, MarketLive decided to cre¬ate a strategic market advantage and become PCI compliant themselves. Thu, 22 Oct 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/104/ http://www.infosecurity-magazine.com/download/105/ Security threats are real-time and continual and changes occur overnight.. Thu, 22 Oct 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/105/ http://www.infosecurity-magazine.com/download/97/ Compliance is a key driver for deployment of IT security controls, and many organisations are pursuing automation to improve accuracy and lower costs of fulfilling requirements. Automating controls is not just laudable – it’s essential for finding and fixing a myriad of vulnerabilities that enable criminals to breach enterprise IT, disrupt electronic business processes, and steal confidential business and customer data. Wed, 21 Oct 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/97/ http://www.infosecurity-magazine.com/download/99/ Compliance with the Payment Card Industry (PCI) Data Security Standard (DSS) is mandatory if your company stores, processes, or transmits payment cardholder data. This reference source, provided by Qualys, is all about understanding PCI and how merchants can comply with its requirements. Wed, 21 Oct 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/99/ http://www.infosecurity-magazine.com/download/100/ Premise-based IP PBXes (Internet Protocol Private Branch eXchanges) are changing how businesses implement and use their voice communications. Wed, 21 Oct 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/100/ http://www.infosecurity-magazine.com/download/101/ Compare side-by-side functionalities of seven leading IP phones. Wed, 21 Oct 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/101/ http://www.infosecurity-magazine.com/download/95/ How do organisations pass their PCI DSS audits yet still suffer security breaches? Paying attention to PCI DSS checklists only partially secures the cardholder environment. Fri, 16 Oct 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/95/ http://www.infosecurity-magazine.com/download/96/ Learn how to align PCI compliance with business processes for a more streamlined and reliable IT infrastructure with this whitepaper from the IT Compliance Institute. Fri, 16 Oct 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/96/ http://www.infosecurity-magazine.com/download/92/ With an increasing mobile force using a variety of wireless devices to access the Internet and download applications, confidential information becomes more easily accessible to hackers. This has complicated the job of information security professionals and raised awareness of how vulnerable mobile computing devices can be. Wed, 14 Oct 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/92/ http://www.infosecurity-magazine.com/download/91/ From compliance requirements to data gathering for forensic purposes, companies have opened up the floodgates to log data. Based on audit findings and internal investigations, they have deployed expensive technologies and lots of personnel without a full understanding of what to log and why. Companies and organizations need a log management strategy that combines requirements from auditors with a process for the security team based on risk to gain better visibility into log data. Tue, 13 Oct 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/91/ http://www.infosecurity-magazine.com/download/90/ The conclusion is quite clear: companies cannot afford data loss, however caused. Prevention becomes a priority in the strategy to data loss. DLP comes down to reducing the risks of information loss by locating and controlling sensitive data. Thu, 08 Oct 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/90/ http://www.infosecurity-magazine.com/download/88/ At the Infosecurity Virtual Conference 2009, Eleanor Laing, Conservative MP, presented in our session, 'Infosecurity in government: What's going wrong, and how to fix it'. This download is the Conservative policy paper, titled Reversing the rise of the surveillance state. Tue, 29 Sep 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/88/ http://www.infosecurity-magazine.com/download/82/ The past few years have witnessed several highly publicized cases of security breaches at major corporations. These high-profile incidents have emphasized the need to protect and control sensitive corporate information within the enterprise environment. As more data resides at the endpoint, administrators are being forced to defend a new architecture that has critical corporate resources dispersed around the globe. Tue, 01 Sep 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/82/ http://www.infosecurity-magazine.com/download/83/ The responses received in a recent IDC survey regarding corporate IT security give rise to serious concerns about the pace at which enterprises are responding (or are able to respond) to the growing security threat to the endpoints of their IT infrastructure. In particular, the responses show that enterprises appear to be falling behind in the following areas: HIPS usage, layered protection, mobility security. Tue, 01 Sep 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/83/ http://www.infosecurity-magazine.com/download/81/ Organizations oftentimes spend upwards of 50% more on compliance efforts than necessary. This is due to the inefficient deployment of resources and manpower to satisfy the burgeoning set of internal and external compliance and audit mandates. This whitepaper outlines five ways to streamline compliance efforts and thereby reduce the IT audit tax. Wed, 26 Aug 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/81/ http://www.infosecurity-magazine.com/download/74/ White paper reports on new Web threats and what’s being done to defend businesses. Tue, 18 Aug 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/74/ http://www.infosecurity-magazine.com/download/75/ White paper reports on severity of email/web-borne threat and offers solutions for exposing it. Tue, 18 Aug 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/75/ http://www.infosecurity-magazine.com/download/76/ White paper reports on technology which complements data resiliency and recovery strategies. Tue, 18 Aug 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/76/ http://www.infosecurity-magazine.com/download/77/ White paper offers insight into technologies enabling quick, easy data recovery to any point in time Tue, 18 Aug 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/77/ http://www.infosecurity-magazine.com/download/78/ White paper offers practical advice to ensure success. Tue, 18 Aug 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/78/ http://www.infosecurity-magazine.com/download/73/ IDC examines the challenging process of firewall operations and the growing need for an automated approach to controlling and analyzing network security changes and configuration management processes throughout their entire life cycle. Fri, 07 Aug 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/73/ http://www.infosecurity-magazine.com/download/71/ Passwords are a known weak link and continue to be exploited at alarming rates, making two-factor authentication mandatory for many organizations. Whether you’re planning to implement two-factor authentication for the first time or are looking to expand or upgrade your current implementation, this whitepaper will help you choose the two-factor solution that is right for your business. Fri, 31 Jul 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/71/ http://www.infosecurity-magazine.com/download/70/ As businesses embrace mobility, IT professionals are facing new challenges. But gone are the days when stodgy IT departments would fight this business imperative. Most organisations today are simply trying to get smarter about how to manage and secure their increasingly mobile population and distributed assets. Wed, 22 Jul 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/70/ http://www.infosecurity-magazine.com/download/69/ You can’t afford to ignore email archiving, security, internal policy or regulatory requirements, but can you afford to keep paying for it as multiple systems on top of your email system? Fri, 17 Jul 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/69/ http://www.infosecurity-magazine.com/download/68/ To develop the necessary trust and confidence within the Public Sector communities and between Government and the citizens, a common approach to risk management and the implementation of anInformation Assurance framework becomes increasingly important. Thu, 16 Jul 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/68/ http://www.infosecurity-magazine.com/download/67/ The IT threat landscape is evolving. Organised crime is involved & it’s big business. Criminals are hunting for confidential business data & the techniques they employ are increasingly complex. Wed, 01 Jul 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/67/ http://www.infosecurity-magazine.com/download/66/ For most companies, information security is a top priority. Demand for protecting data and employee confidentiality is continuing to grow, especially in industries that require a regulatory-compliant environment. However, applying user names and passwords for authentication is insufficient. Thu, 25 Jun 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/66/ http://www.infosecurity-magazine.com/download/64/ The archiving market continues to expand as ‘cool’ vendors enter with new storage options and services that make archiving more cost-effective and ease the migration of older data. Wed, 17 Jun 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/64/ http://www.infosecurity-magazine.com/download/63/ It is critical that organizations are proactive in their approach to mitigating insider threats. Week-after week there are disturbing, déjà vu-like stories of significant data breaches, arrests connected to insider attacks, or investigation reports emphasizing the necessity to control privileged accounts that hold highly sensitive data. Tue, 16 Jun 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/63/ http://www.infosecurity-magazine.com/download/61/ This report includes the input of over 2,000 companies running AIX and IBM i (i5/OS) environments regarding their data protection, recovery and optimization technologies and strategies. Thu, 11 Jun 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/61/ http://www.infosecurity-magazine.com/download/46/ Once a mere novelty peripheral, USB storage devices are now as common as the mouse and keyboard. Analysts say by 2010 the market will have shipped 2.8 billion USB-enabled devices. Unfortunately, even as USB devices have evolved into useful storage media, they’ve also turned into a security nightmare for organisations. Fri, 05 Jun 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/46/ http://www.infosecurity-magazine.com/download/42/ The rise of identity and access management has revolutionized how the enterprise defines a key domain of IT risk control. Access management has become a cornerstone of best practice in IT governance, risk and compliance control — except for the most important access of all, the privileged user for shared administrative accounts, and the embedded application identities found within applications, scripts and application servers. Mon, 01 Jun 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/42/ http://www.infosecurity-magazine.com/download/44/ When you talk about document security, there are many different ideas as to what security is actually wanted or needed. But the important question is, “what are you trying to achieve?” Mon, 01 Jun 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/44/ http://www.infosecurity-magazine.com/download/45/ Is the PDF security software you are looking to purchase really secure? If the PDF security software you are evaluating can be simply broken, then you might as well save your money. Mon, 01 Jun 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/45/ http://www.infosecurity-magazine.com/download/36/ eBook reports on how data-stealing malware is thwarting enterprise security, and offers solutions to combating these threats. Tue, 19 May 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/36/ http://www.infosecurity-magazine.com/download/35/ This whitepaper will examine PCI DSS and explain how Lumension® Compliance and IT Risk Management can help organizations reduce the cost of addressing compliance by streamlining and automating the IT audit process, unifying control and compliance frameworks, automating assessment and remediation processes, and enabling continuous monitoring of their compliance and IT risk management posture. Fri, 15 May 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/35/ http://www.infosecurity-magazine.com/download/32/ White paper addresses new approach to protecting data, assets and IP. Fri, 17 Apr 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/32/ http://www.infosecurity-magazine.com/download/31/ The collaborative benefits of Web 2.0 technologies have fueled rapid growth in online consumer markets and now are being adopted by businesses worldwide. With these technologies come new types of attack vectors. Wed, 08 Apr 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/31/ http://www.infosecurity-magazine.com/download/29/ The much anticipated Breach Security Lab’s Web Hacking Incidents Database (WHID) 2008 Annual Report is ready for download. Tue, 07 Apr 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/29/ http://www.infosecurity-magazine.com/download/23/ Vulnerability assessment is a complex and wide-ranging subject. This timely and informative white paper will help you understand the subject and learn how to cost-effectively implement the IT security strategy within your organisation. Written by Information security industry veteran Bigfix, this paper will be a valuable addition to your educational resources - download it today. Mon, 06 Apr 2009 00:00:00 GMT http://www.infosecurity-magazine.com/download/23/