Get up-to-the-minute news and opinions, plus access to a wide assortment of IT security resources that will keep you current and informed.

Keep me logged in Forgot your password?

Please wait...

Please wait...

Security Context Delivers Actionable Intelligence

Just as context is key to understanding a concept, security data can also be enriched with contextual data to provide better understanding and actionable intelligence. Learn how a security foundation built on organizational, infrastructure and external context can elevate the information provided by both "Next Generation" and legacy security devices provides actionable intelligence - the ability to quickly and efficiently make fully informed security decisions.
 

Data Encryption: If they Can't Sell It, They Won't Steal It

As cybercriminals have become more skillful and sophisticated, the constantly mutating threat landscape requires new defensive measures. How can companies prevent cybercriminals from monetizing stolen data? Hear a leading Forrester analyst and Vormetric share their latest research and tips for protecting your sensitive data.
 

Developing Best Practices to Application Whitelisting: An In-Depth Technical Webcast

As IT professionals know, endpoint security needs are evolving: new vulnerabilities are disclosed every day, new malware creation is exploding, and traditional AV signatures cannot keep up. You know that patch management and AV are necessary - but not sufficient - layers of endpoint defense. Intelligent application whitelisting is an important addition to your risk mitigation strategy, and taking prudent measures to establish a best practices approach can help reduce costs and risks in the long term.
 

Defending Against the Rise of Hactivism

DDoS (Distributed Denial of Service) attacks have evolved from a nuisance perpetrated by pranksters to a sophisticated tool wielded by criminals. DDoS defenses are rising to the challenge, incorporating greater scale and intelligence. DDoS defense is no longer one size fits all.
 

Disclosures 2012: The Vulnerability of Publicly Traded Companies

The proliferation of cyber attacks that we have witnessed in the past year has sparked intense interest in the disclosure of cybersecurity risks by public companies. Public companies are subject to greater compliance requirements, generally have more funding, and were recently encouraged by the SEC to disclose material cybersecurity risks in their SEC filings.
 

Cyber Threat Readiness - The New Reality

Most IT security professionals readily acknowledge that is only a matter of time before their organizations experience a breach, if they haven't already. And, according to the recent Cyber Threat Readiness Survey, few are confident in their ability to detect a breach when it happens.
 

Moving Securely to Virtual Data Centers

Compelling economic and operations benefits puts moving to virtual data centers high on the approved projects list of many organizations. New processing and security infrastructure, including next gen firewalls, promise significant leaps in both performance and security. But what are the key factors to focus on to ensure these are delivered as promised?
 

Harris Interactive Survey Findings: Securing Enterprise Data & Best Practices for Secure Mobility

A recent survey of 302 IT decision makers in the U.S. and Canada revealed 91% of companies allow removable storage devices on their corporate networks, but only 34% enforce encryption.
 

Visualizing Risk - Measure Twice, Act Once

The challenge every security pro faces each morning is "what to do first?" Big picture planning, threat detection, refining operations and automating compliance clamor for attention every day. How to be most effective? By consistently making fact-based decisions, based on operations data, that reflect your organization's priorities.
 

The Politics of Security: Getting What You Want (And Avoiding What You Don't)

Real-life discussions of CSO/CISOs on avoiding the pitfalls and problems of enterprise IT Security—negotiating risk between executive suite, business units, and even within their own IT organizations.
 

Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers: Case Studies for Decision Makers on Maximizing Accountability and Visibility

Gain insights into how to virtualize more by building a security fortress around your "in-scope" virtual environment with HyTrust. Join HyTrust experts and specials guests outline the business drivers for this critical security blueprint.
 

Security Management 2.0: Time to Replace Your SIEM?

The reality is that many organizations have spent millions and years trying to get productivity out of their SIEM - with mediocre results. Most security teams need to start asking themselves some key questions: Is it time? Are you waving the white flag? Has your SIEM failed to perform to expectations despite your significant investment? If you are questioning whether your existing product can get the job done, you are not alone.
 

Unified Security: Respond and Prevent to Manage Risk

Today, business is conducted over a variety of networks and devices. As a result, traditional data protection is more complex than ever before. It is no longer feasible to protect data by preventing one type of attack at a time with specialized products that work in isolation.
 

Continuous Monitoring: You Can't Take your Eye Off the Ball - Ever!

Attackers don't sleep. Actually, their automated tools for reconnaissance never take a break and due to the power of the Internet, an attack on your organization can originate from literally anywhere. Compound that with the ongoing failures of most preventative security measures (AV, IPS, etc.) and the increasing sophistication of targeted attackers, and you leave organizations with no choice but to focus more on detection than prevention. Join Securosis analyst Mike Rothman and Tenable Network Security's product manager Jack Daniel on this webcast and learn how an approach to continuous monitoring can help any organization "React faster and better" to emerging threats, and the importance of monitoring everything you can.
 

Top Three Ways to Detect Advanced Malware Infiltrations and APTs

In 2011, breaches dominated the security headlines. Whether you call them advanced persistent threats (APTs), targeted attacks, or advanced malware infections, their devastating results are the same. And stopping data theft from these advanced cyber threats has become a high priority project for many companies. What's so different about these stealthy threats that allow them to bypass traditional security layers? How are they successful at infiltrating networks?
 

Fight Back Against Spear-phishing - Arm the User

Looking at the news in information security across the last 18-24 months, one common denominator emerges - the user has become the unwitting accomplice in the breach of our networks. Invincea offers a solution to this problem - a solution that protects the network from the user and the user from him or herself.
 

Secure Mobile Computing on USB

Secure portable operating environments on USB have evolved to being able to carry an entire operating system on a small flash drive form factor. Boot-from-USB solutions on secure USB devices can instantly turn a non-trusted, unmanaged machine into a fully managed trusted desktop. Teleworkers can use home computers as if it were a corporate laptop. Corporate machines can be re-purposed for multiple uses such as separating environments, or thin client replacements.
 

Protect the Enterprise in Your Pocket | Managing Mobility with iPhone/ iPad Security

Your end users are connecting their personal devices, including iPhones & iPads, onto the enterprise network using unsecure networks, from coffee shops to airports, basically everywhere. That's why we consider the enterprise to now be in the pocket of your employees, anywhere they use mobile devices.
 

Regain Control of Your Firewalls: Tighten Security and Streamline Operations

More than two decades into utilizing network firewalls, most organizations are still struggling to properly manage them. Cluttered rulesets, overly permissive policies, and poor change management processes are just some issues plaguing organizations.
 

Security Management 2.0: Time to Replace Your SIEM?

The reality is that many organizations have spent millions and years trying to get productivity out of their SIEM - with mediocre results. Most security teams need to start asking themselves some key questions: Is it time? Are you waving the white flag? Has your SIEM failed to perform to expectations despite your significant investment? If you are questioning whether your existing product can get the job done, you are not alone.
 

10 minutes on "Rethink Your Endpoint Security Strategy"

Today's IT network is more distributed and virtual than ever with the increased use of remote endpoints and cloud-based applications. And increasingly sophisticated malware is targeting the information stored on and accessed by these endpoints and applications. The security status quo has left organizations managing a multitude of products - and has not reduced the IT risk. This series examines the evolving threat landscape, why current defenses are decreasing in effectiveness and what key strategies you can implement to shift from the status quo and improve security from zero-day and targeted attacks, while also simplifying and reducing the costs of managing the endpoint environment.
 

Database Monitoring & SIEM — Beyond Compliance to Data Breach and Fraud Detection

Database Activity Monitoring is a key requirement of many compliance mandates - monitoring and logging all database activity to ensure that sensitive data is being access appropriately, and by the right people. But when DAM and SIEM are integrated, the combination provides valuable context that can be used to actively protect your network from data loss and fraud. Learn how an integrated, high performance SIEM & DAM solution both addresses compliance needs and helps detect insider threat and external attacks.
 

Securing, controlling and auditing critical databases

Implementing compliance and internal audit reporting for databases is a critical IT requirement. Auditors need proof that databases containing sensitive data were not improperly accessed or altered, and database administrator activity must belogged and monitored.
 

SC Magazine 20/20: Mobile Security and Network Access Control Essentials

Smartphones, tablets and personal devices are on your corporate network. Your users want personal connectivity and executives wants added productivity, but security must be maintained. What is the prudent path to satisfy all constituents? Lead by Illena Armstrong and Gil Freidrich VP of Technology at ForeScout, this timely webcast will examine: key mobile security risks, pertinent policies and alternative countermeasures, 5 proven scenarios for effective guest management, and phased steps for effective visibility and seamless enforcement.
 

The State of Software Security

What vulnerabilities threaten the integrity and performance of your software in the software supply chain? Find out In Veracode's presentation The State of Software Security -- a semi-annual report representing the anonymized data from billions of lines of code submitted for analysis by large enterprises, commercial software providers, open source projects, and software outsourcers in Veracode's cloud-based application risk management services platform.
 

Physical Logical Convergence: Enhanced Security for the Enterprise

As approaches for logical and physical access increasingly draw on similar technologies, CIOs seek efficient methods to consolidate these two environments to save money and enhance security. With the evolution of smartcard technology, enterprises can integrate two security environments — physical and logical access — to provide consolidated management, improved ROI and a total security view.
 

The Dependent Relationship of IT Security and Business Performance

The forceful advancement of Web 2.0 applications and mobile devices have revolutionized how companies operate. They've also radically affected the day-to-day processes of a typical IT department. So the question remains: how can IT create policies that help increase employee productivity and still enforce tight security measures?
 

Detecting Advanced Threats and Malware with SIEM

While many organizations have deployed security information and event management (SIEM) solution to meet regulatory compliance requirements, high performance SIEM solutions can do much more. By correlating events, logs, and network flows SIEMs can uncover a range of diverse &low and slow" attacks. With threats moving rapidly "up the stack," content aware SIEMs can integrate database session and application layer data to detect dangerous botnets, hidden payloads and covert communications channels.
 

The True Cost of AV: How to Ensure More Effective and Efficient Endpoint Security

Tuesday April 5th 2011 - Today, more than 1.6 million new malware signatures are identified each month. And more organizations are falling prey to "zero-day" attacks - malware for which an anti-virus signature does not exist. It's no surprise that roughly half of the organizations surveyed in a 2010 Ponemon Institute study reported an increase in their IT operating expenses - a main driver of that cost increase was malware. Traditional anti-virus simply can't keep up in the malware arms race and relying on it as your primary defense will prove costly.
 

Stop Threats and Data Breaches at the Source. New CPE credit opportunity!

Wednesday, Mar. 30th 2011 - Every day information security analysts battle a technically competent and motivated adversary determined to harm their organizations. Join our webcast to understand the tactics used by hackers and malicious insiders as they try to extract confidential data without authorization. You will also learn how to achieve complete visibility across your organization with SIEM, and how a focus on User Monitoring, Database Activity Monitoring and File Monitoring can stop these adversaries in their tracks.
 

Security in the Social Web: 2010/2011 and Beyond

Thursday, Mar. 31st. 2011 - It's unavoidable: Your company has to go social to keep up with today's Web culture. But sites like LinkedIn, Twitter, and Facebook are easy targets for spam, malicious code, and poisoned Web links. This puts your organization just one click away from a serious security breach. Find out how to dodge these threats while riding the cutting edge of the social Web.
 

10 Minutes on Multi-Factor Authentication

Escalating IT security threats and strengthening regulatory requirements are driving adoption of multi-factor authentication to unprecedented levels.
 

The True Cost of Compliance - Ponemon Institute Research Study

Ponemon Institute and Tripwire have completed their annual cost of compliance benchmark study of multinational organizations. The study reveals that the costs of non-compliance, which includes disruption of services, fines, legal fees and more, is almost three times the cost associated with compliance. It also provides insight into activities organizations can undertake to reduce the cost of compliance while also improving security.
 

Visual Privacy: Is it the Weak Link in Your Data Security Strategy?

Did you know two-thirds of working professionals expose sensitive corporate data outside the workplace - some even exposing highly regulated and confidential information like customer credit card and social security numbers? Visual Privacy - the protection of sensitive information as it is displayed on screen - is an emerging issue in information security and an under-addressed area of risk in corporate security policies. Given the rapid digitization of sensitive information and the growing mobility of workers today, the need to protect displayed information has grown substantially.
 

10 Minutes on Securing Virtualized Data Center Infrastructure

Virtualization is the number one technology priority for Enterprise CIO's according to a recent Gartner survey.
 

Top 5 Security Threats to Watch for in the Coming Year

Are you ready for 2011? As we return from the holidays for another year, we should be prepared for the security threats we will face in 2011. In this webcast, ArcSight security expert, Aarij Khan, will highlight what to expect in the upcoming year.
 

The trusted insider threat - Lessons learned from WikiLeaks

Protecting against and detecting potential data leakage is at the heart of the WikiLeaks controversy. However there is no "one size fits all" solution. It must be addressed at multiple levels with collaborating technologies, including SIEM, database monitoring and application monitoring, to provide the most complete prevention and detection strategy possible.
 

10 Minutes on Universal Log Management

How many log management solutions does it take to mitigate cybersecurity risks, demonstrate compliance and streamline operations?
 

Borderless security: confidence in a virtual world

With the recent surge in workforce mobility, social networking and Web 2.0, organizations today face a new generation of threats that jeopardize the traditional corporate umbrella.While these areas are creating exciting new ways to connect with employees, customers and clients, they are also expanding the borders of the traditional enterprise and therefore introducing new avenues for potential breaches in security.
 

10 Minutes on Automating Database Vulnerability Assessment to Prevent Data Breaches

Databases have, by far, become the leading target of hackers and insiders with malicious intentions. According to Verizon's 2010 Data Breach Investigations Report, 92% of breached records originated in database servers. The fact that they contain organizations' most valuable data, such as customer records, financial information, employee PII and credit card data make them an attractive target.
 

Detecting Advanced Threats and Malware with Content Aware SIEM

While many organizations have deployed security information and event management (SIEM) solution to meet regulatory compliance requirements, high performance SIEM solutions can do much more. By correlating events, logs, and network flows SIEMs can uncover a range of diverse "low and slow" attacks. With threats moving rapidly "up the stack," content aware SIEMs can integrate database session and application layer data to detect dangerous botnets, hidden payloads and covert communications channels.
 

The Compliance Factor: Protecting your Customer Data and Your

Government has had an increasingly heavy hand in how U.S. businesses protect their networks and the sensitive data within them by introducing legislation with major IT security implications, such as HIPAA, NERC and SOX. In the case of PCI DSS, the industry is self-regulating to try and stay ahead of government actions. With increasing demand for stronger levels of privacy and protection from malicious threats, companies must meet ever-evolving requirements or risk having both their reputations and revenue streams destroyed by breaches and the bad publicity that ensues.
 

Cloud Security: The IDentity Factor

If you're building out your Cloud Security strategy - or already have one in play - you will not want to miss this Webinar. In "Cloud Security - the Identity Factor", Ping Identity's CTO, Patrick Harding, will discuss the critical role of Identity in Cloud Security. The Webinar will address the dangers of synchronizing passwords, and why Internet Single Sign-On is a secure alternative.
 

A Practical Approach to DLP: Dive in!

DLP projects have tended to founder in complexity - and a lot of that is the discussion of hypothetical cases: what if we find this? How should we escalate or define a process if we find that? But many organizations report that what they find with DLP technology is often very different from what they thought they would.
 

BeyondTrust 10 minute Webcast Series

Drawbacks of Open Source Privileged Identity Management, Least Privilege Application Compatibility for Windows 7 Migrations, & Top 5 Things You Should Do for Your Virtualized Environments
 

Blue Coat 10 minute Webcast Series

Compliance without Complexity & 2020 Vision of Web Security
 

Pros and Cons of Different Strong Authentication Options

Join Imprivata in exploring which authentication modality is right for your organization. This session will explore the pros and cons of user authentication options in addition to reviewing how you can mix and match various modalities to provide greater security.
 

Detecting dangerous PDFs and application layer threats.

Malware making use of PDF files is one of many complex threats that are "moving up the stack" to exploit vulnerabilities at the application and session layers. Visibility into the contents of applications, documents and protocols is needed to capture critical data to detect and remediate these advanced threats.
 

Combating modern threats and risks

Join ArcSight security expert, Ryan Kalember, Director of Product Marketing, as he discusses how organizations can best defend against cyberthreats that have grown substantially in sophistication and potential to cause harm. This webinar will explore the commonalities among the latest breaches and detail the most pervasive new techniques. Attendees will learn how user activity monitoring techniques can be used to detect these new attacks
 

Manage complexity with security as a service

As organizations undergo rapid IT infrastructure transformation and look to deploy more efficient, secure and productive technologies, security event and incident management and regulatory compliance become mission critical priorities, as well as arduous tasks. Join Novell, Wipro and Dave Shackleford to learn how partnering with an IT security service provider can help you manage security complexity, and put you on a path to compliance while reducing operating costs.
 

Guardium, an IBM Company - Protecting Sensitive Data: Detecting and Blocking Unauthorized Access or Changes

Protecting Sensitive Data: Detecting and Blocking Unauthorized Access or Changes In 2009, databases were the number one source of breached records globally. Databases are an attractive target, containing organizations' most sensitive data, including financial records, credit card information and customer data. It is also the reason they are increasingly subject to regulations such as SOX, PCI DSS and the EU Data Privacy Directive.
 

Privileged user monitoring: Automating compliance & managing risk

Do you have visibility into everything that privileged users are doing on your network? The frequency of these threats is increasing and compliance regulations are changing to mandate monitoring of privileged user access. Yet most organizations can't answer "yes" to these questions. This panel discussion will focus on both the practical and regulatory aspects of effective privileged user monitoring - featuring two IT executives and a compliance expert.
 

The prosumer changes everything

The people in your organization will do whatever they have to do to be productive. And if that means that your current IT infrastructure is not conducive to helping them be productive, they will look for ways around your IT infrastructure safeguards. What does that mean? That means if their e-mail box is not large enough they will go online and find ones that are. That large file can be sent via e-mail -- they will find services and technologies to solve that issue. Can't get access to presentations and documents necessary to do that perfect sales presentation when you are remote -- they will start hosting the very same presentation and documents in a place that allows them to get to it. The iPhone and android phones are not supported by IT -- they will create proxies using home computers to push and pull e-mail from their smart devices.
 

Best practices in database security

The concept of security in layers takes the view that no single component can ensure the level of protection necessary to safeguard sensitive data. Instead, by leveraging the various technologies and approaches available today, organizations can implement security policies that meet regulatory requirements, and provide cost-effective controls to minimize data breaches.
 

Content aware SIEM defined

Content Aware SIEM represents a new generation of Security Information and Event Management (SIEM) capabilities that extend the value and benefits of SIEM by providing visibility into the contents of applications, documents and protocols.
 

Protect the critical infrastructure using firewall compliance & network analysis

Keeping the network secure has become a daunting proposition for most enterprises. With hundreds of firewalls and a long list of network devices, it's hard for network teams to determine where to focus efforts to keep the network secure and available to users.
 

Choosing Strong Authentication

There are clear benefits to a company in providing remote access to the corporate network for their employees, customers and partners. However, access to the corporate network through an extranet, remote access gateway (VPN) or Microsoft® Windows® desktop effectively opens a door to the organization's most sensitive assets, intellectual property and customer data.
 

TippingPoint - Securing the Next Generation Data Center

The network security industry has witnessed shifts in three major areas. Compliance has gained tremendous traction as organizations are dealing with multiple regulations to mitigate the risk in data loss and application downtime. Second, the convergence of multiple security functions into products that support a single function has evolved to include policy management integration. Third, the consolidation of data center infrastructure is being driven by virtualization tools, such as cloud computing models. In this 10-minute webcast, Roark Pollock will discuss how business benefits could be undermined by rising security exposure and the complexities of today's evolving threat landscape if the right protection is not in place.
 

What happens in your enterprise, stays in your enterprise

Ever stuck in a situation where you're expected to do more with less. Or have to choose among three different solutions, one each for cybersecurity, compliance and IT ops? Don't know what to do? Attend this informational webinar to learn how to convert digital fingerprints into a single pane of glass to combat cybercrime, demonstrate regulatory compliance and streamline IT operations.
 

The evolving state of the endpoint: How will you cope?

Endpoint security has long been a major component in the IT security arsenal. However, the complexion of today's "workforce" and the IT environment is dramatically changing, forcing organizations to rethink the definition of an endpoint protection strategy.
 

Mobile Device Security

Today's new business culture, with expanding corporate perimeters, ubiquitous network connectivity, and the proliferation of mobile devices, involves new security risks. Businesses must ensure that their security policies are up to date and effectively communicated to their workforces in order to enforce acceptable use and protect against data theft and hijacking. Join John N. Stewart, Cisco Vice President and Chief Security Officer, to hear his thoughts regarding current mobile workforce trends and challenges, and his recommendations on how to best secure mobile devices.
 

Secure Teleworking: Increasing Operational Excellence and Productivity

Establishing, developing, and maintaining robust and secure business teleworking environments for their employees can help organizations successfully reduce costs and increase productivity. In this 10 minute webcast, Mick Scully, VP of Product Management for the Access Router Technology Group at Cisco, will explore the evolution of teleworking and provide a recap of the benefits organizations can achieve as well as some of the security challenges they must address when building a teleworking platform for their remote users.
 

Conquering data protection challenges

Join John Kindervag, senior analyst from Forrester Research, and Geoff Webb, senior manager of product marketing for NetIQ, for a web seminar on "Conquering Data Protection Challenges." You'll learn how the pressures to secure sensitive information are growing evermore acute, how the penalties associated with a breach can be very damaging, and how to begin to manage and secure access to your data wherever it resides.
 

PCI Compliance Update

PCI DSS compliance continues to challenge businesses. 2009 brought additional guidelines, implementation changes and the PCI DSS 1.2 went into effect. 2010 promises further evolution of the PCI DSS standard. In this 10 minute webcast, Terri Quinn of Cisco Systems, a member of the PCI Board of Advisors, will give a recap of 2009 and the trends for 2010 in the world of PCI compliance.
 

IT GRC: Managing Risk, Improving Visibility, and Reducing Operating Costs

This 10 minute webcast features Derek Brink, principle analyst for the security, risk and compliance practice at Aberdeen Group Research. His presentation features the highlights of a recent study which examines the practices of best in class companies in the area of governance, risk and compliance (GRC). You'll discover that despite the emphasis on GRC there are still many companies not able to achieve best in class results.
 

How Data Breaches Happen

Everyone knows that data breaches can happen anywhere at any time. But what is far less understood is why data breaches happen and what can be done to prevent them. This webcast answers these three questions. It discusses the most common causes of data breaches and illustrates each cause to show how breaches can occur in multiple ways. Finally, it will show how Symantec is helping customers around the world prevent these data breaches and what steps you can take to protect your organization.
 

Risk Management & File Transfer

File transfer is a core business process at many organizations, and we're seeing the volume, reliance and sensitivity of files and data increasing exponentially. Traditionally, file transfer has simply been synonymous with FTP. However, today's focus on security and governance are requiring that organizations quickly deploy secure and managed file transfer solutions.
 

The Effects of Windows 7 UAC on Enterprise Security

The most anticipated and misunderstood change in Windows 7 is User Account Control (UAC). Microsoft introduced UAC in Windows Vista to eliminate the need for users to run with administrative privileges. Despite its good intentions, Vista's UAC was widely criticized for its frequent user prompting for routine applications and installations and its inability to remove the need for users to run as local Administrator.
 

PCI DSS: Logging and Event Management Enable Compliance

This 10 minute webcast features Matt Schnarr, Security Specialist with Intellitactics and reflects his real life experience at a global investment bank implementing consistent logging and event management for compliance and security.
 

The Security of Electronic Health Information Survey

Join us for an hour-long webcast covering the recent survey by the Ponemon Institute, The Security of Electronic Health Information. This webcast will include important findings from the recent survey by The Ponemon Institute, as well as current best practices to secure health care data.
 

Guardium -- Best Practices for Database Security & Compliance

SQL injection attacks, malfeasance by insiders and regulatory requirements are driving organizations to find new ways to secure their critical databases and achieve compliance with SOX, PCI-DSS, NIST 800-53 and data protection laws.
 

Cybercrime and collaboration: Security considerations for today's complex environment

Securing IT infrastructures today has become more of a challenge with the rise of consumer electronics usage in the workplace, Web 2.0 social networking, and criminal sophistication. Join us for an in-depth update on global threats and trends as outlined in the recently-released Cisco 2009 Midyear Security Report. The key findings of the report will be discussed along with proactive ways to defend organizations in today's distributed environment.
 

Firewall Audit Webcast: Rule Your Firewalls with Automated Firewall Auditing

If you are not concerned about the potential risks to your IT environment posed by mis-configured firewalls or competing rules - you should be. The average enterprise has hundreds of firewalls and thousands of rules - making it impossible to manually monitor, evaluate, and ensure firewall compliance in large networks. In this webcast, John Kindervag, senior analyst at Forrester and Gidi Cohen, CEO of Skybox Security, will discuss the critical drivers for firewall auditing and its challenges, and explain why automated firewall audit solutions are an indispensible tool for IT security.
 

Sophos - Top tips to keep data under your control

You already know the growth and changes in government, industry and internal regulations designed to protect data is becoming harder and more expensive to manage. Join us to learn how you can simplify the task by listening to The Top Tips to Keep Data Under Your Control. Compliance and security expert, John Metzger from Sophos, will present security compliance and recommend technology and strategies to help you succeed.
 

Data loss during downsizing: When employees exit, so does data

Join us for this webcast addressing "Data loss during downsizing," discussing the results of a survey conducted by the Ponemon Institute. In these tough economic times, many companies are going through layoffs or downsizing. According to the survey results, more than half of ex-employees admit to stealing company data. Attend this webcast to find out why companies need to know exactly where sensitive data resides, how it is being used, and how to prevent it from being copied, downloaded or sent outside the company.
 

Choosing the right security information management solution

hether you're considering a security information management (SIM) solution to comply with regulations, such as PCI, SOX, GLBA, NERC CIP, FISMA and HIPAA, or attempting to simplify the collection and management of log and event data, or trying to increase your overall information security posture, or all of the above, there are some key factors to consider.
 

How to Reduce the Scope of PCI DSS Audits by Tokenizing Payment Card Data

Merchants who accept payment cards are challenged with complying with the Payment Card Industry's Data Security Standard (PCI DSS). Because all systems that accept or use payment cards are considered in scope for PCI DSS compliance, there are very few ways to cut corners when seeking compliance. This webcast will present the concept and use of a new data security model, tokenization, which substitutes data surrogates for card numbers in systems throughout the enterprise, thus reducing scope for PCI DSS compliance and annual audits as well as lowering the risk of a data breach.
 

Eliminate Admin Rights from all Laptop Users

Laptops present a significant challenge for security focused companies. Laptop computers can be a common mechanism for viruses, spyware, and other security threats to enter an otherwise well-protected network. Join us for an exciting look at how you can eliminate the need to have users run with administrative rights on their laptops.
 

Top 10 Ways to Ensure Your Security Operation Center Fails

The business of running a Security Operations Center (SOC) is a difficult one. Who has the time to retain the right people, build comprehensive processes and procedures, and implement a robust Security Event and Information Management (SIEM) infrastructure? Those tasks require time, expertise and experience. Would you like to take a shortcut? This session will give you the tips and tricks based on actual client engagements that you'll need to side-step, bypass, and throw out the rigorous project needed to make a successful SOC. Need a SOC up and running in two weeks, but don't necessarily care about it running one year from now? This session is for you.
 

Moving your security strategy from reactive scramble to proactive risk management

Taking a reactive approach to IT security is a risky proposition. Besides presenting unnecessary operational hurdles, making patch, update and configuration decisions based on a flood of data from disparate scanning and logging solutions can still leave the door open to attack.
 

Unleash the power of dynamic whitelisting protection

Today's systems are complex, sophisticated and providing more businesses the opportunity to innovate. However regulations and industry standards are also growing and many are prescribing specific controls for security and data protection. Providing the guidance and assurance for protection in a one size fits all strategy has not been effective to date. Dynamic whitelisting provides a solution that is adjustable to meet the basic compliance requirements and to go beyond and enable immediately impactful security for regulated industries. Learn about how dynamic whitelisting can make a difference and how it can immediately change how you look at security compliance.
 

A simple approach to email compliance

Compliance, GRC, Policy Management, Risk mitigation, IT Governance, DLP, HIPAA, SOX, PCI-DSS...the new language of security can be confusing at best, and both management and IT staff are seeking answers. Where can we find out about the rules that apply to us? Are we at risk for compliance-related penalties? Are the legal and accounting departments on top of this?
 

Roles-Based Access Governance: Methodology & Best Practices

Although roles-based access control (RBAC) has been the subject of much interest in the past, companies are still dealing with the complexity of managing roles at the technical infrastructure level (applications & provisioning). For some organizations, this complexity is an obstacle to deploying effective roles-based access governance.
 

Log management in a silver-lined cloud

Log management technology has been labeled -- often accurately -- as complex and expensive. But many organizations face regulatory mandates that require log management. Given today's climate of economic uncertainty, such organizations must find a way to effectively manage log data with a tightening budget. Cloud computing is the answer. In the cloud, organizations can meet the demands of both shrinking budgets and expanding regulations.
 

State of the Hack - Addressing the Advanced Persistent Threat

The Advanced Persistent Threat (APT) is a sophisticated and organized cyber attack to access and steal information from compromised computers. The intruders responsible for the APT attacks target the Defense Industrial Base, financial industry, manufacturing industry, and research industry. The attacks used by the APT intruders are not very different from any other intruder. The main differentiator is the APT intruder's perseverance and resources. They have malicious code (malware) that circumvents common safeguards such as anti-virus, and they escalate their tools and techniques as a victim's capability to respond improves. MANDIANT will discuss how they assist organizations in addressing the APT.
 

10 Minutes on Strong Authentication Trends for 2009

In this webcast, Jason Mafera, senior product manager for Imprivata, discusses the key findings from a recent Imprivata-sponsored survey examining trends in strong authentication. Jason reviews key survey findings and lends his expertise to decipher what this means for anyone considering strong authentication as part of their employee access management strategy in 2009.
 

Unleashing your log power to do more with less

As organizations continue to deal with the growing number of compliance regulations, information protection and security risks in these uncertain times, they have to figure out how to do more with less.
 

Clickjacking -- Trick to Click

Previously known as UI Redress, clickjacking is a method to trick users into clicking on something without knowing what they clicked. Clickjacking allows for malicious content to be transparently overlaid on top of a legitimate application. If not properly handled by browsers it can lead to information theft. In this brief 10 minute webcast, learn about the dangers of clickjacking and countermeasures that can be taken to prevent becoming a victim.
 
 

Lean times: Doing more with less using security and compliance automation

As IT, security, and audit departments continue to deal with a growing onslaught of security risks and regulations, the message from management in these times of economic uncertainty could not be worse: "do more with less."
 

Calculating today's strong authentication ROI

The average security breach costs an organization $6.5 million, plus countless employee hours, customer confidence, and hits to your brand reputation. We all know that passwords are the weakest link in our security armor, so the smartest budget choice we can make is to protect that link in real-time rather than deal with the aftermath.
 

Data Leakage For Dummies©: Don't become a data loss headline

All too often the loss of data results from well-meaning employees making innocent mistakes. But these mistakes can lead to infringement of data protection laws and ultimately damage to your reputation and brand. Learn how to significantly reduce your risk of sensitive data loss with a series of practical steps. Join this live one-hour webcast featuring security expert Jonathan Tait from Sophos.
 

Guide to evaluating two-factor solutions

If you're in the market for a two-factor authentication solution, don't miss this webcast. Learn how to choose the two-factor solution that is the right for your business. During the webcast, we'll discuss the key drivers for a successful two-factor implementation, identify key evaluation criteria, and compare two-factor authentication methods.
 

A practical approach to privileged account management and centralized access controls management

Access control management is an increasingly important aspect of IT security, particularly because of the growing complexity of the IT infrastructure.
 

Ease the burden of PCI DSS log management requirements

As an organization that processes credit cards, you face tremendous pressure to comply with PCI DSS requirements. Specifically, Requirement 10, which requires log management or log analysis, can be the most costly and resource-consuming. In the rush to achieve initial PCI compliance, many large and midsize merchants established processes for manual log management.
 

PCI compliance: A holistic approach

PCI Compliance continues to be an elusive goal. This webcast presents a holistic approach to building an information security program in your enterprise.
 

Identity & Access Management (IAM)

How do you determine whether IAM improvement initiatives have delivered the expected level of enterprise benefits?
 

Combining SIEM, log management and centralized security and compliance management

Enabling new security workflows that link real-time monitoring, threat detection and incident response.
 

User activity monitoring for speeding time to compliance

Experts from Sun Microsystems and LogLogic will discuss use cases for speeding time to compliance, increasing security and reducing compliance-related costs.
 

Finding and stopping the invisible threats

Solutions to tough network security problems.
 
Popular Topics
4G-war Account Information Advanced Persistent Threat Anonymous Apple Threats Botnets Cyber Attacks Cyber Crime Data Breach Data Breaches Encryption Hackers Hacktivism Health Care IT Security Java Malware Mobile Devices Phishing Risk Management Social Security Numbers Stolen Information Survey Trojans Vulnerabilities & Flaws