The Politics of Security: Getting What You Want (And Avoiding What You Don't)

Real-life discussions of CSO/CISOs on avoiding the pitfalls and problems of enterprise IT Security—negotiating risk between executive suite, business units, and even within their own IT organizations.
 

Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers: Case Studies for Decision Makers on Maximizing Accountability and Visibility

Gain insights into how to virtualize more by building a security fortress around your "in-scope" virtual environment with HyTrust. Join HyTrust experts and specials guests outline the business drivers for this critical security blueprint.
 

Security Management 2.0: Time to Replace Your SIEM?

The reality is that many organizations have spent millions and years trying to get productivity out of their SIEM - with mediocre results. Most security teams need to start asking themselves some key questions: Is it time? Are you waving the white flag? Has your SIEM failed to perform to expectations despite your significant investment? If you are questioning whether your existing product can get the job done, you are not alone.
 

Unified Security: Respond and Prevent to Manage Risk

Today, business is conducted over a variety of networks and devices. As a result, traditional data protection is more complex than ever before. It is no longer feasible to protect data by preventing one type of attack at a time with specialized products that work in isolation.
 

Continuous Monitoring: You Can't Take your Eye Off the Ball - Ever!

Attackers don't sleep. Actually, their automated tools for reconnaissance never take a break and due to the power of the Internet, an attack on your organization can originate from literally anywhere. Compound that with the ongoing failures of most preventative security measures (AV, IPS, etc.) and the increasing sophistication of targeted attackers, and you leave organizations with no choice but to focus more on detection than prevention. Join Securosis analyst Mike Rothman and Tenable Network Security's product manager Jack Daniel on this webcast and learn how an approach to continuous monitoring can help any organization "React faster and better" to emerging threats, and the importance of monitoring everything you can.
 

Top Three Ways to Detect Advanced Malware Infiltrations and APTs

In 2011, breaches dominated the security headlines. Whether you call them advanced persistent threats (APTs), targeted attacks, or advanced malware infections, their devastating results are the same. And stopping data theft from these advanced cyber threats has become a high priority project for many companies. What's so different about these stealthy threats that allow them to bypass traditional security layers? How are they successful at infiltrating networks?
 

Fight Back Against Spear-phishing - Arm the User

Looking at the news in information security across the last 18-24 months, one common denominator emerges - the user has become the unwitting accomplice in the breach of our networks. Invincea offers a solution to this problem - a solution that protects the network from the user and the user from him or herself.
 

Secure Mobile Computing on USB

Secure portable operating environments on USB have evolved to being able to carry an entire operating system on a small flash drive form factor. Boot-from-USB solutions on secure USB devices can instantly turn a non-trusted, unmanaged machine into a fully managed trusted desktop. Teleworkers can use home computers as if it were a corporate laptop. Corporate machines can be re-purposed for multiple uses such as separating environments, or thin client replacements.
 

Protect the Enterprise in Your Pocket | Managing Mobility with iPhone/ iPad Security

Your end users are connecting their personal devices, including iPhones & iPads, onto the enterprise network using unsecure networks, from coffee shops to airports, basically everywhere. That's why we consider the enterprise to now be in the pocket of your employees, anywhere they use mobile devices.
 

Regain Control of Your Firewalls: Tighten Security and Streamline Operations

More than two decades into utilizing network firewalls, most organizations are still struggling to properly manage them. Cluttered rulesets, overly permissive policies, and poor change management processes are just some issues plaguing organizations.
 

Security Management 2.0: Time to Replace Your SIEM?

The reality is that many organizations have spent millions and years trying to get productivity out of their SIEM - with mediocre results. Most security teams need to start asking themselves some key questions: Is it time? Are you waving the white flag? Has your SIEM failed to perform to expectations despite your significant investment? If you are questioning whether your existing product can get the job done, you are not alone.
 

10 minutes on "Rethink Your Endpoint Security Strategy"

Today's IT network is more distributed and virtual than ever with the increased use of remote endpoints and cloud-based applications. And increasingly sophisticated malware is targeting the information stored on and accessed by these endpoints and applications. The security status quo has left organizations managing a multitude of products - and has not reduced the IT risk. This series examines the evolving threat landscape, why current defenses are decreasing in effectiveness and what key strategies you can implement to shift from the status quo and improve security from zero-day and targeted attacks, while also simplifying and reducing the costs of managing the endpoint environment.
 

Database Monitoring & SIEM — Beyond Compliance to Data Breach and Fraud Detection

Database Activity Monitoring is a key requirement of many compliance mandates - monitoring and logging all database activity to ensure that sensitive data is being access appropriately, and by the right people. But when DAM and SIEM are integrated, the combination provides valuable context that can be used to actively protect your network from data loss and fraud. Learn how an integrated, high performance SIEM & DAM solution both addresses compliance needs and helps detect insider threat and external attacks.
 

Securing, controlling and auditing critical databases

Implementing compliance and internal audit reporting for databases is a critical IT requirement. Auditors need proof that databases containing sensitive data were not improperly accessed or altered, and database administrator activity must belogged and monitored.
 

SC Magazine 20/20: Mobile Security and Network Access Control Essentials

Smartphones, tablets and personal devices are on your corporate network. Your users want personal connectivity and executives wants added productivity, but security must be maintained. What is the prudent path to satisfy all constituents? Lead by Illena Armstrong and Gil Freidrich VP of Technology at ForeScout, this timely webcast will examine: key mobile security risks, pertinent policies and alternative countermeasures, 5 proven scenarios for effective guest management, and phased steps for effective visibility and seamless enforcement.
 

The State of Software Security

What vulnerabilities threaten the integrity and performance of your software in the software supply chain? Find out In Veracode's presentation The State of Software Security -- a semi-annual report representing the anonymized data from billions of lines of code submitted for analysis by large enterprises, commercial software providers, open source projects, and software outsourcers in Veracode's cloud-based application risk management services platform.
 

Physical Logical Convergence: Enhanced Security for the Enterprise

As approaches for logical and physical access increasingly draw on similar technologies, CIOs seek efficient methods to consolidate these two environments to save money and enhance security. With the evolution of smartcard technology, enterprises can integrate two security environments — physical and logical access — to provide consolidated management, improved ROI and a total security view.
 

The Dependent Relationship of IT Security and Business Performance

The forceful advancement of Web 2.0 applications and mobile devices have revolutionized how companies operate. They've also radically affected the day-to-day processes of a typical IT department. So the question remains: how can IT create policies that help increase employee productivity and still enforce tight security measures?
 

Detecting Advanced Threats and Malware with SIEM

While many organizations have deployed security information and event management (SIEM) solution to meet regulatory compliance requirements, high performance SIEM solutions can do much more. By correlating events, logs, and network flows SIEMs can uncover a range of diverse &low and slow" attacks. With threats moving rapidly "up the stack," content aware SIEMs can integrate database session and application layer data to detect dangerous botnets, hidden payloads and covert communications channels.
 

The True Cost of AV: How to Ensure More Effective and Efficient Endpoint Security

Tuesday April 5th 2011 - Today, more than 1.6 million new malware signatures are identified each month. And more organizations are falling prey to "zero-day" attacks - malware for which an anti-virus signature does not exist. It's no surprise that roughly half of the organizations surveyed in a 2010 Ponemon Institute study reported an increase in their IT operating expenses - a main driver of that cost increase was malware. Traditional anti-virus simply can't keep up in the malware arms race and relying on it as your primary defense will prove costly.
 

Stop Threats and Data Breaches at the Source. New CPE credit opportunity!

Wednesday, Mar. 30th 2011 - Every day information security analysts battle a technically competent and motivated adversary determined to harm their organizations. Join our webcast to understand the tactics used by hackers and malicious insiders as they try to extract confidential data without authorization. You will also learn how to achieve complete visibility across your organization with SIEM, and how a focus on User Monitoring, Database Activity Monitoring and File Monitoring can stop these adversaries in their tracks.
 

Security in the Social Web: 2010/2011 and Beyond

Thursday, Mar. 31st. 2011 - It's unavoidable: Your company has to go social to keep up with today's Web culture. But sites like LinkedIn, Twitter, and Facebook are easy targets for spam, malicious code, and poisoned Web links. This puts your organization just one click away from a serious security breach. Find out how to dodge these threats while riding the cutting edge of the social Web.
 

10 Minutes on Multi-Factor Authentication

Escalating IT security threats and strengthening regulatory requirements are driving adoption of multi-factor authentication to unprecedented levels.
 

The True Cost of Compliance - Ponemon Institute Research Study

Ponemon Institute and Tripwire have completed their annual cost of compliance benchmark study of multinational organizations. The study reveals that the costs of non-compliance, which includes disruption of services, fines, legal fees and more, is almost three times the cost associated with compliance. It also provides insight into activities organizations can undertake to reduce the cost of compliance while also improving security.
 

Visual Privacy: Is it the Weak Link in Your Data Security Strategy?

Did you know two-thirds of working professionals expose sensitive corporate data outside the workplace - some even exposing highly regulated and confidential information like customer credit card and social security numbers? Visual Privacy - the protection of sensitive information as it is displayed on screen - is an emerging issue in information security and an under-addressed area of risk in corporate security policies. Given the rapid digitization of sensitive information and the growing mobility of workers today, the need to protect displayed information has grown substantially.
 

10 Minutes on Securing Virtualized Data Center Infrastructure

Virtualization is the number one technology priority for Enterprise CIO's according to a recent Gartner survey.
 

Top 5 Security Threats to Watch for in the Coming Year

Are you ready for 2011? As we return from the holidays for another year, we should be prepared for the security threats we will face in 2011. In this webcast, ArcSight security expert, Aarij Khan, will highlight what to expect in the upcoming year.
 

The trusted insider threat - Lessons learned from WikiLeaks

Protecting against and detecting potential data leakage is at the heart of the WikiLeaks controversy. However there is no "one size fits all" solution. It must be addressed at multiple levels with collaborating technologies, including SIEM, database monitoring and application monitoring, to provide the most complete prevention and detection strategy possible.
 

10 Minutes on Universal Log Management

How many log management solutions does it take to mitigate cybersecurity risks, demonstrate compliance and streamline operations?
 

Borderless security: confidence in a virtual world

With the recent surge in workforce mobility, social networking and Web 2.0, organizations today face a new generation of threats that jeopardize the traditional corporate umbrella.While these areas are creating exciting new ways to connect with employees, customers and clients, they are also expanding the borders of the traditional enterprise and therefore introducing new avenues for potential breaches in security.
 

10 Minutes on Automating Database Vulnerability Assessment to Prevent Data Breaches

Databases have, by far, become the leading target of hackers and insiders with malicious intentions. According to Verizon's 2010 Data Breach Investigations Report, 92% of breached records originated in database servers. The fact that they contain organizations' most valuable data, such as customer records, financial information, employee PII and credit card data make them an attractive target.
 

Detecting Advanced Threats and Malware with Content Aware SIEM

While many organizations have deployed security information and event management (SIEM) solution to meet regulatory compliance requirements, high performance SIEM solutions can do much more. By correlating events, logs, and network flows SIEMs can uncover a range of diverse "low and slow" attacks. With threats moving rapidly "up the stack," content aware SIEMs can integrate database session and application layer data to detect dangerous botnets, hidden payloads and covert communications channels.
 

The Compliance Factor: Protecting your Customer Data and Your

Government has had an increasingly heavy hand in how U.S. businesses protect their networks and the sensitive data within them by introducing legislation with major IT security implications, such as HIPAA, NERC and SOX. In the case of PCI DSS, the industry is self-regulating to try and stay ahead of government actions. With increasing demand for stronger levels of privacy and protection from malicious threats, companies must meet ever-evolving requirements or risk having both their reputations and revenue streams destroyed by breaches and the bad publicity that ensues.
 

Cloud Security: The IDentity Factor

If you're building out your Cloud Security strategy - or already have one in play - you will not want to miss this Webinar. In "Cloud Security - the Identity Factor", Ping Identity's CTO, Patrick Harding, will discuss the critical role of Identity in Cloud Security. The Webinar will address the dangers of synchronizing passwords, and why Internet Single Sign-On is a secure alternative.
 

A Practical Approach to DLP: Dive in!

DLP projects have tended to founder in complexity - and a lot of that is the discussion of hypothetical cases: what if we find this? How should we escalate or define a process if we find that? But many organizations report that what they find with DLP technology is often very different from what they thought they would.
 

BeyondTrust 10 minute Webcast Series

Drawbacks of Open Source Privileged Identity Management, Least Privilege Application Compatibility for Windows 7 Migrations, & Top 5 Things You Should Do for Your Virtualized Environments
 

Blue Coat 10 minute Webcast Series

Compliance without Complexity & 2020 Vision of Web Security
 

Pros and Cons of Different Strong Authentication Options

Join Imprivata in exploring which authentication modality is right for your organization. This session will explore the pros and cons of user authentication options in addition to reviewing how you can mix and match various modalities to provide greater security.
 

Detecting dangerous PDFs and application layer threats.

Malware making use of PDF files is one of many complex threats that are "moving up the stack" to exploit vulnerabilities at the application and session layers. Visibility into the contents of applications, documents and protocols is needed to capture critical data to detect and remediate these advanced threats.
 

Combating modern threats and risks

Join ArcSight security expert, Ryan Kalember, Director of Product Marketing, as he discusses how organizations can best defend against cyberthreats that have grown substantially in sophistication and potential to cause harm. This webinar will explore the commonalities among the latest breaches and detail the most pervasive new techniques. Attendees will learn how user activity monitoring techniques can be used to detect these new attacks
 

Manage complexity with security as a service

As organizations undergo rapid IT infrastructure transformation and look to deploy more efficient, secure and productive technologies, security event and incident management and regulatory compliance become mission critical priorities, as well as arduous tasks. Join Novell, Wipro and Dave Shackleford to learn how partnering with an IT security service provider can help you manage security complexity, and put you on a path to compliance while reducing operating costs.
 

Guardium, an IBM Company - Protecting Sensitive Data: Detecting and Blocking Unauthorized Access or Changes

Protecting Sensitive Data: Detecting and Blocking Unauthorized Access or Changes In 2009, databases were the number one source of breached records globally. Databases are an attractive target, containing organizations' most sensitive data, including financial records, credit card information and customer data. It is also the reason they are increasingly subject to regulations such as SOX, PCI DSS and the EU Data Privacy Directive.
 

Privileged user monitoring: Automating compliance & managing risk

Do you have visibility into everything that privileged users are doing on your network? The frequency of these threats is increasing and compliance regulations are changing to mandate monitoring of privileged user access. Yet most organizations can't answer "yes" to these questions. This panel discussion will focus on both the practical and regulatory aspects of effective privileged user monitoring - featuring two IT executives and a compliance expert.
 

The prosumer changes everything

The people in your organization will do whatever they have to do to be productive. And if that means that your current IT infrastructure is not conducive to helping them be productive, they will look for ways around your IT infrastructure safeguards. What does that mean? That means if their e-mail box is not large enough they will go online and find ones that are. That large file can be sent via e-mail -- they will find services and technologies to solve that issue. Can't get access to presentations and documents necessary to do that perfect sales presentation when you are remote -- they will start hosting the very same presentation and documents in a place that allows them to get to it. The iPhone and android phones are not supported by IT -- they will create proxies using home computers to push and pull e-mail from their smart devices.
 

Best practices in database security

The concept of security in layers takes the view that no single component can ensure the level of protection necessary to safeguard sensitive data. Instead, by leveraging the various technologies and approaches available today, organizations can implement security policies that meet regulatory requirements, and provide cost-effective controls to minimize data breaches.
 

Content aware SIEM defined

Content Aware SIEM represents a new generation of Security Information and Event Management (SIEM) capabilities that extend the value and benefits of SIEM by providing visibility into the contents of applications, documents and protocols.
 

Protect the critical infrastructure using firewall compliance & network analysis

Keeping the network secure has become a daunting proposition for most enterprises. With hundreds of firewalls and a long list of network devices, it's hard for network teams to determine where to focus efforts to keep the network secure and available to users.
 

Choosing Strong Authentication

There are clear benefits to a company in providing remote access to the corporate network for their employees, customers and partners. However, access to the corporate network through an extranet, remote access gateway (VPN) or Microsoft® Windows® desktop effectively opens a door to the organization's most sensitive assets, intellectual property and customer data.
 

TippingPoint - Securing the Next Generation Data Center

The network security industry has witnessed shifts in three major areas. Compliance has gained tremendous traction as organizations are dealing with multiple regulations to mitigate the risk in data loss and application downtime. Second, the convergence of multiple security functions into products that support a single function has evolved to include policy management integration. Third, the consolidation of data center infrastructure is being driven by virtualization tools, such as cloud computing models. In this 10-minute webcast, Roark Pollock will discuss how business benefits could be undermined by rising security exposure and the complexities of today's evolving threat landscape if the right protection is not in place.
 

What happens in your enterprise, stays in your enterprise

Ever stuck in a situation where you're expected to do more with less. Or have to choose among three different solutions, one each for cybersecurity, compliance and IT ops? Don't know what to do? Attend this informational webinar to learn how to convert digital fingerprints into a single pane of glass to combat cybercrime, demonstrate regulatory compliance and streamline IT operations.
 

The evolving state of the endpoint: How will you cope?

Endpoint security has long been a major component in the IT security arsenal. However, the complexion of today's "workforce" and the IT environment is dramatically changing, forcing organizations to rethink the definition of an endpoint protection strategy.
 

Mobile Device Security

Today's new business culture, with expanding corporate perimeters, ubiquitous network connectivity, and the proliferation of mobile devices, involves new security risks. Businesses must ensure that their security policies are up to date and effectively communicated to their workforces in order to enforce acceptable use and protect against data theft and hijacking. Join John N. Stewart, Cisco Vice President and Chief Security Officer, to hear his thoughts regarding current mobile workforce trends and challenges, and his recommendations on how to best secure mobile devices.
 

Secure Teleworking: Increasing Operational Excellence and Productivity

Establishing, developing, and maintaining robust and secure business teleworking environments for their employees can help organizations successfully reduce costs and increase productivity. In this 10 minute webcast, Mick Scully, VP of Product Management for the Access Router Technology Group at Cisco, will explore the evolution of teleworking and provide a recap of the benefits organizations can achieve as well as some of the security challenges they must address when building a teleworking platform for their remote users.
 

Conquering data protection challenges

Join John Kindervag, senior analyst from Forrester Research, and Geoff Webb, senior manager of product marketing for NetIQ, for a web seminar on "Conquering Data Protection Challenges." You'll learn how the pressures to secure sensitive information are growing evermore acute, how the penalties associated with a breach can be very damaging, and how to begin to manage and secure access to your data wherever it resides.
 

PCI Compliance Update

PCI DSS compliance continues to challenge businesses. 2009 brought additional guidelines, implementation changes and the PCI DSS 1.2 went into effect. 2010 promises further evolution of the PCI DSS standard. In this 10 minute webcast, Terri Quinn of Cisco Systems, a member of the PCI Board of Advisors, will give a recap of 2009 and the trends for 2010 in the world of PCI compliance.
 

IT GRC: Managing Risk, Improving Visibility, and Reducing Operating Costs

This 10 minute webcast features Derek Brink, principle analyst for the security, risk and compliance practice at Aberdeen Group Research. His presentation features the highlights of a recent study which examines the practices of best in class companies in the area of governance, risk and compliance (GRC). You'll discover that despite the emphasis on GRC there are still many companies not able to achieve best in class results.
 

How Data Breaches Happen

Everyone knows that data breaches can happen anywhere at any time. But what is far less understood is why data breaches happen and what can be done to prevent them. This webcast answers these three questions. It discusses the most common causes of data breaches and illustrates each cause to show how breaches can occur in multiple ways. Finally, it will show how Symantec is helping customers around the world prevent these data breaches and what steps you can take to protect your organization.
 

Risk Management & File Transfer

File transfer is a core business process at many organizations, and we're seeing the volume, reliance and sensitivity of files and data increasing exponentially. Traditionally, file transfer has simply been synonymous with FTP. However, today's focus on security and governance are requiring that organizations quickly deploy secure and managed file transfer solutions.
 

The Effects of Windows 7 UAC on Enterprise Security

The most anticipated and misunderstood change in Windows 7 is User Account Control (UAC). Microsoft introduced UAC in Windows Vista to eliminate the need for users to run with administrative privileges. Despite its good intentions, Vista's UAC was widely criticized for its frequent user prompting for routine applications and installations and its inability to remove the need for users to run as local Administrator.
 

PCI DSS: Logging and Event Management Enable Compliance

This 10 minute webcast features Matt Schnarr, Security Specialist with Intellitactics and reflects his real life experience at a global investment bank implementing consistent logging and event management for compliance and security.
 

The Security of Electronic Health Information Survey

Join us for an hour-long webcast covering the recent survey by the Ponemon Institute, The Security of Electronic Health Information. This webcast will include important findings from the recent survey by The Ponemon Institute, as well as current best practices to secure health care data.
 

Guardium -- Best Practices for Database Security & Compliance

SQL injection attacks, malfeasance by insiders and regulatory requirements are driving organizations to find new ways to secure their critical databases and achieve compliance with SOX, PCI-DSS, NIST 800-53 and data protection laws.
 

Cybercrime and collaboration: Security considerations for today's complex environment

Securing IT infrastructures today has become more of a challenge with the rise of consumer electronics usage in the workplace, Web 2.0 social networking, and criminal sophistication. Join us for an in-depth update on global threats and trends as outlined in the recently-released Cisco 2009 Midyear Security Report. The key findings of the report will be discussed along with proactive ways to defend organizations in today's distributed environment.
 

Firewall Audit Webcast: Rule Your Firewalls with Automated Firewall Auditing

If you are not concerned about the potential risks to your IT environment posed by mis-configured firewalls or competing rules - you should be. The average enterprise has hundreds of firewalls and thousands of rules - making it impossible to manually monitor, evaluate, and ensure firewall compliance in large networks. In this webcast, John Kindervag, senior analyst at Forrester and Gidi Cohen, CEO of Skybox Security, will discuss the critical drivers for firewall auditing and its challenges, and explain why automated firewall audit solutions are an indispensible tool for IT security.
 

Sophos - Top tips to keep data under your control

You already know the growth and changes in government, industry and internal regulations designed to protect data is becoming harder and more expensive to manage. Join us to learn how you can simplify the task by listening to The Top Tips to Keep Data Under Your Control. Compliance and security expert, John Metzger from Sophos, will present security compliance and recommend technology and strategies to help you succeed.
 

Data loss during downsizing: When employees exit, so does data

Join us for this webcast addressing "Data loss during downsizing," discussing the results of a survey conducted by the Ponemon Institute. In these tough economic times, many companies are going through layoffs or downsizing. According to the survey results, more than half of ex-employees admit to stealing company data. Attend this webcast to find out why companies need to know exactly where sensitive data resides, how it is being used, and how to prevent it from being copied, downloaded or sent outside the company.
 

Choosing the right security information management solution

hether you're considering a security information management (SIM) solution to comply with regulations, such as PCI, SOX, GLBA, NERC CIP, FISMA and HIPAA, or attempting to simplify the collection and management of log and event data, or trying to increase your overall information security posture, or all of the above, there are some key factors to consider.
 

How to Reduce the Scope of PCI DSS Audits by Tokenizing Payment Card Data

Merchants who accept payment cards are challenged with complying with the Payment Card Industry's Data Security Standard (PCI DSS). Because all systems that accept or use payment cards are considered in scope for PCI DSS compliance, there are very few ways to cut corners when seeking compliance. This webcast will present the concept and use of a new data security model, tokenization, which substitutes data surrogates for card numbers in systems throughout the enterprise, thus reducing scope for PCI DSS compliance and annual audits as well as lowering the risk of a data breach.
 

Eliminate Admin Rights from all Laptop Users

Laptops present a significant challenge for security focused companies. Laptop computers can be a common mechanism for viruses, spyware, and other security threats to enter an otherwise well-protected network. Join us for an exciting look at how you can eliminate the need to have users run with administrative rights on their laptops.
 

Top 10 Ways to Ensure Your Security Operation Center Fails

The business of running a Security Operations Center (SOC) is a difficult one. Who has the time to retain the right people, build comprehensive processes and procedures, and implement a robust Security Event and Information Management (SIEM) infrastructure? Those tasks require time, expertise and experience. Would you like to take a shortcut? This session will give you the tips and tricks based on actual client engagements that you'll need to side-step, bypass, and throw out the rigorous project needed to make a successful SOC. Need a SOC up and running in two weeks, but don't necessarily care about it running one year from now? This session is for you.
 

Moving your security strategy from reactive scramble to proactive risk management

Taking a reactive approach to IT security is a risky proposition. Besides presenting unnecessary operational hurdles, making patch, update and configuration decisions based on a flood of data from disparate scanning and logging solutions can still leave the door open to attack.
 

Unleash the power of dynamic whitelisting protection

Today's systems are complex, sophisticated and providing more businesses the opportunity to innovate. However regulations and industry standards are also growing and many are prescribing specific controls for security and data protection. Providing the guidance and assurance for protection in a one size fits all strategy has not been effective to date. Dynamic whitelisting provides a solution that is adjustable to meet the basic compliance requirements and to go beyond and enable immediately impactful security for regulated industries. Learn about how dynamic whitelisting can make a difference and how it can immediately change how you look at security compliance.
 

A simple approach to email compliance

Compliance, GRC, Policy Management, Risk mitigation, IT Governance, DLP, HIPAA, SOX, PCI-DSS...the new language of security can be confusing at best, and both management and IT staff are seeking answers. Where can we find out about the rules that apply to us? Are we at risk for compliance-related penalties? Are the legal and accounting departments on top of this?
 

Roles-Based Access Governance: Methodology & Best Practices

Although roles-based access control (RBAC) has been the subject of much interest in the past, companies are still dealing with the complexity of managing roles at the technical infrastructure level (applications & provisioning). For some organizations, this complexity is an obstacle to deploying effective roles-based access governance.
 

Log management in a silver-lined cloud

Log management technology has been labeled -- often accurately -- as complex and expensive. But many organizations face regulatory mandates that require log management. Given today's climate of economic uncertainty, such organizations must find a way to effectively manage log data with a tightening budget. Cloud computing is the answer. In the cloud, organizations can meet the demands of both shrinking budgets and expanding regulations.
 

State of the Hack - Addressing the Advanced Persistent Threat

The Advanced Persistent Threat (APT) is a sophisticated and organized cyber attack to access and steal information from compromised computers. The intruders responsible for the APT attacks target the Defense Industrial Base, financial industry, manufacturing industry, and research industry. The attacks used by the APT intruders are not very different from any other intruder. The main differentiator is the APT intruder's perseverance and resources. They have malicious code (malware) that circumvents common safeguards such as anti-virus, and they escalate their tools and techniques as a victim's capability to respond improves. MANDIANT will discuss how they assist organizations in addressing the APT.
 

10 Minutes on Strong Authentication Trends for 2009

In this webcast, Jason Mafera, senior product manager for Imprivata, discusses the key findings from a recent Imprivata-sponsored survey examining trends in strong authentication. Jason reviews key survey findings and lends his expertise to decipher what this means for anyone considering strong authentication as part of their employee access management strategy in 2009.
 

Unleashing your log power to do more with less

As organizations continue to deal with the growing number of compliance regulations, information protection and security risks in these uncertain times, they have to figure out how to do more with less.
 

Clickjacking -- Trick to Click

Previously known as UI Redress, clickjacking is a method to trick users into clicking on something without knowing what they clicked. Clickjacking allows for malicious content to be transparently overlaid on top of a legitimate application. If not properly handled by browsers it can lead to information theft. In this brief 10 minute webcast, learn about the dangers of clickjacking and countermeasures that can be taken to prevent becoming a victim.
 

Lean times: Doing more with less using security and compliance automation

As IT, security, and audit departments continue to deal with a growing onslaught of security risks and regulations, the message from management in these times of economic uncertainty could not be worse: "do more with less."
 

Calculating today's strong authentication ROI

The average security breach costs an organization $6.5 million, plus countless employee hours, customer confidence, and hits to your brand reputation. We all know that passwords are the weakest link in our security armor, so the smartest budget choice we can make is to protect that link in real-time rather than deal with the aftermath.
 

Data Leakage For Dummies©: Don't become a data loss headline

All too often the loss of data results from well-meaning employees making innocent mistakes. But these mistakes can lead to infringement of data protection laws and ultimately damage to your reputation and brand. Learn how to significantly reduce your risk of sensitive data loss with a series of practical steps. Join this live one-hour webcast featuring security expert Jonathan Tait from Sophos.
 

Guide to evaluating two-factor solutions

If you're in the market for a two-factor authentication solution, don't miss this webcast. Learn how to choose the two-factor solution that is the right for your business. During the webcast, we'll discuss the key drivers for a successful two-factor implementation, identify key evaluation criteria, and compare two-factor authentication methods.
 

A practical approach to privileged account management and centralized access controls management

Access control management is an increasingly important aspect of IT security, particularly because of the growing complexity of the IT infrastructure.
 

Ease the burden of PCI DSS log management requirements

As an organization that processes credit cards, you face tremendous pressure to comply with PCI DSS requirements. Specifically, Requirement 10, which requires log management or log analysis, can be the most costly and resource-consuming. In the rush to achieve initial PCI compliance, many large and midsize merchants established processes for manual log management.
 

PCI compliance: A holistic approach

PCI Compliance continues to be an elusive goal. This webcast presents a holistic approach to building an information security program in your enterprise.
 

Identity & Access Management (IAM)

How do you determine whether IAM improvement initiatives have delivered the expected level of enterprise benefits?
 

Combining SIEM, log management and centralized security and compliance management

Enabling new security workflows that link real-time monitoring, threat detection and incident response.
 

User activity monitoring for speeding time to compliance

Experts from Sun Microsystems and LogLogic will discuss use cases for speeding time to compliance, increasing security and reducing compliance-related costs.
 

Finding and stopping the invisible threats

Solutions to tough network security problems.
 

The CSO check-up

Mike Rothman, Security Incite, presents his pragmatic approach to successfully managing your information security program.
 

The next generation of endpoint security. Today.

Application whitelisting in...Signatures out.
 

Open log management for operational excellence and compliance

Learn how large enterprises are using log data analysis tools in a growing number of areas, including IT troubleshooting, regulatory compliance auditing and user behavior monitoring.
 

VoIPshield presents: A practical guide to VoIP security for savvy CIO/CISOs

Join VoIPshield's founder and CTO, Bogdan Materna, and a panel of experts for a presentation and discussion on VoIP security.
 

LogRhythm presents: Maximizing security information management ROI

This webcast features Forrester Research Principal Analyst Paul Stamp sharing conclusions from his latest research on best practices for "future-proofing" SIM implementations and maximizing SIM ROI.
 

LogLogic Presents: Best Practices in Starting Your PCI DSS Compliance Initiatives

This event will explore best practices for maintaining, harmonizing and future-proofing your PCI log management efforts.
 

VeriSign Presents: How New VeriSign EV SSL Certificates Helped PayPal Fight Online Fraud

VeriSign will discuss how EV SSL enables the address bar in high security browsers to turn green, letting consumers feel secure transacting on sites with EV.
 

LogLogic presents: The Governance Mandates: Managing Risk and Ensuring Compliance

Learn why logs are critical to compliance, information asset protection and security. Viewed in isolation they are useful for troubleshooting and forensics. Viewed in the context of other IT logs they provide critical insight into user activity and the status of information assets.
 

Expanding Visibility into Today's IT Infrastructure

Join NitroSecuritys CTO, Michael Leland, and Paul Stamp, Principle Analyst at Forrester Research, for a discussion on how to increase IT security with better infrastructure visibility.