January 24, 2012
eSymposium: Insiders with access
With the economy continuing to lag, ethical boundaries become less of a guiding light. Employees with privileged access, believing their actions on the enterprise network are undetectable, are more and more tempted by easy gain. Whether transferring customer credit card data to gray market operators, or in cahoots with nation-states to sell military or government secrets, the threat from insiders continues to escalate. However, there are solid defenses and strategies to combat this persistent threat. We take a look at the trends and problems and examine the best ways to deal with these.
February 23, 2012
eSymposium: Web application security
Web application vulnerabilities are so numerous that they prove an especially ripe conduit through which cybercriminals can tunnel to steal lucrative data. Given the ever-rising frequency of such breaches, one might assume web apps have been sewn up. This, however, isn't the case. So, why do these cracks in web apps still linger and what should security teams be doing better to plug them?
March 20-21, 2012
eConference: PCI Compliance
Unlike other standards mandating technology usage, the PCI Data Security Standard is far more specific and not open to "user interpretation." But, when it comes to implementing precautions, such as those outlined in PCI DSS, many companies balk because they fear the added costs. Further, while there are many who claim they're in line with these industry regulations, they find themselves still getting victimized by cybercriminals. Experts provide some pointers to how they are reaching a PCI-compliant state that also goes the distance in safeguarding the enterprise crown jewels.
April 24, 2012
eSymposium: Cyber espionage
Those engaging in cyber espionage to steal various classified and/or proprietary documents from U.S. agencies and other organizations are riding high. Foreign spies, including U.S. allies, are increasingly launching digital assaults against the nation to steal sensitive economic secrets, according to a recent report by the U.S. Office of National Counterintelligence Executive (UNSEX). The theft of this critical information shows that attackers - state-sponsored or not - are enlisting whatever weaknesses in systems they can to thieve corporate and government data, often going unnoticed for months. Experts share background on the types of attacks to watch out for and what to do to thwart them?