Why manufacturers are using the cloud to deliver infosec

We all know that security gaps are widening due to technology shifts and advanced threats. Whether you are in finance, energy, tech, or manufacturing, the infosec challenges are much the same.

Turning tables on cybercriminals

The attacker defender asymmetry is well known. While it's impossible to defend all possible places of network compromise, defenders can shift the balance in their favor once the attacker has breached an endpoint.

Six steps to SIEM success sponsored by AlienVault

Tune in for this webcast to learn 6 practical steps every IT admin should take before embarking on a SIEM deployment.

How to build a world-class threat intelligence capability from scratch

Threat intelligence is a broad subject and the natural tendency is to produce intelligence on any topic or event regardless of its applicability to the company. True success in threat intelligence depends on focusing intelligence efforts to very specific business objectives, which removes the large surface area and leaves only a challenging sliver of ultra-high value to pursue.

Keeping compromises from becoming breaches

The stakes have never been higher as businesses attempt to protect their assets from a barrage of threats that continue to grow in frequency and sophistication.

Visual hacking high-risk areas in vertical industries

While visual hacking is a threat to any industry, it can be especially dangerous in healthcare and financial industries, where some of the most sensitive personal and financial information is routinely accessed and displayed.

Cover your "What happens off-network, stays off-network" security gap

We know that "What happens in Vegas, stays in Vegas" is not a winning network security strategy. Yet how would you know what happens on the Internet when your employees are off the corporate network?

Behavioral analytics: How one company used it to change data protection forever

The rate at which new data breaches are announced in the headlines should alarm every company with sensitive data to protect. From OPM to Ashley Madison to Machine Zone video games, data breaches are going undetected by existing security technologies and processes.

Enterprise security is about to get dramatically simpler

Ixia will change the landscape of network security by introducing a powerful new front line of defense for enterprises worldwide. Be one of the first to learn about this new security solution that will change the way enterprises view inline security protection.

Don't let sensitive data hitch a ride out of your network

Data is at the core of every business, and data theft is one of the most potent risks enterprises face. According to a 2015 Ponemon Institute study, the average consolidated cost of a data breach is $3.8 million, which includes investigative and forensic efforts, resolution, and the consequences of customer defection.

Breach prevention: Hunting for signs of compromise

Data Breaches in 2015 are on pace to break all records. 2014 saw a record 783 breaches with over 85 million records compromised.

Strategies for effectively protecting intellectual property

When it comes to protecting your organization's intellectual property (IP), a single click by an end-user can either lead to data protection or a data breach.

Lessons learned from building and running MHN, the world's largest crowdsourced honeynet

Honeypots are really useful for collecting security data for research, especially around botnets, scanning hosts, password brute forcers, and other misbehaving systems. They are also the cheapest way collect this data at scale.

Defeating cyber attackers: Best practices for leveraging adversary & threat intelligence with security analytics

This year over 85% of large organizations were targeted by advanced attackers according to Symantec's 2015 Internet Security Threat Report. Was your organization one of them?

Securing your website to protect brand reputation

Customers are doing more and more business online. Nearly 80% of the U.S. population shops online and half bank online. However, websites are constantly under attack. 71% of consumers feel it is up to the online stores to ensure the protection of their information, making website security a top priority for many businesses.

Creating an encryption strategy for modern risks mitigation

Every company has a data security risk mitigation strategy. However, the continuous news cycle on data breaches is proof that it is time to augment that strategy.

If an attacker were on your network would you know?

Do you still believe you can prevent 100% of intrusion attempts? If not, how do you find attackers once they land in your network?

The five capabilities that define your organization's secure file transfer effectiveness

This webinar will examine the business risks and regulatory compliance requirements associated with file transfers.

Best way to operationalize threat intelligence is enforcing it at the DNS layer

How many days go by before you take action on new threat intelligence?

Understanding the FFIEC cybersecurity assessment tool

The Federal Financial Institutions Examination Council (FFIEC) recently released the Cybersecurity Assessment Tool (CAT) to help financial institutions identify their risks and determine their cybersecurity preparedness.

Peeling back the layers - does security still have a chewy center?

Security practitioners might not like to admit it, but they've been playing games with adversaries for years. Whether it's whack-a-mole, cat-and-mouse or chutes and ladders, the security game has always been reactive in nature or one that has us alternating between steps forward and steps back.

Proven approaches for securing enterprise applications; An inside look at deploying Office 365 and SFDC

As cloud apps and mobile devices move your data and systems access outside the firewall, how secure are you from cyber threats?

Stamping out fraud with governance

The overwhelming volume and complexity of data is creating widespread opportunity for fraudsters. Organizations in the healthcare industry, financial services and even government departments have fallen victim as they've been unable to get a clear understanding of patients, customers or citizens.

Cyber security is now a boardroom agenda

Cyber security is now a topic of discussion at the majority of board meetings, according to a recent NYSE/Veracode survey.

Detect ransomware before it's too late with AlienVault USM

By now you've probably heard about new ransomware threats like CryptoWall, which encrypts your data and demands payment to unlock it. These threats are delivered via malicious email attachments or websites, and once they execute and connect to an external command and control server, they start to encrypt files throughout your network.

Myths of cloud security debunked!

Despite the meteoric rise of cloud based applications and services, as well as its subsequent adoption by a significant number of enterprises, security still remains a major concern for many organizations.

How to simplify PCI DSS compliance with AlienVault USM

Demonstrating compliance with PCI DSS is far from a trivial exercise. Are you sure you can document your organization's compliance with the new 3.0 standards?

Cloud-managed IT security — Simple. complete. powerful.

IT security is more challenging than ever. IT departments are tasked with managing a roaming workforce with limited resources and budget. Security solutions need to be effective yet approachable, especially for mid-sized companies.

Defining requirements for industry-leading endpoint threat detection and response

Many enterprise security solutions claim to offer continuous endpoint visibility—reactively scanning, sweeping or polling your environment for a set list of known indicators or signatures. But this approach can take hours for a single result, disrupt the performance of your organization's endpoints, and miss insight into root cause and lateral movement of an attack

What's missing in your network security stack? DNS

DNS is used by every device on your network. But are you leveraging it in your security stack?

Intrusion vs. breach: How security analytics & automated response can improve your chances of avoiding a breach

In this webinar, our guest speaker John Kindervag, Vice President, Principal Analyst at Forrester Research, and Seth Goldhammer, Director of Product Management at LogRhythm, will discuss how pervasive visibility and big data security analytics, when coupled with intelligent automated response, can substantially reduce an organization's risk of experiencing a material breach or cyber incident.

Preparing for the holiday breach season

The weather may be warm now but retailers are already planning for the 2015 holiday season, when businesses will conduct as much as 20% of their total annual sales

21st century defense-In-depth involves more than 2 AVs

If one AV is good, are two AVs better defense against APTs, ransomware and other sophisticated malware? That's the way we used to do it back in the '80s and '90s, but does this approach still work?

Before the kill chain: What attackers are doing and how you can spot them

What if you could uncover the infrastructure attackers are staging and identify threats BEFORE the kill chain begins?

Reinventing security in a feudal world

Feudal Security, a concept popularized by cyber security guru Bruce Schneier, requires organizations to entrust the security of their data and infrastructure to cloud providers.

NYSE survey: Understanding cybersecurity in the boardroom

The connection between cybersecurity and a company's bottom line is crystal clear to board members — and they're worried. In fact, more than 80 percent of corporate directors now discuss cybersecurity at most or all boardroom meetings.

PCI compliance: Compensating controls for increased security

With credit card data theft growing at an alarming rate and undermining consumer confidence, organizations are investing in their network security for PCI compliance - only to realize that being compliant does not mean they're protected against advanced cyberattacks.

The Internet of Things (IoT): Critical risks for all enterprises

A recent report by Forrester Research identified security as being the "top concern" for enterprise technology and business decision-makers for IoT*.

Is the password dead? Not just yet.

Mark Twain once said, "The report of my death was an exaggeration." Can the same be said for the password?

Point-of-sale reality check: Security mid-year health assessment review

This webcast will highlight key findings from our recently completed Point-of-Sale Security Mid-year Health Assessment, during which we surveyed POS security professionals about their security posture.

Understanding SSL/TLS best practices and application protection

Websites are under attack. In the last year, new vulnerabilities have been uncovered that allows malicious attackers to undermine security that organizations put in place to protect themselves and their end users sensitive information.

Security considerations for private vs. public clouds

The cloud movement presents a rare and momentous opportunity to revisit not only how we think about computing, but also how we think about information security.

Discovering advanced threats: What you cannot see can hurt you

On average, it took compromised organizations over 200 days to detect attackers once they had penetrated the network. How long would it take your organization?

OMG, my root password is in the cloud - and that's where it should be!

In the modern enterprise privileged users are no longer entirely inside the perimeter, nor is your infrastructure.

Moving beyond passwords with mobile

Digital Identity is the foundation for granting user access in today's connected enterprise. Dated authentication approaches fall short on both security effectiveness and user experience.

Practical security control mapping for financial services organizations

According to Accenture's 2015 Global Risk Management Study, financial services and banking executives view cyber & IT risk as their top risk area over the next two years.

Help protect your organization from visual hacking: Best practices

How serious is the risk of visual hacking in your organization? Consider who may be viewing, photographing and collecting sensitive information from your offices and electronic devices when staff is mobile.

Social Threat Intelligence (STI)

Social has changed many aspects of information security. Fascinatingly, enterprise has been slow to embrace community sourcing security intelligence.

File sharing and collaboration - Today's data leakage dilemma

Companies today are faced with the monumental challenge of establishing strong and persistent file protection to ensure sensitive corporate information remains protected. Until now, companies have relied on traditional security solutions to protect critical information.

Applying automation and analytics to threat visibility, verification and removal

External threat actors are using innovation and automation to stay ahead of traditional security defenses.

The untended security threat in every office that's hidden in plain view

Sometimes the most obvious problems go unnoticed because they're hidden in familiar places.

Distil Networks 2015 Bad Bot Report: 5 high-risk lessons

Distil Networks has produced their annual Bad Bot Report. It's the IT Security Industry's most in-depth analysis on the sources, types, and sophistication levels of last year's bot attacks-- and there are serious implications for anyone responsible for securing their web infrastructure.

Top 5 reasons to switch to better endpoint protection

Today's threats are becoming increasingly complex. Organizations can no longer rely on antivirus alone and must be on the lookout for innovative, next-generation endpoint protection solutions.

How Microsoft Office365, ServiceNow, AWS and other cloud services extend their security

The growing increase in adoption of Cloud and SaaS services, is taking place with the most intense threat landscape we've seen in generations.

Mid-market mayhem

You see it every day in the media, blog posts and industry marketing; "It isn't a question of if, but when." This defeatist attitude is settling over the industry like Death's own shawl.

Building a sophisticated endpoint defense strategy with full security lifecycle protection

Attackers are more sophisticated than they've ever been. They're targeting our intellectual property, sensitive customer information, user information and much more. The network is not the target—it's the endpoint where that data resides.

Internet security best practices from the Global 1000

The world of IT security is undergoing tremendous change. The unstoppable momentum of the Internet and cloud computing, the ubiquity of mobile devices and the emergence of Internet of things have together turned the IT security landscape upside down.

Cloud encryption—One shoe won't fit all

There is no question about the acceleration of data migrating to the cloud. But which cloud? All clouds: a mix of Infrastructure-, Platform- and Software-as-a-Service cloud models are being deployed by almost every organization.

Defeating the Pragmatic Adversary

Current assumptions are that today's adversaries move through the kill-chain step-by-step, using the most advanced tools, techniques, and tactics to carry out their objective.

Today's mobile security threats and tips to enable productivity without compromising data security

The threat landscape is evolving, and mobile threats are on the rise.

Key security insights for 2015

It's clear that cyber-crimes are alive and well on the global stage and will only continue to be pervasive as long as organizations prolong taking the necessary defense measures to stop threats from slipping through the cracks.

Insider threat: The emerging policy landscape & best practices

Retired Senior Executive,CIA - Insider Threat Detection, Larry Knutsen, will review the evolution of U.S. policy on insider threats and what they mean to your organization.

IBM security expert panel: Fighting today's advanced attacks with behavioral-based prevention

With security incidents becoming a weekly, if not daily, occurrence, organizations need proactive, preventative security measures to protect themselves and their customers. Hear from a diverse panel of IBM Security experts.

How to help remove the big risks from big data

Although the IBM z Systems platform is known for scalability and security, you still have to monitor who did what, when, why, where and how to ensure that information stays protected.

March madness: The elite 8 of security threats

70% of the stories reported during March Madness are linked to malware, not basketball.

How to extend threat protection to off-network employees

Many of the largest data breaches recently were initiated by attackers targeting the weakest links—remote sites, supplier networks, and mobile workers.

Surfacing high-impact cyber threats via security intelligence

The rapidly expanding supply chain supporting the cybercrime economy is empowering cyber criminals, cyber terrorists and even nation states in ways that put companies, critical infrastructure and governments at increased risk.

Cloud IAM is set to break the sound barrier

Cloud apps and mobile devices are screaming their way into the enterprise like jet fighters, bringing employees more access than ever - and more passwords as well.

Why developers need to think about security

Software developers are challenged with prioritizing between delivering code within aggressive timelines and incorporating security into the development lifecycle.

5 file transfer strategies to strengthen your organization's security and compliance

Security auditors make a living picking apart mid-to-large size organizations security practices. And there are a lot of reasons businesses need to pay more attention than ever.

Understanding SSL best practices

The Secure Socket Layer (SSL) protocol is under attack. In the last year, new vulnerabilities have been uncovered that allows malicious attackers to undermine security that organizations put in place to protect themselves and their end users sensitive information.

Cracking the confusion between encryption and tokenization

Today there are more options for securing enterprise data than ever before. Yet with so many approaches, choosing the best fit isn't always an easy decision.

The 7 deadly IT sins: Know them. Fear them. Fix them

Is your organization protected from the 7 Deadly IT Sins? These crucial security areas are often overlooked, creating weak spots that hackers love to exploit— putting your network and data at risk.

How Provident Bank transformed their information protection strategy

A single click by your end users can lead either to a data breach or to data protection. Which would your organization prefer?

The insiders: A rogue's gallery

If it were as easy as looking at the wanted posters on the wall of the post office, anyone could identify an insider, round up a posse, and head them off before they damage the organization.

Mobile security in action: How enterprises are getting ahead of threats

Mobile cyber threats are on the rise and getting more advanced. Enterprises want to bolster their security programs to protect against new, unknown mobile threats, but understanding these risks requires visibility.

Transforming government services by leveraging trusted digital identities

Government agencies have the opportunity to lower cost and improve both internal and Citizen-facing services by moving from static web-based information portals to leveraging the web as a service delivery platform.

Moving beyond proxies

Proxy deployments today have outlived their usefulness and practicality. They have joined a long list of legacy products, providing limited security functionality against today's advanced threats.

Uncovering the threat: Uniting network and endpoint security for unmatched threat defense

When network and endpoint security solutions team up, the result is a strengthened security posture and a solution that is impossible for attackers to compromise.

Exposing risky IT security - Best practices from the testing trenches

Enterprises are racing to shore up on-premises and cloud defenses to avoid being the next security headline. Spending on security technologies is at an all-time high, but how confident are you in vendor decisions and the security architecture you are implementing?

Planning for PCI compliance in the cloud

Virtualization changes everything. The agility and cost efficiencies enabled by virtualization and the cloud are beneficial, as long as you understand why virtualization requires different security.

Understanding web bots and how they hurt your organization

The internet is literally crawling with bots. Millions of them scour the farthest reaches of the internet every day, indexing content, testing connections, and making the web more useful overall.

The ying and the yang of cloud security: Detection & incident response

While the cloud has fundamentally changed the way we do business, it has left organizations feeling vulnerable to attacks. Enterprise security architectures are being extended to include data security for the cloud.

Disrupting the threat: Respond, contain and recover in seconds

As adversaries continue to innovate—designing attacks specifically tailored for your enterprise—being able to respond, contain and recover in a timely manner has never been harder.

Identity requirements for risk and compliance - what you need to know

Identity is a critical component of proving compliance. Whether complying with industry regulations or security best practices, your auditors need to know who has access to what servers and data as well as who exactly did what, where and when.

How to detect SQL Injection & XSS attacks with AlienVault USM

They may be the oldest tricks in the book, but SQL injection and cross-site scripting (XSS) attacks still put a hurt on thousands of web applications every year, impacting millions of users—your users and customers.

Closing the web app data security gap: Dynamic data masking for web applications

The rigidity of web application security controls has left the enterprise vulnerable to data breach.

Leveraging Next-Gen SIEM for security intelligence: A buyer's perspective

Chartered with securing both the PII of over 250,000 physicians and a vast amount of highly valued intellectual property amidst a rapidly evolving threat landscape, Paul Lynch, Director of Data Security and Networks at the American Board of Internal Medicine (ABIM), recognized the need to move beyond a traditional SIEM, and employ a more holistic approach to Security Intelligence.

Back to basics - Ensure both PCI compliance and tighter security

Every business that operates a cardholder environment to transact with its customers is required to maintain compliance to the PCI DSS international standard for security. Penalties for lack of compliance have become costly yet compliance does not equal security.

Five great reasons to embrace mobile in the enterprise

Mobile Devices has seen unprecedented growth since their introduction and now form an integral part of our daily lives. Yet, many Enterprises have not fully embraced mobile as part of their strategy because of too many unanswered questions.

Exploring the digital underworld: Botnets, zero day threats and phishing

Organizations continue to face the ongoing challenges of securing a continually evolving network perimeter. Organized crime has shifted to the digital underworld.

Privileged account exploits shift the front lines of cyber security

Cyber threat investigators discuss privileged account vulnerabilities found in most serious security breaches.

Application control is more than whitelisting-It's monitoring, visibility, protection & default deny

Application Control technology is more than just whitelisting. Organizations have found significant value via full visibility into server and desktop environments by continuously monitoring and observing application behavior.

Prepare for the breach: Detect, respond and disrupt at the moment of compromise

Many organizations over invest in network security solutions—relying on traditional antivirus to secure their endpoints.

Secure agile development: Why can't we all get along?

Security teams are sharply focused on bringing security to applications and meeting compliance requirements in the delivery of these applications and services.

Your data's gone mobile: Keep it secure

There now are more mobile devices on the planet than humans, and cyber criminals are targeting them at an increasing rate.

PHI is more valuable than credit cards: Time to get serious about data security!

News about data breaches in the healthcare sector continues unabated.

Guidance on migration to SHA-2

Google has advised that Chrome will gradually sunset SHA-1 cryptography, which is used in the signing process of SSL certificates.

The impact of endpoint data growth on corporate visibility & compliance

id you know that forty-six percent of IT knows or suspects employees are using their individual, non-IT approved cloud accounts to store corporate data?

Watering hole attacks: Detect end-user compromise before the damage is done

Attackers are becoming increasingly skilled at planting malicious code on websites frequented by their desired targets, commonly called "watering hole" attacks.

Sign up to our newsletters