security and risk

Results 1 - 25 of 366Sort Results By: Published Date | Title | Company Name
Published By: Akamai Technologies     Published Date: Jun 14, 2018
"High-profile cyber attacks seem to occur almost daily in recent years. Clearly security threats are persistent and growing. While many organizations have adopted a defense-in-depth strategy — utilizing anti-virus protection, firewalls, intruder prevention systems, sandboxing, and secure web gateways — most IT departments still fail to explicitly protect the Domain Name System (DNS). This oversight leaves a massive gap in network defenses. But this infrastructure doesn’t have to be a vulnerability. Solutions that protect recursive DNS (rDNS) can serve as a simple and effective security control point for end users and devices on your network. Read this white paper to learn more about how rDNS is putting your enterprise at risk, why you need a security checkpoint at this infrastructural layer, how rDNS security solutio Read 5 Reasons Enterprises Need a New Access Model to learn about the fundamental changes enterprises need to make when providing access to their private applications.
Tags : 
rdns, dns, anti-virus, security, network defense
    
Akamai Technologies
Published By: Akamai Technologies     Published Date: Jun 14, 2018
"A zero trust security and access model is the solution: Every machine, user, and server should be untrusted until proven otherwise. But how do you achieve zero trust? Read this white paper authored by Akamai’s CTO, Charlie Gero, to learn how to transition to a perimeter-less world in an incredibly easy way, with steps including: • The zero trust method of proof • The vision behind Google BeyondCorpTM • Analysis of application access vs. network access • How to deploy user grouping methodology • Guidance for application rollout stages 1-8"
Tags : 
security, perimeter security, zero trust, cloud, enterprise security
    
Akamai Technologies
Published By: Tenable     Published Date: Aug 07, 2018
When it comes to IT infrastructure, it’s fair to say the perimeter has left the premises. Whether it’s discovering short-lived assets (e.g., containers), assessing cloud environments or maintaining web application security, today’s attack surface presents a growing challenge to CISOs looking to understand and reduce their cyber risk. To combat this issue, a discipline called Cyber Exposure is emerging to help organizations manage and measure this risk. This ebook provides insights on how CISOs are addressing the modern attack surface.
Tags : 
cyber exposure, iot, vulnerability management, cloud security, mobile security, container security
    
Tenable
Published By: Lookout     Published Date: Mar 28, 2018
The time has come for enterprise risk management to change. Mobile devices have become core to our personal and professional lives, yet most enterprises remain focused on traditional PC endpoints. Although many of the same elements of risk that affect PCs also apply to mobile endpoints, simply extending current PC security controls to your mobile feet is ineffective. Enterprise risk management needs to evolve to address mobile risks, and security professionals must architect mobile specifc security. To encourage this evolution, Lookout developed the Mobile Risk Matrix. Its purpose is to help security organizations understand the spectrum of risk on mobile devices and to provide data that demonstrates the prevalence of mobile risk.
Tags : 
    
Lookout
Published By: Lookout     Published Date: Mar 28, 2018
Mobile devices have rapidly become ground zero for a wide spectrum of risk that includes malicious targeted attacks on devices and network connections, a range of malware families, non-compliant apps that leak data, and vulnerabilities in device operating systems or apps. Read the four mobile security insights CISOs must know to prepare for a strategic conversation with the CEO and board about reducing mobile risks and the business value associated with fast remediation of mobile security incidents.
Tags : 
    
Lookout
Published By: Menlo Security     Published Date: Jun 05, 2018
"2017 was marked by a significant number of high-profile cyber breaches. Web malware and phishing played a critical role in the vast majority of these attacks. Watch this webinar to learn from two of the industry’s leading experts – Gartner Research Analyst Peter Firstbrook and Menlo Security CTO Kowsik Guruswamy: *Why web malware and phishing are so pervasive in today's cyber attacks *What the shortcomings of today’s reactive security philosophy are *Why the web continues to present a risk to businesses *How organizations rethink their security strategy moving forward"
Tags : 
    
Menlo Security
Published By: Menlo Security     Published Date: Jun 05, 2018
"Despite deploying multiple security layers to defend against cyberattacks, enterprises continue to be infected by web malware and have credentials stolen via phishing. Why is this? Here’s a 40 minute webinar featuring a representative of a leading insurance company - providing the customer perspective, along with John Pescatore, Director of Emerging Technologies at SANS Institute, and Kowsik Guruswamy, Menlo Security CTO, to answer this. Together, they discuss: * The shortcomings of today’s reactive security philosophy * Why the web continues to present a risk to businesses * The benefits of embracing Isolation * How organizations should rethink their security strategy moving forward"
Tags : 
    
Menlo Security
Published By: Ounce Labs, an IBM Company     Published Date: Jan 26, 2010
A range of application security tools was developed to support the efforts to secure the enterprise from the threat posed by insecure applications. But in the ever-changing landscape of application security, how does an organization choose the right set of tools to mitigate the risks their applications pose to their environment? Equally important, how, when, and by whom are these tools used most effectively?
Tags : 
owasp, ounce wagner, csrf, xss, cross-site scripting, sql, security management strategy, source code analysis, web application firewalls, web application scanner
    
Ounce Labs, an IBM Company
Published By: Cylance     Published Date: Jul 02, 2018
Forrester Consulting was commissioned to conduct a Total Economic Impact™ (TEI) study to examine the potential return on investment (ROI) enterprises may realize by deploying Cylance's advanced threat protection solution, CylancePROTECT®, and its deployment and configuration services, ThreatZero™. The study aims to provide readers with a framework to evaluate the potential financial impact of CylancePROTECT and ThreatZero on their organizations, which will improve customer success with advanced cybersecurity and antivirus protection solutions. To better understand the benefits, costs, and risks associated with an investment in Cylance, Forrester interviewed the Chief Information Security Officer for a Large State County Government, who has used the solutions for over a year. Cylance provides a new-generation, predictive, cybersecurity, and malware prevention solution that leverages artificial intelligence to prevent malware from executing on endpoints in real time. This is usually implemented with ThreatZero, which is a continuous professional service program rendered by Cylance for users of CylancePROTECT. ThreatZero guides through the planning, implementation, integration, and ongoing optimization of the solution. This often includes end user education, training, and support to totally eliminate endpoint threats and incidents. With CylancePROTECT and ThreatZero, the organization was able to reduce security breaches to almost zero, catching malware before it ever gained access to public records. Relative to their previous endpoint protection, this significantly reduced costs from remediation/reimaging and incidence response. Additionally, IT and security employees’ productivity were boosted. Read more in the full TEI report.
Tags : 
economic, cylance, roi, enterprises
    
Cylance
Published By: IBM     Published Date: Jul 17, 2018
Ensuring your data is compliant can be a fairly straightforward task. Your IT team works their way through the checklist, and stays out of trouble with lawyers and regulatory agencies. There’s value to that. But true data protection is more than regulatory compliance. In fact, even if you’re compliant, your organization could still be at risk unless you strategically identify and protect your most valuable data. Traditionally, you’ve been presented with IT security metrics—sometimes reassuring, other times alarming. But simply reviewing IT security metrics is not meaningful in and of itself. As an executive, you don’t evaluate issues in siloes. Instead, you excel at assessing issues in the broader context of your organizational operations. In other words, technical security data and metrics lack value unless viewed through the lens of business risk. When you’re presented with IT security metrics, your question is: What does this mean for my business? And ultimately, what data should I
Tags : 
    
IBM
Published By: Hewlett Packard Enterprise     Published Date: May 11, 2018
Security is a looming issue for businesses. The threat landscape is increasing, and attacks are becoming more sophisticated. Emerging technologies like IoT, mobility, and hybrid IT environments now open new business opportunity, but they also introduce new risk. Protecting servers at the software level is no longer enough. Businesses need to reach down into the physical system level to stay ahead of threats. With today’s increasing regulatory landscape, compliance is more critical for both increasing security and reducing the cost of compliance failures. With these pieces being so critical, it is important to bring new levels of hardware protection and drive security all the way down to the supply chain level. Hewlett Packard Enterprise (HPE) has a strategy to deliver this through its unique server firmware protection, detection, and recovery capabilities, as well as its HPE Security Assurance.
Tags : 
    
Hewlett Packard Enterprise
Published By: Hewlett Packard Enterprise     Published Date: Dec 13, 2016
Hybrid cloud drives innovation—but digital transformation introduces more potential threats and vulnerabilities. Build security in and address risks upfront with proven capabilities from HPE, a global authority in IT security.
Tags : 
    
Hewlett Packard Enterprise
Published By: Hewlett Packard Enterprise     Published Date: Aug 02, 2017
One of the few places that pervasive Wi-Fi is not found these days is in US Federal Government office buildings and military bases. Government IT departments explain this lack of modern technology by pointing to Information Assurance (IA) departments who block their planned deployments because of security concerns. IA departments, on the other hand, point to unclear rules, regulations, and policies around Wi-Fi use which prevent them from making informed risk decisions.
Tags : 
government it, modern technology, data security, risk reduction
    
Hewlett Packard Enterprise
Published By: Hewlett Packard Enterprise     Published Date: Oct 24, 2017
Security is a looming issue for organizations. The threat landscape is increasing, and attacks are becoming more sophisticated. Emerging technologies like IoT, mobility, and hybrid IT environments now open new organization opportunity, but they also introduce new risk. Protecting servers at the software level is no longer enough. Organizations need to reach down into the physical system level to stay ahead of threats. With today’s increasing regulatory landscape, compliance is more critical for both increasing security and reducing the cost of compliance failures. With these pieces being so critical, it is important to bring new levels of hardware protection and drive security all the way down to the supply chain level. Hewlett Packard Enterprise (HPE) has a strategy to deliver this through its unique server firmware protection, detection, and recovery capabilities, as well as its HPE Security Assurance.
Tags : 
cloud optimization, cloud efficiency, cloud management, cloud assurance, cloud visibility, enterprise management, data management
    
Hewlett Packard Enterprise
Published By: Hewlett Packard Enterprise     Published Date: Mar 31, 2016
MIT Technology Review Survey: Executive Summary Are you prepared for the next breach? Only 6% of leaders say yes. Information security—or, the lack of it—is firmly on the radar for business and IT leaders in organizations of all sizes and in every sector. Many fear that their companies are ill-prepared to prevent, detect, and effectively respond to various types of cyberattacks, and a shortage of in-house security expertise remains of widespread concern. Those are among the initial findings of the Cybersecurity Challenges, Risks, Trends, and Impacts Survey, conducted by MIT Technology Review of approx. 225 business and IT executives, in partnership with Hewlett Packard Enterprise Security Services and FireEye Inc.
Tags : 
    
Hewlett Packard  Enterprise
Published By: Oracle CX     Published Date: Oct 19, 2017
Business Enterprises today need to become more agile, meet new and increasing workload and security requirements, while reducing overall IT cost and risk. To meet these requirements many companies are turning to cloud computing. To remain competitive companies need to formulate a strategy that can easily move them from traditional on-premises IT to private or public clouds. A complete cloud strategy will likely include both private and public clouds because some applications and data might not be able to move to a public cloud. Moving to the cloud should not create information silos but should improve data sharing. Any cloud strategy should make sure that it is possible to integrate on-premises, private cloud and public cloud data and applications. Furthermore, any on-premises cloud deployments must be able to easily migrate to public cloud in the future
Tags : 
    
Oracle CX
Published By: Oracle CX     Published Date: Oct 19, 2017
Business Enterprises today need to become more agile, meet new and increasing workload and security requirements, while reducing overall IT cost and risk. To meet these requirements many companies are turning to cloud computing. To remain competitive companies need to formulate a strategy that can easily move them from traditional on-premises IT to private or public clouds. A complete cloud strategy will likely include both private and public clouds because some applications and data might not be able to move to a public cloud. Moving to the cloud should not create information silos but should improve data sharing. Any cloud strategy should make sure that it is possible to integrate on-premises, private cloud and public cloud data and applications. Furthermore, any on-premises cloud deployments must be able to easily migrate to public cloud in the future.
Tags : 
    
Oracle CX
Published By: Oracle CX     Published Date: Oct 20, 2017
This whitepaper explores the new SPARC S7 server features and then compares this offering to a similar x86 offering. The key characteristics of the SPARC S7 to be highlighted are: ? Designed for scale-out and cloud infrastructures ? SPARC S7 processor with greater core performance than the latest Intel Xeon E5 processor ? Software in Silicon which offers hardware-based features such as data acceleration and security The SPARC S7 is then compared to a similar x86 solution from three different perspectives, namely performance, risk and cost. Performance matters as business markets are driving IT to provide an environment that: ? Continuously provides real-time results. ? Processes more complex workload stacks. ? Optimizes usage of per-core software licenses. Risk matters today and into the foreseeable future, as challenges to secure systems and data are becoming more frequent and invasive from within and from outside. Oracle SPARC systems approach risk management from multiple perspectiv
Tags : 
    
Oracle CX
Published By: Oracle CX     Published Date: Oct 20, 2017
Security has become top of mind for CIOs, and CEOs. Encryption at rest is a piece of the solution, but not a big piece. Encryption over the network is another piece, but only a small piece. These and other pieces do not fit together well; they need to unencrypt and reencrypt the data when they move through the layers, leaving clear versions that create complex operational issues to monitor and detect intrusion. Larger-scale high-value applications requiring high security often use Oracle middleware, including Java and Oracle database. Traditional security models give the data to the processors to encrypt and unencrypt, often many times. The overhead is large, and as a result encryption is used sparingly on only a few applications. The risk to enterprises is that they may have created an illusion of security, which in reality is ripe for exploitation. The modern best-practice security model is an end-to-end encryption architecture. The application deploys application-led encryption s
Tags : 
    
Oracle CX
Published By: Gigamon     Published Date: Oct 25, 2017
Read Gartner’s research note, Top 10 Strategic Technology Trends for 2017: Adaptive Security Architecture, to improve visibility and control over your organization’s exposure to risk with a continuous, contextual and coordinated approach to security. Comprehensive protection now requires an adaptive process to predict, prevent, detect and respond to security breaches that includes DevSecOps, IoT Security, and Intelligent Security. This note walks you through key planning assumptions, analysis, best practices and specific recommendations.
Tags : 
    
Gigamon
Published By: Dome9     Published Date: Apr 25, 2018
The term “Cloud First” was initially popularized by Vivek Kundra, who formerly held the post of White House CIO and launched this strategy for U.S. federal government IT modernization at the Cloud Security Alliance Summit 2011. The underlying philosophy of the cloud-first strategy is that organizations must initially evaluate the suitability of cloud computing to address emergent business requirements before other alternatives are considered. This paper offers guidance to help organizations establish a systematic and repeatable process for implementing a cloud-first strategy. It offers a high-level framework for identifying the right stakeholders and engaging with them at the right time to reduce the risk, liabilities, and inefficiencies that organizations can experience as a result of adhoc cloud decisions. The goal of this guidance is to help ensure that any new cloud program is secure, compliant, efficient, and successfully implements the organization’s key business initiatives.
Tags : 
    
Dome9
Published By: Dome9     Published Date: Apr 25, 2018
At an unprecedented pace, cloud computing has simultaneously transformed business and government, and created new security challenges. The development of the cloud service model delivers business-supporting technology more efficiently than ever before. The shift from server to service-based thinking is transforming the way technology departments think about, design, and deliver computing technology and applications. Yet these advances have created new security vulnerabilities as well as amplify existing vulnerabilities, including security issues whose full impact are finally being understood. Among the most significant security risks associated with cloud computing is the tendency to bypass information technology (IT) departments and information officers. Although shifting to cloud technologies exclusively may provide cost and efficiency gains, doing so requires that business-level security policies, processes, and best practices are taken into account. In the absence of these standard
Tags : 
    
Dome9
Published By: Dome9     Published Date: Apr 25, 2018
It is no secret; security and compliance are at the top of the list of concerns tied to cloud adoption. According to a recent 2017 Cloud Security survey to over 350,000 members of the LinkedIn Information Security Community, IT pros have general concerns about security in the cloud (33 percent), in addition to data loss and leakage risks (26 percent) and legal and regulatory compliance (24 percent)1. The number of reported breaches in enterprise datacenter environments still far exceeds the reported exposure from cloud platforms, but as businesses start using public clouds to run their mission-critical workloads, the need for enterprise-grade security in the cloud will increase. Public cloud environments require a centralized, consolidated platform for security that is built from the ground up for the cloud, and allows administrators to monitor and actively enforce security policies. The tools and techniques that worked to secure datacenter environments fail miserably in the cloud. Se
Tags : 
    
Dome9
Published By: Dell     Published Date: Aug 11, 2015
As organizations prepare for the 2015 budget cycle, security and risk (S&R) professionals should use this annual report to help benchmark their organization’s spending patterns against those of their peers — while keeping an eye on current trends affecting endpoint security — in order to strategize their endpoint security adoption decisions. Read this report for more information.
Tags : 
    
Dell
Published By: CA Technologies     Published Date: Jan 09, 2015
This paper focuses on the Insider threat to security and the controls available to reduce risk and enable information sharing within an organization.
Tags : 
insider threats to security, reducing risk of insider threats, enabling safe data sharing, ca security
    
CA Technologies
Start   Previous   1 2 3 4 5 6 7 8 9 10 11 12 13 14 15    Next    End
Search      

Add Research

Get your company's research in the hands of targeted business professionals.