Security Management Strategies for the CIO-
The evolution of threat detection and management
Enterprises must understand the latest threat detection options to keep up with advanced cybercriminals who can bypass enterprise security defenses.
-
Choosing among antimalware tools: Final considerations
Mike Rothman discusses important last-minute considerations when choosing among antimalware products from finalist antimalware vendors.
-
Selecting antimalware products: Key vendor questions
Mike Rothman offers 10 critical questions to ask antimalware vendors when seeking out the best antimalware products for enterprise use.
-
Choosing the best antimalware: Technical considerations
Mike Rothman discusses the evolution of malware and how today's antimalware products should handle detection and remediation.
-
Antimalware software: Business benefits and drawbacks
Mike Rothman discusses how antimalware software has evolved to develop various business and technology issues, but also still holds many benefits.
-
Red October deconstructed: What enterprises can learn
Expert Nick Lewis details the recently uncovered Red October malware campaign, plus the new and existing controls needed to thwart cyberespionage.
-
How to retain good infosec employees
Expert Ernie Hayden offers employee retention strategies. Learn how to keep good enterprise infosec staff for the long haul.
-
How CISOs can fill security positions
Expert Ernie Hayden advises CISOs on best practices for filling security positions within the enterprise when faced with a lack of talent.
-
Defining the benefits of a securely configured VLAN
Expert Brad Casey explains how to configure a VLAN in order to achieve the benefits of VLAN security, including protection against insider attacks.
-
Is security an issue for the Ruby on Rails framework?
The recent Ruby on Rails security vulnerabilities can be patched. Expert Michael Cobb discusses the fallout and offers help with remediation planning.
-
How to thwart privilege creep with access reviews
Most enterprises suffer from privilege creep among long-time employees. Peter Gregory explains how to limit user privileges with access reviews and automation.
-
NoSQL security vs. RDBMS security
With NoSQL databases increasingly being used to tackle big data challenges, expert Michael Cobb examines NoSQL security in comparison to RDBMS.
-
DLP management tools and reporting: Key considerations
When it comes to DLP management tools, installation and maintenance of a single centralized management console to house all rules and alerts are key.
-
How DLP encryption, integration strengthen security
Encryption and DLP integration can be used to enhance and strengthen security policies for sensitive data, and for blocking and enforcement actions.
-
Using DLP tools for data leakage alerting
When evaluating DLP tools, it's important to determine data leakage alerting and preventive action needs for potential violations and blocking.
-
DLP tools: Defining policies to monitor data
DLP monitoring policies help define what data to evaluate, how data monitoring processes should occur, and what enforcement and alerting actions to take.
-
Discovery and data fingerprinting key in DLP products
Effective DLP products must be able to handle data discovery to identify and monitor sensitive data. Learn why these features matter.
-
Complying with the new HIPAA omnibus rule
The new HIPAA omnibus rule begins a new chapter in HIPAA compliance. Learn how the changes will affect IT security pros and how to comply.
-
UPnP protocol: A security issue for enterprises?
Is UPnP secure enough for enterprise use? Network security expert Brad Casey assesses UPnP security risks and offers advice for mitigating the threat.
-
Why CISOs must adopt a new mentality to protect data
By adopting the assumption-of-breach security model, CISOs and security pros can better protect critical data. Expert Ernie Hayden explains.
-
Exploit toolkits explained: How they aid cyberattacks
Expert Nick Lewis details how automated exploit kits are evolving and offers mitigations for the latest methods employed by these attack toolkits.
-
How to prevent the top five most common Web app flaws
Expert Michael Cobb details the five most common Web application vulnerabilities and provides methods to help enterprises to secure them.
-
SIEM best practices for advanced attack detection
SIEM struggles are common, but Mike Rothman explains why SIEM products are critical for advanced attack detection, and offers a SIEM tuning step-by-step.
-
Reducing compliance risk through compliance automation
Tony UcedaVelez offers tips for automating compliance tasks to reduce IT security and compliance risk while easing the pain of arduous compliance audits.