Security Management Strategies for the CIO-
IPv6 myths: Debunking misconceptions regarding IPv6
Aggressive marketing has helped perpetuate a number of security-related IPv6 myths. Expert Fernando Gont helps separate myth from fact to ensure a secure IPv6 deployment.
-
Application log management: Application compliance
Expert Michael Cobb discusses how application audits and information and event management can save you time and energy with application security compliance.
-
Gov't cybersecurity: User-level tools mitigate risk
Taking on a new zero-trust model, many federal agencies are implementing insider threat controls at the user level.
-
IPSec VPN vs. SSL VPN: Comparing VPN security risks
When it comes to VPNs, which of the two most-used options -- IPSec or SSL -- presents the greater security threat? Expert Anand Sastry describes the pros and cons of each, as well as how to test yo...
-
Thwarting a hacktivist: Avoid sociopolitical attacks
Is your enterprise a significant hacktivist target? Learn how to determine whether your enterprise is more likely to be attacked.
-
How to detect content-type attacks
Malicious attackers have increasingly turned to exploiting vulnerabilities in client-side software. Learn how to detect and prevent these types of attacks in your environment.
-
Auditing virtualization: Security training
This chapter discusses auditing virtualized environments, and begins with an overview of common virtualization technologies and key controls.
-
IPv6 security issues: IPv6 transition mechanisms
Several IPv6 transition mechanisms have been created to ease the transition from IPv4, but Fernando Gont explains why they present IPv6 security concerns for enterprises.
-
Inside Web-based, social engineering attacks
Attackers have mixed a dangerous cocktail of social engineering, Web-based attacks and persistence. Lenny Zeltser explains how your organization can keep from drowning in malware.
-
Malvertisements: Malicious advertisement malware
Expert Michael Cobb explains why malvertisements are so hard to control and what enterprises can do to help mitigate the risk of malicious advertisement malware.
-
Cybersecurity insurance: Choosing an insurance policy
A cybersecurity insurance policy can help defray the costs of a data breach, should one occur, but is it worth the cost? Expert Ernie Hayden weighs in.
-
Assessing Internet Explorer 9 security: Safest browser?
Research shows Internet Explorer 9 security identifies as much as 99% of potential malware. So is IE9 now the safest browser out there? Michael Cobb answers that question in this expert tip.
-
Top 5 mobile data protection best practices
In this tip, we highlight five essential best practices for protecting business data stored on mobile devices and tablets, and identify readily available technologies that can be used to implement ...
-
SIM architecture options for data center security
To be successful in securing the virtual data center, security information management (SIM), a key element for effective data center security, must virtualize and become virtualization-aware. In th...
-
Security best practices for self-provisioned technology
Is your current enterprise security policy ready for mobile and cloud computing technology? Probably not, but it can be: Forrester's Chenxi Wang explains how.
-
UTM features: UTM device for layered defense?
Expert Mike Chapple explores what features a contemporary UTM device provides, and explains the factors that help determine UTM total cost of ownership.
-
Internal control checklist: Data protection, compliance
Expert Eric Holmquist details four key governance items that should be on every enterprise’s internal controls checklist to ensure corporate data protection.
-
Hacktivism: What companies can learn from HBGary
A few simple security best practices may have spared security company HBGary Federal from the recent attack by the hacktivist group Anonymous. Nick Lewis explains what happened and how to prevent s...
-
How to use the free eEye Retina scanner
In this screencast, learn how to use the free community edition of the eEye Retina scanner.
-
Botnet removal: Detect botnet infection and prevent re-
Though botnet mitigation tactics continue to mature, so do the botnets themselves. In this tip, expert Nick Lewis gives best practices for detecting and removing cutting edge botnets.
-
A smarter, programmatic approach to SOX compliance
After 11 years of Sarbanes-Oxley and other mandates, enterprises have finally embraced holistic compliance program management as a best practice.
-
Next-gen firewalls improve application awareness
Learn how next-gen firewalls offer improved application awareness and granularity to manage or block particular application features.
-
Choosing the right IT security framework
Expert Joe Granneman introduces several IT security frameworks and standards, and offers advice on choosing the right one for your organization.
-
Anyka - Fotolia
The role of sandboxing in advanced malware detection
Expert Brad Casey details how advanced malware detection products rely heavily on sandboxing technology, though it's not a cure all for enterprises.