Security Management Strategies for the CIO-
Essential enterprise mobile security controls
Learn about the mobile security controls you should consider when formulating an enterprise mobile security strategy.
-
Web application firewalls: Best option for security?
Mike Chapple on improving defense-in-depth security with Web application firewalls (WAFs) and a strong software development lifecycle (SDLC) process.
-
Fighting off zero-day attacks with anomaly monitoring
Expert Char Sample explains how anomaly-based monitoring may be a key step forward in uncovering zero-day vulnerabilities.
-
Big data for infosec: What’s the big deal?
Andrew Hutchison explains how big data benefits enterprise information security posture by merging the security and operational data landscape.
-
So if AV doesn't work, what's next?
Do any viable antivirus alternatives exist? Security expert Matt Pascucci offers an endpoint security strategy that looks beyond AV to fight malware.
-
Five key controls to prevent data exfiltration
Enterprises may be amazed to discover how valuable their data is to attackers. Learn five information security controls to prevent data exfiltration.
-
Secure Web gateways: New features that matter
Expert Michael Cobb reviews secure Web gateway appliance features that can better shield endpoints, plus SWG deployment options.
-
User account security best practices to thwart attacks
The recent CloudFlare hack showed how poor user account security and password recovery can be compromised. Learn how to avoid a similar incident.
-
How to accept mobile payments and stay PCI compliant
Merchant PCI compliance is hard enough, but now mobile payment processing adds a new wrinkle. Learn how P2P encryption can help you stay compliant.
-
Defending against the collateral damage of cyberwar
Surviving cyberwar is now a priority for enterprises, with more Stuxnet malware-style attacks sure to come. Expert Nick Lewis has a defensive primer.
-
Using the network to defend against Oracle TNS Listener
Expert Michael Cobb details the Oracle TNS Listener poison attack and tells how enterprises can use the network to defend vulnerable applications.
-
What’s new in enterprise IPS/IDS?
Haven’t shopped for an IDS/IPS in a while? Karen Scarfone details important recent innovations to IDS/IPS technologies.
-
Four techniques for social engineering pen tests
Social engineering penetration testing is now a must for enterprises. Learn about the four methods your pen tests should use.
-
The effects of Visa's PCI compliance policy change
Does Visa's PCI compliance policy change mean the end of the PCI assessment? Mike Chapple discusses what it means for security professionals.
-
Remote Desktop Protocol security best practices
What is RDP and why does it pose a security threat? Expert Matt Pascucci explains why it’s needed and how best to secure RDP it in the enterprise.
-
Comparing data anonymization techniques
Compare data anonymization techniques including encryption, substitution, shuffing, number and data variance and nulling out data.
-
After Flashback: How to evolve Mac enterprise security
Expert Nick Lewis discusses how Mac enterprise security must evolve to combat the rising Mac malware tide, spearheaded by the Flashback malware.
-
Taming IAM in the extended enterprise with Zero Trust
Cloud and distributed computing have caused many enterprise IAM challenges. Eve Maler details how Forrester's Zero Trust model can help.
-
Why CISOs must actively engage management on security
A CISO’s responsibilities must include convincing executives to take an active role in security governance. Expert Ernie Hayden explains how.
-
Choosing the right third-party incident response help
Expert Nick Lewis provides criteria for selecting outside incident response firms and how to define security incident response process needs early on.
-
A smarter, programmatic approach to SOX compliance
After 11 years of Sarbanes-Oxley and other mandates, enterprises have finally embraced holistic compliance program management as a best practice.
-
Next-gen firewalls improve application awareness
Learn how next-gen firewalls offer improved application awareness and granularity to manage or block particular application features.
-
Choosing the right IT security framework
Expert Joe Granneman introduces several IT security frameworks and standards, and offers advice on choosing the right one for your organization.
-
Anyka - Fotolia
The role of sandboxing in advanced malware detection
Expert Brad Casey details how advanced malware detection products rely heavily on sandboxing technology, though it's not a cure all for enterprises.