IT Security: Cybercrime

Click for details

The Changing Landscape of Cybersecurity Analytics and Operations

Cyber-adversaries often employ sophisticated attack tactics, techniques, and procedures (TTPs) in order to avoid detection. In many cases, multi-stage attacks simply blend into benign IT activities. This forces organizations to constantly upgrade security analytics and operations tools, skills and processes to stay a few steps ahead of the hackers.

This infographic explores the changing landscape of cybersecurity analytics and operations.

Download…

Click for details

National Bank Minimizes Security Risk and Supports New Business with McAfee Security Solutions

As cyberattacks become more frequent and security threats become more evasive, pernicious, and costly, organizations must take ever more powerful countermeasures. A U.S. bank that serves a growing clientele of companies and other business customers recognized the threat posed to its competitive position by security-related incidents. To ensure business continuity and prevent financial and reputational loss that could result from a successful attack, the bank has deployed the McAfee suite of security products from Intel Security Group.

This whitepaper discusses maintaining a robust security environment that ensures business continuity as a top IT and business priority.

Download…

Click for details

Cyber-Risk & Resilience

Commercial enterprises have a vested interest to protect the value of veracity and maintain consensus around truth. Yet, far from abating, most people in mature economies will consume more fake news than truth through to 2022, according to research by technology consultancy Gartner. This whitepaper includes various articles discussing security and cybercrime.

Download…

Click for details

2017 Annual Threat Report

Click for more details

Download…

Click for details

Récapitulatif des Menaces

Click for more details

Download…

Click for details

Un imposteur dans votre messagerie

Click for more details

Download…

Click for details

Why Layered Security is Important

Click for more details

Download…

Click for details

How to protect your business from Ransomware

Take these proactive steps to keep your company's files from being held hostage

Download…

Protecting Against Imposter Email Threats

Click for more details

Download…

Click for details

Securing Microsoft Office 365

Cloud is now a part of mainstream enterprise IT strategy. The benefits – flexibility, cost savings, rapid innovation and productivity gains – are simply too great to ignore. But security is rightly front of mind for senior IT decision-makers in making this shift. The cloud brings challenges in opening up new vectors of attack and potentially putting confidential and valuable corporate data and assets at risk. Nowhere is this more critical than with transition to the cloud of one of the most popular productivity suites – Microsoft Office 365.

Download…

Click for details

Is Microsoft Office 365 Secure?

The world is moving to Office 365. Don't leave security, compliance, and control up in the air.

Download…

Click for details

H-E-B Customer Story

To meet the challenge of distributed work places, retail outlets, and grocery stores and other diverse core competencies, HEB Grocery Store, LP (styled H-E-B) engaged Office 365 Enterprise as a hybrid solution to service employees in multiple states in diverse functions. Several stores include multi-tenant operations through third-party lease arrangements, including bank operations, cellular kiosks, and other national chains. H-E-B chose Microsoft Office 365 for its strengths as a collaboration platform,

Download…

Click for details

Making the Business Case for Office 365

The current iteration of Office 365 represents Microsoft’s 15-year-plus history of remotely hosted offerings that began in the late 1990s with hosted delivery of Microsoft Exchange through a variety of business partners. So, can a business case be made for deploying Microsoft Office 365? Absolutely yes, and man organizations agree, as shown in the following figure that shows the projected growth of Office 365 over the next two years.

Download…

Click for details

Vendor Landscape: Security Information & Event Management (SIEM)

Select an appropriate SIEM solution based on vendor research; create an implementation roadmap; and define your SIEM architecture.

Download…

Click for details

Protective Monitoring and the UK Public Services Network (PSN)

Conducting business and delivering services online has delivered great benefits but there are associated risks that customers and the public are increasingly becoming aware of.

Download…

Click for details

Security intelligence: solving the puzzle for actionable insight

The extent of security incidents and breaches seen today is so high and so widespread that no organisation should be complacent.

Download…

Click for details

Financial Conduct Authority – Financial Crime: A guide for Firms

LogRhythm’s integrated architecture has been specifically designed to provide real-time continuous, automated monitoring for the detection and prevention of both security and fraudulent related activity.

Download…

Click for details

Narrowing the Security Gap with Automated Configuration Assessment

As a security professional, you are on constant alert for external threats. But many breaches are caused internally by incorrect configuration of IT resources. According to HP, 80% of applications contain vulnerabilities caused by incorrect configuration. How do you find these and ensure that system settings stay correct? In this guide you will learn how Qualys Policy Compliance lets you automate IT configuration assessments for stronger security and compliance. Download the guide now to learn more about: • How incorrect configurations cause severe vulnerabilities • Best practices to help you find and enforce configuration policies • Benefits of automating configuration assessments • How to reduce risk from incorrect configuration of IT resources with an easy, automated solution to maintain correct settings

Download…

Click for details

Critical Security Controls: From Adoption to Implementation

The Critical Security Controls (CSCs), a well-known roadmap for enterprise information assurance published and maintained by the Center for Internet Security, is being widely adopted across financial and government sectors, according to the second SANS survey on CSC adoption. Download this report from SANS to find out why more and more organizations of various types consider the CSCs a reliable mechanism to reduce attack surfaces, increase visibility and improve protection and response.

Download…

Click for details

Continuous Monitoring

A New Approach to Proactively Protecting Your Global Perimeter

Download…

Click for details

Six Essential Elements of Web Application Security

When web applications are breached, enormous amounts of sensitive business data can be lost. According to Verizon’s 2014 Data Breach Investigations Report, web application attacks more than doubled in 2013 to become the #1 cause of security incidents. This whitepaper highlights the six key best practices that industry-leading organizations are using in their web application security efforts while reducing resource requirements and lowering the TCO.

Download…

Click for details

Best Practices for Selecting a Web Application Scanning (WAS) Solution

With attackers getting more sophisticated every day, manual methods of locating and testing web-based apps are no longer enough. The right Web Application Scanning (WAS) solution can help you systematically: discover web apps running in your network, determine whether or not they are vulnerable to attack, understand how to fix them, and protect your business while fixes are being implemented. With today’s automated, highly-accurate technology, you can now test all of your apps – in development, QA and production – whether you have a handful or many thousands. This checklist of best practices will save you time and help you understand what to look for when selecting a WAS solution.

Download…

Click for details

SANS Survey on Application Security Programs and Practices

Over the past five years, applications—particularly web applications—have been increasingly leveraged as a top vector of attack. With the trend toward mobile applications and cloud computing, SANS decided to conduct this rst SANS survey on application security to focus on understanding what works in application security (aka “appsec”) and why. We wanted to address the following specific questions: • What is driving organizations’ application security programs? • Where do organizations see the greatest risks? • Where are organizations focusing their application security resources? • What practices are most organizations following? • What tools and services do organizations rely on the most? • What are the specific challenges to organizations’ application security programs? • How mature are organizations’ programs? • How effective are organizations’ programs?

Download…

Click for details

Web Application Security For Dummies

Web application security may seem like a complex, daunting task. This book is a quick guide to understanding how to make your website secure. It surveys the best steps for establishing a regular program to quickly find vulnerabilities in your site with a web application scanner. You will learn: • Why web security matters • How to establish a web app security program • The benefits of automated scanning • How automation can ease finding and fixing web app vulnerabilities

Download…

Click for details

The Big Shift to Cloud-Based Security

How mid-sized and smaller organizations can manage their IT risks and meet regulatory compliance with minimal staff and budget.

Download…

Click for details

IT Policy Compliance For Dummies

This book is a quick guide to understanding IT policy compliance. It surveys the best steps for preparing your organization’s IT operations to comply with laws and regulations – and how to prove compliance to an auditor. In this book you will discover: • What IT policy compliance is all about • How laws and regulations govern compliance • Ten best practices • How automation can ease compliance and save money

Download…

Click for details

Surfacing Critical Cyber Threats Through Security Intelligence

The rapidly expanding supply chain supporting the cybercrime economy is empowering cyber criminals, cyber terrorists and even nation states in ways that put companies, critical infrastructure and governments at increased risk. The fate of an organization whose defenses have been compromised will be determined by the speed with which they can detect and respond to intruders. A mature security intelligence posture boosts an organization’s resiliency amidst these advanced threats. If intruders are detected early in their lifecycle, organizations can respond quickly and potentially avoid loss altogether. In this webinar, three cyber security veterans will discuss today’s rapidly evolving cyber threat landscape and LogRhythm’s new Security Intelligence Maturity Model™ (SIMM). They will explore how the SIMM provides organizations with a framework to plan for continuous reduction in their mean-time-to-detect (MTTD) and mean-time-to-respond (MTTR) to high-impact threats. Key themes to be covered include: • Emerging cyber threat vectors in 2015 • Security Intelligence and the critical role it plays in addressing high-impact threats • Using the SIMM to assess your current Security Intelligence Maturity • How to move from “greatly exposed” to “highly resilient” via End-to-End Threat Lifecycle Management

Download…

Click for details

The Cyber Threat Risk – Oversight Guidance for CEOs and Boards

The time has come for CEOs and Boards to take personal responsibility for improving their companies’ cyber security. Global payment systems, private customer data, critical control systems, and core intellectual property are all at risk today. As cyber criminals step up their game, government regulators get more involved, litigators and courts wade in deeper, and the public learns more about cyber risks, corporate leaders will have to step up accordingly.

Download…

Click for details

SANS “Top 20” Critical Controls for Effective Cyber Defense

In a rapidly evolving threat landscape, organizations must protect their entire IT environment against both external and internal attacks. Threats and risks arrive from many angles, requiring security professionals to use a wide variety of methods to defend against attacks. As a result, many organizations are now adopting the 20 Critical Security Controls developed by the SANS Institute. These controls help organizations prioritize the most effective methods and policies for safeguarding their assets, information and infrastructure.

Download…

Click for details

Retail Cyber Crime

Over the past few years, several retail organizations have been hit with high-profile data breaches that have left millions of customers’ credit card details and personal information exposed. Retailers will continue to be prime targets for motivated cyber criminals targeting sensitive and lucrative customer data, and must take steps to secure delicate information.

Download…

Click for details

The APT Lifecycle and its Log Trail

Advanced Persistent Threats, or APTs, are a growing concern in the security industry. APTs differentiate themselves from other types of hacking activities by targeting a specific organization for a specific target, often extremely high pay-off data.

Download…

Click for details

DDoS Attacks in the Gaming Industry

Given its high-volume, high-transactional environment, the gaming industry must ensure 24/7 platform availability, 365 days a year. Any downtime has a significant financial and reputational impact. This makes gaming companies especially sensitive to DDoS attacks not only by hackers, but also by competitors and disgruntled clients.

Download…

Click for details

Cybercriminals Use What Works: Targeted Attack Methodologies for Cybercrime

This research paper will give details on some of the reasons why cybercriminals are adopting targeted attack methodologies by delving into a few case studies that show how they are doing so.

Download…

Click for details

Cybersecurity's Maginot Line: A Real-World Assessment of the Defense-in-Depth Model

It doesn’t matter what types of firewall, intrusion prevention system (IPS), Web gateway, sandbox and endpoint systems make up organizations’ Maginot Line; attackers are circumventing them all.

Download…

Click for details

Definitive Guide to Next-Generation Threat Protection

As I’ve met with national leaders and customers around the world, I’ve found that there’s a great divide between the level of security they need for their networks and the level of security available to them using traditional security tools.

Download…

Click for details

APT28: A Window into Russia’s Cyber Espionage Operations?

Our clients often ask us to assess the threat Russia poses in cyberspace. Russia has long been a whispered frontrunner among capable nations for performing sophisticated network operations.

Download…

Click for details

Optimizing Security Management with McAfee ePolicy Orchestrator

Chief information officers (CIOs) at enterprises worldwide are facing a major struggle today: how to balance competing priorities from business units and IT. They have been mandated to protect the enterprise from every angle and maintain compliance while supporting business momentum and reducing costs. To compete in today’s economy and minimize compliance pressures and the risk of security threats, more and more CIOs are taking a good, hard look at optimizing security with a centralized integrated management system based on an open architecture. A centrally managed approach to security makes the enterprise security infrastructure more agile, effective, and proactive. It enables businesses to make security teams more efficient, which drives down the costs of managing security across the infrastructure.

Download…

Click for details

Counter Stealthy Attacks

The most menacing type of cyberattack is invisible. The risk to enterprises is real as evidenced by recent high-profile attacks. Organisations need layered security controls that work together to detect the presence and actions of stealthy malware and attackers.

Download…

Click for details

SANS Survey on Application Security Programs and Practices

Web applications have recently emerged as a top cybercriminal attack vector, and organizations that don’t take a proactive approach to app security may be setting themselves up for disaster. More than one-third of organizations still don’t have an application security program in place – what can you do to make sure you’re protected? Consult this informative survey today to discover your peers’ proven practices for app security success, and learn what you can do to stay protected – read on to get started.

Download…

Click for details

Discovering Vulnerable Web Applications

Vulnerabilities in web applications are a major vector for cybercrime. In large organizations, vulnerable web applications comprised 54% of all hacking breaches and led to 39% of compromised records, according to the 2012 Data Breach Investigation Report by Verizon Business.

Download…

Click for details

Keep your PCs safe while surfing the Web

The Web has become a hub of information and productivity, making the web browser one of the most-used applications. This has drawn the attention of cyber criminals—making it a potential Achilles heel for security.

Download…

Click for details

Automating the SANS 20 Critical Security Controls with QualysGuard

The SANS 20 Critical Security Controls are known for driving effective security programs across government agencies, establishing guidelines for security professionals to ensure the confidentiality, integrity and availability of information technology assets.

Download…

Click for details

Know Your Endpoints

Audit tools provide visibility and help protect endpoints, file shares and user accounts.

Download…

Select a topic