Data Management: Data Protection & Privacy

Click for details

Die Datenschutz-Grundverordnung (DSGVO)

Was Sie wissen müssen, um Ihr Unternehmen vorzubereiten

Download…

Click for details

CISO's Investigate: User Behavior Analytics

Click for more details

Download…

Click for details

Definitive Guide to Security Intelligence and Analytics

Find and Stop Attacks Sooner to Prevent Data Breaches and Minimize Damage

Download…

Click for details

The General Data Protection Regulation (GDPR)

Get the facts and prepare your business

Download…

Click for details

Online financial services firm ensures business continuity while slashing IT workload

Click for more details

Download…

Click for details

Choosing the Right Public Cloud for better Data Protection

Click for more details

Download…

Click for details

Information Rights Management (IRM) - Datasheet

Click for more details

Download…

Click for details

Buyers Guide to Enterprise Collaboration Solutions

Click for more details

Download…

Click for details

The Cost of a Data Breach: Healthcare Settlements Involving Lost or Stolen Devices

Click for more details

Download…

Click for details

Understanding Ransomware and Strategies to Defeat it

Click for more details

Download…

Monitor Continuously. Respond Swiftly.

Every day last year, 2,803,036 data records were lost or stolen as a result of a data breach—and research indicates that the numbers are climbing at an alarming rate. Data breaches totaled 1,540 last year, up 46% from the previous year.1 Most security-conscious organizations are quickly coming to the realization that traditional set-and-forget endpoint solutions are illequipped to handle the daily barrage of zero-day and advanced targeted attacks (ATAs). Security teams need uninterrupted visibility into endpoint activity, rather than just alerts from security products after something has already gone wrong. Endpoint detection and response (EDR) is an indispensable supplement to current defenses. As Gartner points out, “Organizations investing in EDR tools are purposefully moving from an ‘incident response’ mentality to one of ‘continuous monitoring’ in search of incidents that they know are constantly occurring."

Download…

McAfee Labs Threats Report June 2016

Mobile operating systems support multiple communication methods between apps running on mobile devices. Unfortunately, these handy interapp communication mechanisms also make it possible to carry out harmful actions in a collaborative fashion. Two or more mobile apps, viewed independently, may not appear to be malicious. However, together they could become harmful by exchanging information with one another. Multiapp threats such as these were considered theoretical for some years, but McAfee Labs recently observed colluding code embedded in multiple applications in the wild. In this Key Topic, we provide a concise definition of mobile app collusion, explain how mobile app collusion attacks are manifested, and how businesses can protect themselves from such attacks.

Download…

Click for details

McAfee Labs Threat-Report

McAfee Labs ist eine der weltweit führenden Quellen für Bedrohungsforschung sowie -daten und ein Vordenker in Bezug auf Cyber-Sicherheit. Dank der Daten von Millionen Sensoren für alle wichtigen Bedrohungsvektoren (Dateien, Web, Nachrichten und Netzwerke) bietet McAfee Labs Echtzeit-Bedrohungsdaten, wichtige Analysen und Expertenwissen für besseren Schutz und Risikominimierung. McAfee ist jetzt ein Geschäftsbereich von Intel Security.

Download…

Click for details

Kontinuierliche Überwachung. Schnelle Reaktion.

Im vergangenen Jahr gingen jeden Tag 2.803.036 Datensätze aufgrund von Datenkompromittierungen oder Diebstahl verloren. Aktuelle Untersuchungen zeigen, dass diese Zahl weiterhin mit alarmierender Geschwindigkeit wächst. Allein die Gesamtzahl der Datenkompromittierungen lag 2015 bei 1.540 Fällen, was einem Anstieg von 46 Prozent im Vergleich zum Vorjahr entspricht.1 Deshalb wird den meisten sicherheitsbewussten Unternehmen schnell klar, dass die herkömmlichen Endgerätesicherheitslösungen, bei denen sie sich nach der Einrichtung um nichts kümmern müssen, für die Abwehr der täglichen Flut an Zero-Day- und hochentwickelten gezielten Angriffen unzureichend sind. Sicherheitsteams benötigen einen kontinuierlichen Überblick über alle Endgeräteaktivitäten und nicht nur Warnungen von Sicherheitsprodukten, nachdem ein Zwischenfall bereits eingetreten ist. Die Erkennungs- und Reaktionsmöglichkeiten für Endgeräte (EDR) sind daher eine unverzichtbare Unterstützung für Ihre vorhandenen Abwehrmaßnahmen. Laut Gartner „bewegen sich Unternehmen, die in EDRTools investieren, gezielt von einer Mentalität der 'Reaktion auf tatsächlich eingetretene Zwischenfälle' hin zu 'kontinuierlicher Überwachung', bei der nach Zwischenfällen gesucht wird, die bekanntermaßen ständig eintreten.“

Download…

Click for details

Sicherheit durch Einheit

Unternehmen sind gezwungen, effektive Schutzmaßnahmen gegen aktuelle und neue Bedrohungen zu implementieren. Dabei stehen sie vor zahlreichen Schwierigkeiten bei Sicherheit und Geschäftsabläufen. Zero-Day- sowie hochentwickelte gezielte Bedrohungen setzen Schaddaten ein, die noch nie zuvor beobachtet wurden. Polymorphe Malware-Bedrohungen stellen die Unternehmen vor ähnliche Probleme. Vorhandene herkömmliche und signaturbasierte Gegenmaßnahmen haben Schwierigkeiten, die Schaddaten hochentwickelter Malware zu erkennen.

Download…

Click for details

Email Continuity: Protecting your Business Against Email Downtime!

While a minute or two of email server downtime is not catastrophic, no organization can function effectively if downtime increases to hours or days.

Download…

Click for details

Bullet-proofing Office 365 with MAX Mail

Email is still the most common vector for cyber attacks. Having an extra layer of defense in place has never been more important.

Download…

Click for details

Protecting Business Critical Services – Email

Learn how an email management solution encompassing security, continuity, and archiving can optimize your email protection strategy.

Download…

Click for details

The Enemy Within: Insiders are still the weakest link in your data security chain

Learn the 5 steps that you need to take in order to foster a conscientious data security environment within your enterprise.

Download…

Click for details

Top 10 Data Security Tips to Safeguard Your Business

Hackers, or cybercriminals, are persistently on the lookout for data to steal. Download this whitepaper to learn more.

Download…

Click for details

Vendor Landscape: Security Information & Event Management (SIEM)

Select an appropriate SIEM solution based on vendor research; create an implementation roadmap; and define your SIEM architecture.

Download…

Click for details

Protective Monitoring and the UK Public Services Network (PSN)

Conducting business and delivering services online has delivered great benefits but there are associated risks that customers and the public are increasingly becoming aware of.

Download…

Click for details

Security intelligence: solving the puzzle for actionable insight

The extent of security incidents and breaches seen today is so high and so widespread that no organisation should be complacent.

Download…

Click for details

Financial Conduct Authority – Financial Crime: A guide for Firms

LogRhythm’s integrated architecture has been specifically designed to provide real-time continuous, automated monitoring for the detection and prevention of both security and fraudulent related activity.

Download…

Click for details

Sage Patch Advice Fact Sheet

Sage ERP X3 is a dedicated solution that lets businesses transform and perform through technology. However, it needs to be maintained and updated to deliver the most benefit – this can be a complex and time-consuming process. Sage Patch Advice is a new service for existing Sage ERP X3 customers that lets users apply the latest software patches easily and with confidence to let them gain the most benefit and advantage from their solution.

Download…

Click for details

Narrowing the Security Gap with Automated Configuration Assessment

As a security professional, you are on constant alert for external threats. But many breaches are caused internally by incorrect configuration of IT resources. According to HP, 80% of applications contain vulnerabilities caused by incorrect configuration. How do you find these and ensure that system settings stay correct? In this guide you will learn how Qualys Policy Compliance lets you automate IT configuration assessments for stronger security and compliance. Download the guide now to learn more about: • How incorrect configurations cause severe vulnerabilities • Best practices to help you find and enforce configuration policies • Benefits of automating configuration assessments • How to reduce risk from incorrect configuration of IT resources with an easy, automated solution to maintain correct settings

Download…

Click for details

Critical Security Controls: From Adoption to Implementation

The Critical Security Controls (CSCs), a well-known roadmap for enterprise information assurance published and maintained by the Center for Internet Security, is being widely adopted across financial and government sectors, according to the second SANS survey on CSC adoption. Download this report from SANS to find out why more and more organizations of various types consider the CSCs a reliable mechanism to reduce attack surfaces, increase visibility and improve protection and response.

Download…

Click for details

Continuous Monitoring

A New Approach to Proactively Protecting Your Global Perimeter

Download…

Click for details

Six Essential Elements of Web Application Security

When web applications are breached, enormous amounts of sensitive business data can be lost. According to Verizon’s 2014 Data Breach Investigations Report, web application attacks more than doubled in 2013 to become the #1 cause of security incidents. This whitepaper highlights the six key best practices that industry-leading organizations are using in their web application security efforts while reducing resource requirements and lowering the TCO.

Download…

Click for details

Best Practices for Selecting a Web Application Scanning (WAS) Solution

With attackers getting more sophisticated every day, manual methods of locating and testing web-based apps are no longer enough. The right Web Application Scanning (WAS) solution can help you systematically: discover web apps running in your network, determine whether or not they are vulnerable to attack, understand how to fix them, and protect your business while fixes are being implemented. With today’s automated, highly-accurate technology, you can now test all of your apps – in development, QA and production – whether you have a handful or many thousands. This checklist of best practices will save you time and help you understand what to look for when selecting a WAS solution.

Download…

Click for details

SANS Survey on Application Security Programs and Practices

Over the past five years, applications—particularly web applications—have been increasingly leveraged as a top vector of attack. With the trend toward mobile applications and cloud computing, SANS decided to conduct this rst SANS survey on application security to focus on understanding what works in application security (aka “appsec”) and why. We wanted to address the following specific questions: • What is driving organizations’ application security programs? • Where do organizations see the greatest risks? • Where are organizations focusing their application security resources? • What practices are most organizations following? • What tools and services do organizations rely on the most? • What are the specific challenges to organizations’ application security programs? • How mature are organizations’ programs? • How effective are organizations’ programs?

Download…

Click for details

Web Application Security For Dummies

Web application security may seem like a complex, daunting task. This book is a quick guide to understanding how to make your website secure. It surveys the best steps for establishing a regular program to quickly find vulnerabilities in your site with a web application scanner. You will learn: • Why web security matters • How to establish a web app security program • The benefits of automated scanning • How automation can ease finding and fixing web app vulnerabilities

Download…

Click for details

The Big Shift to Cloud-Based Security

How mid-sized and smaller organizations can manage their IT risks and meet regulatory compliance with minimal staff and budget.

Download…

Click for details

IT Policy Compliance For Dummies

This book is a quick guide to understanding IT policy compliance. It surveys the best steps for preparing your organization’s IT operations to comply with laws and regulations – and how to prove compliance to an auditor. In this book you will discover: • What IT policy compliance is all about • How laws and regulations govern compliance • Ten best practices • How automation can ease compliance and save money

Download…

Click for details

Analyse d’une infrastructure cybercriminelle

Proofpoint security researchers have published an analysis that exposes the inner workings of a cybercrime operation targeting online banking credentials for banks in the United States and Europe. This Proofpoint research report provides a detailed and rarely seen inside view of the infrastructure, tools and techniques that enabled this cybercrime group to infect over 500,000 PCs.

Download…

Click for details

Magic Quadrant for Secure Email Gateways

The secure email gateway market is fractured between providers of basic protection delivered by embedded functionality from incumbent email, firewall, or endpoint protection solutions; and vendors that focus on the state of the art in advanced attack and information protection.

Download…

Click for details

Surfacing Critical Cyber Threats Through Security Intelligence

The rapidly expanding supply chain supporting the cybercrime economy is empowering cyber criminals, cyber terrorists and even nation states in ways that put companies, critical infrastructure and governments at increased risk. The fate of an organization whose defenses have been compromised will be determined by the speed with which they can detect and respond to intruders. A mature security intelligence posture boosts an organization’s resiliency amidst these advanced threats. If intruders are detected early in their lifecycle, organizations can respond quickly and potentially avoid loss altogether. In this webinar, three cyber security veterans will discuss today’s rapidly evolving cyber threat landscape and LogRhythm’s new Security Intelligence Maturity Model™ (SIMM). They will explore how the SIMM provides organizations with a framework to plan for continuous reduction in their mean-time-to-detect (MTTD) and mean-time-to-respond (MTTR) to high-impact threats. Key themes to be covered include: • Emerging cyber threat vectors in 2015 • Security Intelligence and the critical role it plays in addressing high-impact threats • Using the SIMM to assess your current Security Intelligence Maturity • How to move from “greatly exposed” to “highly resilient” via End-to-End Threat Lifecycle Management

Download…

Click for details

The Cyber Threat Risk – Oversight Guidance for CEOs and Boards

The time has come for CEOs and Boards to take personal responsibility for improving their companies’ cyber security. Global payment systems, private customer data, critical control systems, and core intellectual property are all at risk today. As cyber criminals step up their game, government regulators get more involved, litigators and courts wade in deeper, and the public learns more about cyber risks, corporate leaders will have to step up accordingly.

Download…

Click for details

SANS “Top 20” Critical Controls for Effective Cyber Defense

In a rapidly evolving threat landscape, organizations must protect their entire IT environment against both external and internal attacks. Threats and risks arrive from many angles, requiring security professionals to use a wide variety of methods to defend against attacks. As a result, many organizations are now adopting the 20 Critical Security Controls developed by the SANS Institute. These controls help organizations prioritize the most effective methods and policies for safeguarding their assets, information and infrastructure.

Download…

Click for details

Retail Cyber Crime

Over the past few years, several retail organizations have been hit with high-profile data breaches that have left millions of customers’ credit card details and personal information exposed. Retailers will continue to be prime targets for motivated cyber criminals targeting sensitive and lucrative customer data, and must take steps to secure delicate information.

Download…

Click for details

The APT Lifecycle and its Log Trail

Advanced Persistent Threats, or APTs, are a growing concern in the security industry. APTs differentiate themselves from other types of hacking activities by targeting a specific organization for a specific target, often extremely high pay-off data.

Download…

Click for details

DDoS Defense for Financial Services Companies

Distributed denial of service (DDoS) attacks are increasingly becoming one of the most grievous security threats that any company with a significant online presence faces. In fact, four of the top five security threats today are DDoS related, with an average of 2,000–3,000 DDoS attacks per day on enterprises, financial institutions and governments.1 And the reality is that the severity, frequency and complexity of these attacks are on the rise, with no end in sight.

Download…

Click for details

DDoS Mitigation in a BYOD Architecture

The rapid consumer adoption of tablets, smartphones and other mobile devices creates a new challenge for corporate IT departments. This phenomenon is called “bring your own device” (BYOD).

Download…

Click for details

Protect Your Business

Purpose-Built DDoS Defense for eCommerce

Download…

Click for details

End-to-End DDoS Defense for Financial Services

Motivated by idealistic and monetary goals, well-organized hacker groups have set their sights on financial institutions and are attacking with a vengeance—armed with institutional intelligence and striking with unprecedented persistence. Because of this, every financial services company—whether a multi-million dollar bank or a local credit union—is now a potential target for distributed denial of service (DDoS) threats.

Download…

Click for details

Know and Secure the Enterprise

In today’s hyper-connected world, the financial performance and brand integrity of your company greatly depend on the operational performance and security of your network.

Download…

Click for details

DDoS Attacks in the Gaming Industry

Given its high-volume, high-transactional environment, the gaming industry must ensure 24/7 platform availability, 365 days a year. Any downtime has a significant financial and reputational impact. This makes gaming companies especially sensitive to DDoS attacks not only by hackers, but also by competitors and disgruntled clients.

Download…

Click for details

Securing Cloud-Based Communications

Use of the cloud for business-critical services continues to increase as corporate and government networks de-perimeterize. This whitepaper discusses key requirements for securing cloud-based communications.

Download…

Click for details

Protecting the Data Center

Find out how Mcafee protects you against, data theft, fraud, and operational and patch paralysis and allows the business continuity and full protection of data center applications whist maintaining high network performance.

Download…

Click for details

NSS Labs Corporate AV/EPP Comparative Analysis: McAfee Achieves Highest Score in Exploit Protection

NSS Labs provides overall exploit protection rates for 11 popular enterprise Endpoint Protection Products.

Download…

Click for details

Complexity Ate My Budget

What is becoming a significant, if not the main, operational problem today is the complexity of the data protection infrastructure…

Download…

Click for details

Meeting Business Data Protection Needs in a Mixed Physical/Virtual Environment

Virtualisation has without doubt enabled IT organizations to obtain maximum efficiency from their physical hardware, but virtualisation has also increased the complexity these organisations have to manage, and that includes data protection…

Download…

Click for details

What’s new in CA ARCserve Backup

CA ARCserve Backup r16.5 Update 3 adds the following new features to deliver more flexibility, better performance, and help ARCserve Backup customers optimize their data protection.

Download…

Click for details

CA Technologies Announces Unified Data Protection Solution

This IDC Flash discusses the arcserve Unified Data Protection (UDP) platform announced on May 7,2014, by the arcserve business unit of CA Technologies. A consolidated data protection platform,arcserve UDP comprises interesting recovery tiering features targeted at the midmarket and, now, managed service providers (MSPs) also.

Download…

Click for details

CA arcserve® Unified Data Protection

Fueled by data growth and technology advancement such as virtualization, current data protection architectures come up short in a number of operational areas and essentially perpetuate data protection islands or silos. Upon closer examination, there is also widespread user discontent leading to a re-examination of the current infrastructure: many data protection solutions are limited in scope and the multiplication of point solutions is creating complexity that has become very hard to manage for organizations whatever their size.

Download…

Click for details

The end of data protection as we know it? Defining a next generation architecture

My friends, the end is near. Good news/bad news: backup and data protection architectures as we know them are about to undergo a drastic set of changes in the next few years. The backup and recovery market is quickly morphing as end users weather a perfect storm hitting their infrastructure, affecting the efficiency of their operations.

Download…

Click for details

CA arcserve Unified Data Protection virtualization solution Brief

Server and desktop virtualization have become very pervasive in most organizations, and not just in the enterprise. Everybody agrees that server virtualization offers many advantages, saves money, offers more flexibility, etc. Although server virtualization helps reduce IT infrastructure costs, it also adds complexity to protecting the wide range of applications installed on the virtual machines and the ever-increasing volumes of data created on shared storage devices…But it can also help in disaster recovery scenarios and can offer some level of high availability.

Download…

Click for details

Unifying CA arcserve

In the ever-changing world of data protection, it has come down to a simple reality. Software vendors have to innovate to meet their customers and partners needs to stay in this market long term. They have to do so in a way that is robust and complete from a technology standpoint, but that’s not enough. They also have to do it in a way that enhances time to value for end-users, from interface design to the way the product is licensed and packaged.

Download…

Click for details

Introducing CA arcserve Unified Data Protection

CA arcserve UDP is based on a next generation unified architecture for both virtual and physical environments. Its unmatched breadth, ease of use, and Assured Recovery™ capabilities set it apart from other data protection solutions.

Download…

Click for details

Unified Data Protection Solution Brief

Fueled by data growth and technology advancements such as virtualization, current data protection architectures come up short in a number of areas and essentially perpetuate data protection islands or silos. Today’s IT is about the interdependence of its systems and applications in the context of service delivery. Understanding and proving that you can recover in a business-reasonable amount of time with a business-acceptable currency of data is crucial. Metrics such as Recovery Point Objective (RPO) and Recovery Time Objective (RTO) have become synonymous with business availability. Current architectures make overall poor use of their resources due to a lack of ability to measure, process inefficiencies, obsolete solutions with expensive licensing, or niche data protection solutions that only compound the problem by adding complexity on top of complexity. Until now.

Download…

Click for details

Discovering Vulnerable Web Applications

Vulnerabilities in web applications are a major vector for cybercrime. In large organizations, vulnerable web applications comprised 54% of all hacking breaches and led to 39% of compromised records, according to the 2012 Data Breach Investigation Report by Verizon Business.

Download…

Click for details

What Do You Mean – My Cloud Data Isn’t Secure

As today’s businesses transition more critical applications to the cloud, there is an implicit perception and expectation that the critical information is more secure in the cloud than it is on private systems. This shift in data management strategy has implications for IT managed service providers and their end user customers. The real state of data protection is actually quite different for both environments and depends upon a number of factors, some of which are discussed here.

Download…

Click for details

Managed security services

Managed Service Providers become better acquainted with their clients IT environments than arguably the clients themselves. Managed Services are a preventive model that relies on remotely monitoring systems around the clock to keep networks humming with minimal or no downtime. As a result, MSPs acquire an unmatched level of insight about their clients environments, and in so doing, they become better positioned than anyone to secure their clients networks.

Download…

Select a topic