critical controls

Results 1 - 25 of 32Sort Results By: Published Date | Title | Company Name
By: Tenable     Published Date: Jan 25, 2019
"This whitepaper from the SANS Institute focuses on the growing use and benefits derived from information technology (IT) and operational technology (OT) convergence which includes more effective management and operation of contemporary control systems. IT/OT convergence carries unique challenges that make managing and securing an industrial control system (ICS) more difficult. This is due to greater technical complexity, expanded risks and new threats to more than just business operations. This paper explores the issues that arise with the blending of IT and OT into combined cyber-physical systems where risks must be identifed and managed. Download this report to get answers to these questions: -Why are digital asset inventories critical for IT/OT security risk management? -How does knowledge about risks and vulnerabilities to IT/OT systems lead to better risk management? -Can applying even a few of Center for Internet Security (CIS) Controls make a marked difference in the securit
Tags : 
     Tenable
By: Fortinet EMEA     Published Date: Nov 26, 2018
Endpoint devices continue to be one of the favorite targets for cyberattacks. A successfully compromised laptop provides a foothold for a threat to move laterally and infect other endpoints within the organization. To address this critical vulnerability, security leaders must integrate endpoint security into their broader network security architecture. A deep connection between endpoint and network security offers key improvements to holistic enterprise protection. It provides risk-based visibility of all endpoint devices, establishes policy-based access controls, enables real-time threat intelligence sharing, and automates security responses and workflows for effective and efficient protection that conserves time and money.
Tags : 
     Fortinet EMEA
By: BlackLine     Published Date: Aug 06, 2018
When did reconciliations become a living nightmare? Demanding deadlines. Strict requirements for review and supporting documentation. Endless piles of reconciliations to approve?that were due yesterday. Reconciliations are one of the most labor-intensive, yet critical controls processes within any organisation. Even the smallest mistake can compromise the integrity of your balance sheet and create discrepancies in your financial close. There is a simpler way to perform your reconciliation process that allows you to focus on analysis, risk mitigation, and exception handling. Join us for this webinar to find out what this is. You will learn how to: Automate daily reconciliations for continuous control and validation Gain better visibility into the quality, accuracy, and timeliness of a reconciliation Develop a seamless and streamlined workflow for preparation, approval, and review
Tags : 
     BlackLine
By: CA Technologies     Published Date: Jun 01, 2018
Challenge Businesses today must reduce the risk of security breaches to protect the valuable data within their organizations. At the same time, IT auditors are increasingly enforcing ever more stringent requirements on the business. The bottom line is that privileged accounts and privileged access are being targeted by hackers as a new attack surface and focused on by auditors who are insisting on greater controls around privileged accounts. Opportunity The right privileged access management solution provides comprehensive protection for your missioncritical servers with powerful, fine-grained controls over operating system-level access and privileged user actions. Capable of enforcing access controls on powerful native Superuser accounts—like the UNIX® and Linux® root and Microsoft® Windows® administrator—this system-level, host-based privileged access management solution controls, monitors and audits privileged user activity, improving security and simplifying audit and compliance. B
Tags : 
     CA Technologies
By: Tenable     Published Date: Feb 07, 2018
"Securing the modern attack surface is a critical challenge you must effectively address to reduce cyber exposure and protect your enterprise. By reading this ebook you’ll learn what’s working – and what’s not – from 29 global infosec leaders, representing a diverse array of industries and perspectives. Download your copy today for insights and lessons learned about: - Securing a dynamic IT environment - Rethinking security for cloud environments - Moving security to the application layer - Focusing on data security - Automating security testing and controls"
Tags : secure devops, web application security, attack surface, cloud, container security, ciso, cyber, experts, ebook
     Tenable
By: Mimecast     Published Date: Nov 28, 2017
With the healthcare industry as the #1 target for ransomware attacks, it’s critical to ensure steps are taken to prevent, detect and respond to these attacks without downtime – and without loss of patient data. A multi-layered approach to protective controls – including a Secure Email Gateway (SEG) with advanced threat protection capabilities – will start your healthcare organization on the right path to ransomware resilience. Download and use this top 10 list of how to protect your organization now. Use it as a reference tool for frequent health checks of your own ransomware resilience program.
Tags : healthcare, ransomware, ransomware attack, seg, secure email gateway
     Mimecast
By: CA Technologies EMEA     Published Date: Aug 03, 2017
For organizations with additional security requirements for high value servers hosting business-critical assets, CA Privileged Access Manager Server Control provides localized, fine-grained access control and protection over operating system-level access and application-level access. Agent-based, kernel-level protection is available for individual files, folders and specific commands based on policy and/or finedgrained controls on specific hosts.
Tags : identity management, privileged user access, secure privileged credentials, secure hybrid it
     CA Technologies EMEA
By: Qualys     Published Date: Jan 11, 2017
It’s not easy being today’s CISO or CIO. With the advent of cloud computing, Shadow IT, and mobility, the risk surface area for enterprises has increased dramatically, while IT budgets have shrunk and skilled cyber security talent is virtually impossible to find.
Tags : information security, it compliance, it audit, it security, network security, web application security, application security
     Qualys
By: IBM     Published Date: Jul 14, 2016
If your company is engaged in international activities, it's critical that you assess and understand the risks of non-compliance with the Foreign Corrupt Practices Act (FCPA). To avoid becoming a costly statistic, you need to design your controls accordingly. Download this white paper from experts Joseph Howell, Cofounder and Executive Vice President at Workiva, and Brent Macey, Director of Internal Audit for Schnitzer Steel Industries, Inc. They'll discuss the major components of the FCPA, and how companies can perform the risk assessment process in an efficient manner. They'll also provide a practical guide to implement internal controls for FCPA at an international level.
Tags : best practices, risk management, foreign corrupt practice act, technology, business management, business technology
     IBM
By: CyrusOne     Published Date: Jul 05, 2016
Data centers help state and federal agencies reduce costs and improve operations. Every day, government agencies struggle to meet critical cost controls with lower operational expenses while fulfilling the Federal Data Center Consolidation Initiative’s (FDCCI) goal. All too often they are finding themselves constrained by their legacy in-house data centers and connectivity solutions that fail to deliver exceptional data center reliability and uptime.
Tags : data center, best practices, competitive advantage, productivity
     CyrusOne
By: AlienVault     Published Date: Mar 30, 2016
The CIS Critical Security Controls (CSCs) provide 20 controls that organizations of any size can use to improve their security posture and reduce the risk of cyber threats to critical assets, data, and network infrastructure. The AlienVault USM platform, with its built-in essential security capabilities and integrated threat intelligence, can help organizations implement these controls quickly and effectively. This document describes how the AlienVault USM platform maps to each of the CIS CSCs.
Tags : 
     AlienVault
By: Qualys     Published Date: Feb 17, 2016
It’s not easy being today’s CISO or CIO. With the advent of cloud computing, Shadow IT, and mobility, the risk surface area for enterprises has increased dramatically, while IT budgets have shrunk and skilled cyber security talent is virtually impossible to find. Thankfully, the CIS Top 20 Critical Controls provides a pragmatic approach, offering prioritized guidance on the important steps for implementing basic cyber hygiene practices. With the CIS Top 20 Critical Security Controls, CISOs now have a blueprint for reducing risk and managing compliance. By automating each of these controls, CISOs enable their information security teams to do much more with less, essentially operationalizing good cyber hygiene.
Tags : qualys, cis, critical security, cloud computing, cyber security, networking, security, it management, enterprise applications
     Qualys
By: Venafi     Published Date: Aug 10, 2015
This paper demonstrates a recent attack that used cryptographic keys and digital certificates as well as guidance on how to protect certificates and keys and quickly discover and remediate breaches.
Tags : attacks, cyberattacks, protect certificates, how to remediate breaches, security, security applications
     Venafi
By: Venafi     Published Date: Aug 10, 2015
The need for authentication and assurance is great and options are few; therefore, we have come to rely on encrypted SSL/TLS certificates for almost every new application, appliance, device and cloud service.
Tags : security controls, security, security applications, ssl/tls certificates, secure connection, security network
     Venafi
By: Venafi     Published Date: Aug 07, 2015
This paper reveals how not securing all of your keys and certificates enables cybercriminals to bypass controls like threat detection, data protection, firewalls, VPNs, DLP, privileged access, and authentication systems that you expect will mitigate threats.
Tags : security, protect keys, security controls, cyber-attacks, cybercriminals, threat detection, data protection, firewalls, authentication, protect digital certificates, reduce risks
     Venafi
By: Venafi     Published Date: Jul 27, 2015
See how APT 18 conducted its proof-of-concept attack, learn how attackers bypassed critical security controls and find out how you can eliminate blind spots, reduce risk, and respond and remediate faster.
Tags : security controls, key misuse, certificate misuse, security management, breach prevention, risk reduction, blind spots, exfiltrating data, certificate security, trust protection platform
     Venafi
By: Venafi     Published Date: Mar 26, 2015
This technical case study addressing key and certificate security issues is designed for security conscious enterprises to understand real-life attack scenarios that threaten their businesses in today’s world. This white paper demonstrates a recent attack that used cryptographic keys and digital certificates as well as guidance on how to protect certificates and keys and quickly discover and remediate breaches. This paper should be read by more technical IT security sta? who are interested in detailed attack methods and remediation tactics. The executive summary is intended for IT Security leaders (CISOs and their direct reports) and addresses the proof-of-concept attack impacts on the business.
Tags : secutiry, certificates, keys, security attacks, business
     Venafi
By: Venafi     Published Date: Mar 26, 2015
The SANS 20 Critical Security Controls for Effective Cyber Defense offers a blueprint of prioritized guidance to reduce risk. New updates to the SANS 20 signify the growing need to secure digital certificates and cryptographic keys to preserve trusted communications for all of your critical systems and your organization’s interactions with customers and partners. Too often cyberattacks on keys and certificates are successful because basic security controls are not present or not properly configured. Download the Solution Brief to learn how you can effectively build scalable controls and reduce risk: • Manage the rapid growth in certificates • Gain visibility into where keys and certificates are located • Secure your certificates against cyberattacks • Enforce automation of certificate issuance and renewal
Tags : sans 20, security controls, cyber defense, cyber attacks, secure digital certificates, cryptographic keys, automation
     Venafi
By: Venafi     Published Date: Mar 26, 2015
Advanced Persistent Threat (APT) operators have proven they can breach enterprises like yours by undermining your critical security controls when you fail to protect digital certificates and cryptographic keys. Not securing all of your keys and certificates enables cybercriminals to bypass controls like threat detection, data protection, firewalls, VPNs, DLP, privileged access, and authentication systems that you expect will mitigate threats.
Tags : keys, certificates, security controls, apt, advances persistent threat, cryptographic keys, cybercriminals, cyber attacks, cyber defense, vpn, dlp, privileged access, authentication systems
     Venafi
By: Venafi     Published Date: Mar 04, 2015
This technical case study addressing key and certificate security issues is designed for security conscious enterprises to understand real-life attack scenarios that threaten their businesses in today’s world. This white paper demonstrates a recent attack that used cryptographic keys and digital certificates as well as guidance on how to protect certificates and keys and quickly discover and remediate breaches. This paper should be read by more technical IT security staff who are interested in detailed attack methods and remediation tactics. The executive summary is intented for IT Security leaders (CISOs and their direct reports) and addresses the proof-of-concept attack impacts on the business. The attack scenario described in this technical white paper is based on a reproduction of a real-world attack in a Raxis test environment that simulated an enterprise security infrastructure.
Tags : venafi, ssh keys, vpn credentials, digital certificates
     Venafi
By: Qualys     Published Date: Jan 08, 2015
The Critical Security Controls (CSCs), a well-known roadmap for enterprise information assurance published and maintained by the Council on CyberSecurity, is being widely adopted across financial and government sectors, according to the second SANS survey on CSC adoption. Download this report from SANS to find out why more and more organizations of various types consider the CSCs a reliable mechanism to reduce attack surfaces, increase visibility and improve protection and response.
Tags : critical security controls, csc adoption, enterprise information assurance, cybersecurity, security
     Qualys
By: Symantec     Published Date: Nov 21, 2014
Computer viruses are yesterday’s news; automated attacks that morph rapidly, concealing themselves through encryption and deceptive packaging, are the new hotness. This paper describes how to start with improved malware reporting and gateway monitoring and how to combine this output with security intelligence from both internal and external resources. Forward thinking organizations use these and other techniques promoted by frameworks such as the Critical Security Controls. The key is to—as quickly as possible—detect hostile activity, identify and locate affected systems and devices, and respond appropriately.
Tags : computer viruses, automated attacks, encryption, deceptive packaging, security controls, security
     Symantec
By: AlienVault     Published Date: Oct 21, 2014
When dealing with ransomware threats like CryptoWall, which encrypt your data and demand payment to unlock it, spotting infections quickly is critical in order to limit the damage. AlienVault USM uses several built-in security controls working in unison to detect ransomware like CryptoWall, usually as soon as it attempts to connect to the command and control server. Watch this demo on-demand to see how AlienVault USM detects these threats quickly, saving you valuable clean-up time and limiting the damage from the attack.
Tags : vulnerability, management, risk, prioritize, profile, environment, data, asset value, network, authenticated, unauthenticated, remediation, best practices, intelligence, scores, attacks, policy violations, compromise, ex filtration, exploit
     AlienVault
By: IBM     Published Date: Jul 30, 2014
Use this book to understand why integrating and unifying your closing, consolidating, and reporting process is critical. Learn about re-engineering your point solution approach to these activities by investing in integrated solutions. Achieve automation and enhance your ability to manage internal controls, reduce risks, and efficiently create consolidated financial statements and regulatory reports (including XBRL).
Tags : ibm, business analytics, finance, closing, consildating, reporting, reporting process, internal control management, risk reduction, consolidation, financial statement consolidation, regulatory reports consolidation
     IBM
By: Alert Logic and Rackspace     Published Date: Jun 20, 2014
To achieve PCI DSS compliance, you must identify and remediate all critical vulnerabilities detected during PCI scans. Threat Manager streamlines this process by providing simple, actionable reports that detail vulnerabilities and recommendations. There is also a Dispute Wizard that helps document compensating controls that are in place to remediate specific vulnerabilities. PCI scans include the following reports: Executive Summary: Overview of scan results and a statement of compliance or non-compliance. Vulnerability Details: Provides a detailed description, list of impacted hosts,risk level and remediation tips for each vulnerability found. Attestation of Scan Compliance: Overall summary of network posture, compliance status and assertion that the scan complies with PCI requirements.
Tags : alert logic, rackspace, pci, pci dss, payment security, compliance, cloud pci, security, it management
     Alert Logic and Rackspace
Previous   1 2    Next    
Search White Papers      

Add White Papers

Get your white papers featured in the Energy Efficiency Markets White Paper Library contact: Kevin@EnergyEfficiencyMarkets.com