FortifiedImage by CrisCan you even tell if a breach has occurred? Have you inventoried its vulnerabilities - and taken steps to prevent, for example, a $22 million per minute loss due to a SAP breach as experienced by one Fortune 100 company? Or have you concluded that the scale of SAP ERP implementations makes it just too big to manage? Ask yourself these 10 questions - compiled by David Binny, vice president of product management at Panaya, and gleaned from its analysis of thousands of SAP landscapes - to find out if your SAP is safe.To read this article in full or to leave a comment, please click here
FortifiedImage by CrisCan you even tell if a breach has occurred? Have you inventoried its vulnerabilities - and taken steps to prevent, for example, a $22 million per minute loss due to a SAP breach as experienced by one Fortune 100 company? Or have you concluded that the scale of SAP ERP implementations makes it just too big to manage? Ask yourself these 10 questions - compiled by David Binny, vice president of product management at Panaya, and gleaned from its analysis of thousands of SAP landscapes - to find out if your SAP is safe.To read this article in full or to leave a comment, please click here
Plugging the holesImage by Les ChatfieldWhat is risk management? Any time you have something of value (like a corporate network, a website, or a mobile application), there will be risk to manage in order to protect it. As organizations innovate and change the way they use technology, the risks change too. Traditional approaches and controls are no longer good enough. Caroline Wong, vice president of security strategy at Cobalt, provides a fewtips for managing risk in today’s modern business environment.To read this article in full or to leave a comment, please click here
Plugging the holesImage by Les ChatfieldWhat is risk management? Any time you have something of value (like a corporate network, a website, or a mobile application), there will be risk to manage in order to protect it. As organizations innovate and change the way they use technology, the risks change too. Traditional approaches and controls are no longer good enough. Caroline Wong, vice president of security strategy at Cobalt, provides a fewtips for managing risk in today’s modern business environment.To read this article in full or to leave a comment, please click here
Finding the bad guys right awayImage by ThinkstockWhile organizations always want to find threats as quickly as possible, that ideal is far from being met. On average, dwell times last months and give cyber criminals all the time they need to peruse a network and extract valuable information that can impact a company, its customers and its employees.To read this article in full or to leave a comment, please click here
Finding the bad guys right awayImage by ThinkstockWhile organizations always want to find threats as quickly as possible, that ideal is far from being met. On average, dwell times last months and give cyber criminals all the time they need to peruse a network and extract valuable information that can impact a company, its customers and its employees.To read this article in full or to leave a comment, please click here
The genesis of underground markets goes back to when communication used to take place via Internet Relay Chat channels. Fast forward to the 21st Century with the evolution of cryptocurrencies and anonymous communications the underground market ecosystem has evolved.To read this article in full or to leave a comment, please click here(Insider Story)
The genesis of underground markets goes back to when communication used to take place via Internet Relay Chat channels. Fast forward to the 21st Century with the evolution of cryptocurrencies and anonymous communications the underground market ecosystem has evolved.Underground markets offer a variety of services for cyber criminals to profit from, says Luis Mendieta, senior security researcher at Anomali. These forums offer items ranging from physical world items like drugs and weapons to digital world items such as spam/phishing delivery, exploit kit services, "Crypters", "Binders", custom malware development, zero-day exploits, and bulletproof hosting.To read this article in full or to leave a comment, please click here(Insider Story)
New products of the weekImage by GSXOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Bill of ITImage by apptioTo read this article in full or to leave a comment, please click here
New products of the weekImage by GSXOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Bill of ITImage by apptioTo read this article in full or to leave a comment, please click here
New products of the weekImage by GSXOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Bill of ITImage by apptioTo read this article in full or to leave a comment, please click here
In November of 2015, First National Bank of South Africa received a ransom email from the Armada Collective, which was quickly followed by a teaser flood attack that the bank proactively mitigated. Sort of a shot across the bow to make sure the bank knew the criminals were serious.Bank officials didn’t flinch. According to a verbatim in Radware’s recently released Global Application & Security survey, the bank detected and mitigated the teaser flood attack before officials discovered the email, which had been sent to an unattended mailbox while the company was closed. With a hybrid DDoS mitigation solution in place, the flood attack had no impact and was immediately diverted to a scrubbing center for cleanup.To read this article in full or to leave a comment, please click here
In November of 2015, First National Bank of South Africa received a ransom email from the Armada Collective, which was quickly followed by a teaser flood attack that the bank proactively mitigated. Sort of a shot across the bow to make sure the bank knew the criminals were serious.Bank officials didn’t flinch. According to a verbatim in Radware’s recently released Global Application & Security survey, the bank detected and mitigated the teaser flood attack before officials discovered the email, which had been sent to an unattended mailbox while the company was closed. With a hybrid DDoS mitigation solution in place, the flood attack had no impact and was immediately diverted to a scrubbing center for cleanup.To read this article in full or to leave a comment, please click here
It is going to cost yaImage by ThinkstockA recent IBM study found that the average cost of a data breach has hit $4 million—up from $3.8 million in 2015. There are countless factors that could affect the cost of a data breach in your organization, and it’s virtually impossible to predict the exact cost. You might be able to estimate a range with the help of a data breach calculator, but no single tool is perfect.To read this article in full or to leave a comment, please click here
It is going to cost yaImage by ThinkstockA recent IBM study found that the average cost of a data breach has hit $4 million—up from $3.8 million in 2015. There are countless factors that could affect the cost of a data breach in your organization, and it’s virtually impossible to predict the exact cost. You might be able to estimate a range with the help of a data breach calculator, but no single tool is perfect.To read this article in full or to leave a comment, please click here
Imagine you are the receptionist at the front desk of a bank around Valentine’s Day. There are countless bouquets of flowers and boxes of chocolate being dropped off for delivery to employees. You just set them aside and alert the employee upon arrival.He said organizations that have been targeted by well-funded Nation States never stand much of a chance. “Knowing your most likely adversaries is very important and designing a penetration test to simulate the majority of your adversaries would be key to a successful comparison.”To read this article in full or to leave a comment, please click here(Insider Story)
Imagine you are the receptionist at the front desk of a bank around Valentine’s Day. There are countless bouquets of flowers and boxes of chocolate being dropped off for delivery to employees. You just set them aside and alert the employee upon arrival.But what about that one box with no name on it that just says “To my love.” Taped to the box is a DVD. The delivery person says he doesn’t know who it is for, he tells the receptionist that he just delivers the packages. The receptionist wants the romantic package to make it to the intended target, so she puts the DVD into her computer in hopes it can give her a clue.A video animation pops up on her screen of a bunny saying “I love you.” However behind the scenes an executable is placed on the computer. And now the criminal is inside the company’s network.To read this article in full or to leave a comment, please click here(Insider Story)
The cloud is now a mainstream IT platform. Through its unlimited economies of scale and its ability to deliver IT resources dynamically whenever users need them, the cloud’s popularity permeates through businesses of all sizes and industries.While they enjoy cloud benefits, many in IT still feel challenged to fully secure the new platform. There might be one or more cloud services linking to your corporate and partner network, all being accessed by both mobile and traditional users. How can you enforce internal policies and industry compliance mandates when there’s no longer an identifiable network perimeter?Ganesh Kirti, CTO and co-founder of Palerra, shows a few related issues worrying chief information security officers (CISO) when it comes to securing the cloud:To read this article in full or to leave a comment, please click here(Insider Story)
The cloud is now a mainstream IT platform. Through its unlimited economies of scale and its ability to deliver IT resources dynamically whenever users need them, the cloud’s popularity permeates through businesses of all sizes and industries.To read this article in full or to leave a comment, please click here(Insider Story)
New products of the weekImage by invrisionOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Comodo Internet Security 10Image by ComodoTo read this article in full or to leave a comment, please click here
Ryan Francis