InformationWeek Reports : Security

Alert: Smarter, Stealthier, Sneakier Malware

Tue, 07 Feb 2012 09:58:15 -0500

Increasingly sophisticated and targeted attacks are making it more difficult for organizations to detect and defend against them.

Strategy: SIEM

Sat, 04 Feb 2012 01:46:58 -0500

A security information and event management system serves as a repository for all the security alerts and logging systems from a firm’s devices. But this can be overkill for a company that is understaffed or has overestimated its security information needs. In this report, we discuss 10 questions to ask yourself in determining whether SIEM makes sense for you—and how to pick the right system if it does.

Trust: Web Authentication

Thu, 02 Feb 2012 12:47:38 -0500

How hacks of Comodo and DigiNotar exposed weakness in SSL--and what's being done to fix it.

Data Encryption: Piling On

Thu, 02 Feb 2012 11:23:18 -0500

As broken protocols, mobility, and cloud add to the data protection burden, encryption's more important than ever.

Strategy: How to Pick Endpoint Protection

Thu, 02 Feb 2012 03:18:31 -0500

When it comes to protecting PCs and laptops, IT puts too much emphasis on malware detection. You'll get better results by focusing on performance, management and--most importantly--how users and the security software interact. This report tells you how to evaluate endpoint security software based on what really matters.

IT Pro Ranking: Endpoint Antivirus/Anti-Malware

Wed, 01 Feb 2012 09:15:28 -0500

Kaspersky Lab and Sophos top our IT evaluations of nine antivirus/anti-malware vendors. Upstart Malwarebytes scores a 4.3 out of 5 for malware removal, the highest score in that category. Symantec and McAfee are the most widely used vendors, but 46% of respondents are considering replacing or adding a vendor. Lucky for them, choices abound in this market.

Strategy: Database Defense

Sun, 29 Jan 2012 01:10:15 -0500

The biggest threat to your company’s most sensitive data may be the employee who has legitimate access to corporate databases but less-than-legitimate intentions. And while the incidence of insider data breaches has decreased, external attacks often imitate them—and do serious damage. Follow our advice to mitigate the risk.

Strategy: Understanding Software Vulnerabilities

Sun, 29 Jan 2012 01:09:49 -0500

To protect company and customer data, we need to determine what makes it so vulnerable and appealing. We also need to understand how hackers operate, and what tools and processes they rely on. In this report, we explain how to ensure the best defense by thinking like an attacker and identifying the weakest link in your own corporate data chain.

Dark Reading Supplemental Issue: February 2012

Fri, 27 Jan 2012 05:02:31 -0500

Online Trust -- Hacked Doesn't Mean Dead

InformationWeek: January 30, 2012

Fri, 27 Jan 2012 01:46:56 -0500

Dislike: Why employees aren't taking to enterprise social networks -- Secret CIO: Ambushed by a customer -- Lotus Notes gets social -- Networking vendors ranked 17 -- What Apotheker had right -- government innovation ideas

Informed CIO: Striking a Security/Usability Balance

Wed, 25 Jan 2012 07:45:50 -0500

At CES we saw dozens of new tablets and smartphones with unprecedented capabilities. Employees want to make full use of their shiny new devices, while IT teams want to maintain security and control. The principles of secure user access provide a strategy for CIOs to maintain equilibrium.

Digital Detectives

Mon, 23 Jan 2012 11:09:54 -0500

The right forensic tools in the right hands are just a start. Here's how to best apply the lessons they teach to bolster your defenses.

Research: Data Encryption

Fri, 20 Jan 2012 04:53:49 -0500

Just 36% think they're ahead of the encryption curve, and now the cloud and mobility are adding new wrinkles to an already complex and difficult-to-implement technology. Meanwhile, just 47% have made mobile-device encryption a priority. Our take: This tech may just be the key to achieving the magical ROI promised by cloud services and mobility programs.

Dark Reading Digital Issue: January 2012

Fri, 20 Jan 2012 03:23:50 -0500

Digital Detectives -- Take the offensive with forensics -- New twist on the DoS attack
-- The third-party insider threat

Enterprise Buyer's Guide: Tablets

Fri, 20 Jan 2012 01:33:11 -0500

We profile five contenders for your business. Key differentiators for enterprise IT: the ability to connect to corporate VPNs, native device security and authentication, and amenability to centralized management. We also touch on Intel's master plan to challenge purveyors of smartphone silicon. Clearly, 2012 will see Android OEMs up their games and the Wintel combo reunite to finally take a serious stab at the tablet market. How will you manage the onslaught?

Strategy: Smartcards

Tue, 17 Jan 2012 04:20:52 -0500

Recent compromises of smartcard data have exacerbated concerns about the technology’s privacy, security and standards (or lack thereof). Yet the promise of smartcards is too compelling to ignore. New technologies and applications prompt us to take a fresh look.

Research: State of Database Technology

Fri, 13 Jan 2012 09:35:05 -0500

We aren't surprised that 42% of our 760 respondents cite the ability to meet complex requirements as the top factor influencing their choice of operational database, or that virtualization and the cloud have lukewarm acceptance. But we do wonder about the 26% who still don't encrypt databases containing sensitive information.

IT Pro Impact: NFC and Mobile Commerce

Thu, 05 Jan 2012 04:29:26 -0500

Apple, RIM, Google and other smartphone makers are adding near field communication capabilities to their devices for release in 2012. Enterprise mobility teams should be ready to advise business leaders on how to incorporate mobile commerce into the organization's plans.

Strategy: HIPAA Security

Wed, 04 Jan 2012 12:32:39 -0500

IT professionals can make tremendous progress on security initiatives using the HIPAA Security Rule for leverage. We show you how.

Strategy: Stop Illicit Data Dumps

Wed, 04 Jan 2012 11:59:16 -0500

There are no silver bullets when it comes to protecting company and customer data from loss or theft, but there are technological and procedural systems that will go a long way toward preventing a WikiLeaks-like data dump.

Research: Physical and Logical Security Convergence

Thu, 29 Dec 2011 09:29:43 -0500

As employees become more dispersed, physical security measures need to evolve and merge with logical controls. But our trending shows a stunning dearth of innovation and investment in technologies such as biometrics and smart cards, as well as a lack of integration with SEIM systems. In this report, we'll shed light on this often overlooked but important part of any security posture. You'll be surprised at what we found in the dark corner.

Strategy: Optimize Your Mobile Infrastructure

Wed, 21 Dec 2011 04:08:42 -0500

A critical aspect of IT services operations is ensuring that infrastructure elements are up and running to provide connectivity for users. In this report, we'll examine the area of IT services operations with a related discussion of mobile device management. We'll review the levels of capability in this discipline and discuss in more depth what elements, at each level, you should be investigating from a business, technology and policy standpoint.

The Disaster Recovery Disaster

Wed, 14 Dec 2011 09:43:23 -0500

IT’s spending as much as ever on DR, despite advances in virtualization and cloud techniques. Time to break free.

Strategy: SOX Security

Mon, 12 Dec 2011 06:18:35 -0500

We share 10 best practices to meet Sarbanes-Oxley security-related requirements and help ensure you’ll pass your next compliance audit.

Strategy: Tablet Security

Mon, 05 Dec 2011 09:57:33 -0500

As businesses rely increasingly on tablets for the productivity benefits they provide, IT must address the security challenges the devices present.