Sponsor: Hewlett Packard – CA

Strategies for securing your digital enterprise security playbook

Learn how innovative enterprise security solutions can help you pre-empt threats before they reach your front door, changing your stance from reactive to proactive.

Cybercrime attackers grow more sophisticated by the day. Due to the complexities of the digital era, yesterday’s security solutions are no longer adequate. What does it take to protect your business in this challenging new landscape?

This playbook shows you the steps to take to build a security framework that helps you detect and respond to cyber threats while safeguarding continuity and compliance and effectively mitigating risk.
Get Whitepaper

Mobile Application Security Report 2016

HPE’s first mobile application security study was published in the fall of 2013. At that time we analyzed 2,000 applications and found that 97% of them accessed at least one private information source. Now, over two years later, and after testing over 36,000 applications, the situation has not improved; 96.52% of applications were flagged in at least one of the 10 core privacy checks.
Get Whitepaper

Secure Stateless Tokenization: Data Protection and PCI Scope Reduction for Today’s Businesses

Cyber criminals have proved adept at thwarting existing IT defenses and exploiting weak links in the payments ecosystem. Merchants, service providers, and enterprises thus face severe and ongoing challenges securing card data from capture through the transaction lifecycle. Organizations are also under pressure to achieve scope and cost reduction goals in meeting compliance mandates such as the Payment Card Industry Data Security Standard (PCI DSS). Tokenization – replacing card numbers with tokens – is one method of data protection and audit scope reduction recommended by the PCI DSS Security Standards Council. Reducing audit scope using tokenization can both accelerate initial compliance efforts and reduce costs for future audits.
Get Whitepaper

Data-Centric Protection: Enabling Business Agility While Protecting Data Assets

Corporate, government and other enterprises are under relentless attack by cyber criminals determined to steal business-critical data and confidential customer and third-party information. Whether for the purpose of identity theft, corporate espionage or other malicious ends, hordes of hackers running the gamut from organized crime groups to sovereign government organizations are working around the clock, around the globe to penetrate data stores in virtually every industry sector.

Year after year, organizations have struggled to thwart these criminals and the existential risks they pose to business enterprises. Yet, vulnerabilities continue to abound and the associated attacks are more pervasive, more sophisticated and more damaging than ever. And, that damage can affect an organization’s reputation, bottom line, and impact business success for years.
Get Whitepaper

SANS Threat Hunting: Open Season on the Adversary

Learn how threat hunting can help your enterprise security team aggressively track and eliminate cyber adversaries from your network as early as possible.
To build a mature threat-hunting program your organization needs to adopt the following goals:
- To provide early and accurate detection.
- To control and reduce impact and damage with faster response.
- To improve defenses to make successful attacks increasingly difficult.
- To gain better visibility into the organization’s weaknesses.

This report provides you with real-life results, advice and best practices for threat hunting processes.
Get Whitepaper

2016 State of Security Operations

Hacker attacks are increasing, and the cost to businesses is growing. Experts tell us it's not if you'll be breached, it's when. So the effectiveness of your security operations determines how much damage you'll suffer. Since 2008, Hewett Packard Enterprise Security has performed 154 assessments of the maturity of security operations in 114 security operations centers (SOCs).

The 2016 report is both disturbing and encouraging. There has been a year-to-year decline in overall security operation maturity. But there is also encouraging news—many SOCs are adopting innovative techniques that leverage the power of data and analytics to stay ahead of the threat. Read the report to learn the findings and understand the trends in security operations.

Get Whitepaper

Cyber Security Best Practices

Discover how enterprise security best practices can help you avoid suffering financial losses, damage to your brand, and damage to customer relationships caused by undetected or detected too late cyber attacks.

On average, advanced attacks now persist in the network seven months before they are detected. The time to resolve those attacks once detected has increased by 221 percent to 45 days.

This paper shows you how you can tap into the best threat intelligence solutions and what new ideas you can use in your organization to find the needle in the haystack that indicates hackers are at work.

Get Whitepaper

Behind the Mask: The Changing Face of Hacking

Headlines featuring large-scale cyber breaches at Target, Home Depot, Sony Pictures, and others have taught us one thing—no one is safe. But who are the hackers who are able to pull off such huge attacks against sophisticated targets, including the U.S. Government? And how do they do it?

This new report will help you learn more about hackers and how they work, which can help you better plan and deploy your own defenses. Read it to understand:

  • The attack methods hackers use
  • Why simple approaches like phishing still work
  • How HPE Security Research provides actionable security intelligence that can help make your organization safer
Get Whitepaper

Companies cautiously optimistic about cybersecurity

Optimism is good. But being overconfident about your ability to counter cyber attacks is dangerous. And that's what many security professionals are doing according to new research by SC Magazine. Eighty percent of survey respondents believe the chances of being breached are 50-50 or less. But the Ponemon Institute 2015 Cost of Cyber Crime Study finds the average company actually experiences 1.9 successful cyber attacks per week.

The disconnect seems to spring from respondents' confidence that they can block known attacks coupled with concern about new and unknown hacker threats. Read this report to learn:

  • Respondents' highest cyber defense priorities
  • How they view their ability to respond to breaches
  • The five top action items for security pros
Get Whitepaper

Poucos estão totalmente preparados para riscos de segurança em softwares

Hackers invadem organizações e roubam informações por meio de vulnerabilidades em aplicativos. Mesmo assim, menos de metade das organizações de TI confiam na segurança dos softwares que utilizam nos negócios. E somente 11% dizem que sabem com certeza quais aplicativos apresentam riscos. Essas são algumas das descobertas de uma pesquisa da Gatepoint sobre SSA (Garantia de segurança de software) descrita neste artigo técnico.

Leia o artigo técnico para saber mais:

  • Quantos entrevistados têm programas completos de SSA implementados
  • Como SSA funciona
  • Quanto SSA reduziu o tempo de remediação de problemas
Get Whitepaper

Pocos están bien preparados para los riesgos de seguridad de software

Los hackers penetran las organizaciones y roban información a través de las vulnerabilidades de las aplicaciones de software. Sin embargo, menos de la mitad de las organizaciones de TI confían en la seguridad del software que hace funcionar su negocio. Y solo el 11 por ciento dice que sabe con certeza cuáles son las aplicaciones que están en riesgo. Estos son resultados de una encuesta de Gatepoint sobre garantía de seguridad de software (SSA) que se destacan en este artículo.

Lea el artículo para aprender:

  • Cuántos encuestados tienen programas de SSA completos vigentes
  • Cómo funciona la SSA
  • Cómo la SSA ha reducido el tiempo de corrección
Get Whitepaper

Como se proteger melhor contra uma violação de segurança

Especialistas em segurança cibernética alertam cada vez mais para o fato de que defesas de perímetro, como firewalls, não são suficientes para impedir ataques cibernéticos. Como resultado, segundo esse estudo da IDG, 70% das empresas adquiriram sistemas de SIEM (Gerenciamento de informações e eventos de segurança) para coletar e analisar dados de logs.

Mas a maioria das organizações ainda está mais focada na conformidade que na segurança, e apenas 20% usam o SIEM de maneira avançada ou personalizada. Leia o estudo para saber:

  • Por que apenas metade confia em seus recursos defensivos
  • O que as empresas procuram em soluções de SIEM
  • Como o Ponemon Institute diz que as empresas poderiam estar economizando US$ 5,3 milhões por ano em perdas com crimes cibernéticos
Get Whitepaper

Cómo mejorar la protección contra una falla de seguridad

Los expertos en seguridad informática advierten cada vez más que las defensas perimetrales, como los firewalls, no son suficientes para detener los ataques cibernéticos. Como resultado, según este estudio de IDG, el 70 por ciento de las empresas adquirieron sistemas de información de seguridad y gestión de eventos (security information and event management, SIEM) para recopilar y analizar datos de registro.

Sin embargo, la mayoría de las organizaciones todavía se centra en el cumplimiento en lugar de hacerlo en la seguridad, y solo el 20 por ciento usa SIEM de manera avanzada o personalizada. Lea el estudio para obtener información sobre lo siguiente:

  • Por qué apenas la mitad tiene confianza en sus capacidades de defensa
  • Qué buscan las empresas en las soluciones de SIEM
  • De qué manera Ponemon Institute considera que las empresas pueden ahorrar $5,3 millones anualmente en pérdidas por delitos cibernéticos
Get Whitepaper

Estudio del costo de los delitos cibernéticos 2015: global

Descubra los resultados más sobresalientes de este estudio de seguridad e inteligencia empresarial y conozca qué puede hacer para proteger su organización.

Existe una importante variación en los costos totales de los delitos cibernéticos entre las compañías participantes. La muestra de Estados Unidos presenta el mayor costo total promedio, con USD$15 mill, mientras que Rusia presenta el menor costo total promedio, con USD$2.4 mill. Es interesante, además, observar que Alemania, Japón, Australia y Rusia experimentaron una leve disminución en el costo de los delitos cibernéticos respecto del año pasado. Expresado en porcentaje, el cambio neto entre el ejercicio fiscal 2015 y el ejercicio fiscal 2014 es del 1,9 %.

Get Whitepaper