Data Breach On The Horizon: Best Practices to Protect Your Assets [McAfee]

It happened to Sony in 2011, and LinkedIn this spring. It’s no secret that data breaches are on the rise. Database security is phenomenally critical to a company’s overall health. A serious breach can result in extreme monetary damage composed of bad publicity, noncompliance fines and business disruption. It can tarnish the reputation of even the most wildly successful organization.

Database security is becoming increasingly complex. One of the reasons for this is that the typical hacker profile has changed dramatically in recent years. Hackers were once thought to be gifted loners only seeking mischief and mayhem. Today, that image has evolved into far more sophisticated organized crime rings of cyberfraud professionals. Their work is long-term focused and is far more damaging. They seek financial gain rather than mischief, and their stealthy tendency leaves no trace of their presence.

Security threats are not limited to external agents – internal users are guilty too. A 2012 study by Ponemon Institute, Aftermath of Data Breach, identified insiders and third parties as most common causes of data breaches. Of incidents that were successfully traced to a root cause, 34 percent were attributed to negligent insiders, 19 percent traced to third-party data outsourcers, and 16 percent to malicious insiders.

With these sophisticated threats created by well-hidden, brilliant professionals ever evolving, mutilating, and knocking at your door, what are the best practices to keep your database security in check? [Read more…]

Is Your SIEM Platform Dealing With Critical Threats As Well As It Should? [McAfee]

Effective security information and event management (SIEM) means properly analyzing your security event data in real time – threats and vulnerabilities to your organization’s systems — and collecting and analyzing your log data for regulatory compliance. But as SIEM/Log Management technology has rapidly evolved and you’ve had some time to live with the offerings you’ve implemented, you might be having a little buyer’s remorse. In other words, you might be wondering or worrying whether your SIEM is working as it should and meeting your – and your organization’s — expectations. You may also be scared to find out.

Don’t be. If a thorough analysis leads you to conclude you need an SIEM replacement, the good news is that might be easier than the initial installation. Equally good news, that analysis tells you your SIEM purchase and implementation was the right one. Either way, just about the worst thing you can do is pretend that uneasiness or uncertainty you’re feeling doesn’t exist.

It’s better to know than to not know.

So how do you start? What’s the process for deciding whether the benefits of considering a new security management platform and migrating to it outweigh the risks of doing nothing? The way I see it, there are 7 steps to get you there.

[Read more…]

Cloud-Based Security (SaaS) Is The Next Generation of Defense [McAfee]

 It’s such a familiar story these days. Businesses facing budget tradeoffs find themselves looking for ways to defer costs, cut costs and squeeze value wherever they can. And when they do, they often risk creating greater headaches down the road.

While it may sound cliché, it’s also the reality we live in. And nowhere is that reality confronting decision makers and raising more red flags than on the security front. Whether you’re an IT manager or security specialist, you’re likely evaluating what security solutions to buy, how to implement them and how to manage them, all while the black cloud of malware, spyware, spam and other intrusions and vulnerabilities hangs over your head.

[Read more…]