W H I T E P A P E R A T r u s t e d S e c u r i t y P a r t n e r : A M u s t - H a v e i n T o d a y ' s T h r e a t L a n d s c a p e

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "W H I T E P A P E R A T r u s t e d S e c u r i t y P a r t n e r : A M u s t - H a v e i n T o d a y ' s T h r e a t L a n d s c a p e"

Transcription

1 Global Headquarters: 5 Speen Street Framingham, MA USA P F W H I T E P A P E R A T r u s t e d S e c u r i t y P a r t n e r : A M u s t - H a v e i n T o d a y ' s T h r e a t L a n d s c a p e Sponsored by: AT&T Christina Richmond Curtis Price August 2013 Christian A. Christiansen I D C O P I N I O N Given today's ever-evolving threat landscape of increasingly sophisticated and difficult-to-detect advanced persistent threats (APTs), denial of service (DoS), and distributed denial of service (DDoS) attacks, the enterprise faces a severe challenge in defending the entire environment, from the perimeter to the endpoint, completely alone. At the same time, IT organizations are pressured by board-level oversight to improve the administrative efficacy of security. This antagonistic situation represents a seemingly insolvable conundrum because it seems impossible to reconcile these opposing forces. Threat actors with their actions often have the ability to be more successful than the enterprise with its protection and defense. They continue to come up with increasingly imaginative strategies for their profit, which might be intellectual property, customer identities, or monetary gain. It is becoming harder and harder for IT to keep up with this dynamic landscape, especially when it is imperative for the enterprise whether small, large, or multinational to have a comprehensive and holistic security posture that covers all infrastructure and data, from the network to the application layer and beyond. Security is changing, and enterprises must adapt policies and procedures to stay ahead of threats. IDC believes that for the enterprise to effectively build its security posture, it must partner with a company that can provide the requisite professional security services (PSS) to assess security vulnerabilities, build a suitable strategy, and deploy plans that cover every aspect of the company's security needs. Moreover, IDC finds that managed security services (MSS) can offer advantages in reducing these vulnerabilities, predicting attacks, suggesting remediation, responding to incidents, and analyzing forensics to reduce the possibility of future events. I N T H I S W H I T E P A P E R In this white paper, IDC discusses the need for the enterprise to engage with a broad spectrum end-to-end security provider a "trusted security partner" to facilitate an overarching security plan for today's rapidly changing threat landscape. This white paper also takes a look at the services offered by AT&T that make it one of a handful of vendors that can claim to be a trusted security partner.

2 S I T U A T I O N O V E R V I E W B r o a d S e c u r i t y C o n c e r n s o f t h e E n t e r p r i s e Businesses feel the budget squeeze of doing more with less while also feeling the impact either directly or vicariously through the media of APTs, DoS, and DDoS attacks. A company's chief information security officer (CISO) knows that it is only a matter of time before the company ends up in the same position as its competitors. Additionally, the board desires more transparency into what has always been somewhat of a mystery: the "crying wolf" spend on security products to protect something that has never, to their knowledge, been breached. This is a key point: "to their knowledge" their organization may not have lost data through a breach. But the CISO knows that it is entirely possible that the company has in fact already lost critical intellectual, financial, or customer data without any awareness of the event. It is true many chief executive officers (CEOs) understand the need for security, but it is also true they face a daily battle to convince the lines of business to spend money to help protect an infrastructure that may or may not be necessary, that may or may not need defending, and that will almost assuredly continue to require increased budget. The board demands predictability in the budget and reduction of capital spending (capex) such as security hardware and software, and it pressures IT to reduce software and system integration costs. Concurrently, the security organization is faced with maintaining an effective department, responding to increasing worldwide compliance and privacy regulations, attempting to help fend off incidents, and leading a coordinated incident response if incidents do occur. All the while, media continues to highlight a growing concern about intellectual property protection. All this translates into a need for a seasoned security services provider that offers in-depth and mature assessment, design, integration, and operational expertise and, preferably, can also provision the enterprise with the necessary point products as needed. T h e E v o l v i n g L a n d s c a p e When it comes to security, there are as many ways to look at the organization's security protection as there are ways to compromise it. Key points to consider include: Publicly available reports from private and government sources agree that: Threats to online security have grown and evolved considerably in recent years. Malware authors have created a collaborative business network for bad, and their creations show constant innovation. Traditional threats are expanding into new forums. Social media and mobile devices are coming under increasing attack. Bring your own device (BYOD) is a growing trend and is expected to continue to rise, which will drive increased security concerns for the enterprise. 2 # IDC

3 Advanced persistent threats and DoS/DDoS are widely discussed in the media and are increasingly dangerous diversionary and extortion tactics to extract intellectual property and monetary assets. The cloud is here to stay, and while there are many benefits to migrating to a private, hybrid, or public cloud environment, there are equally as many security policy questions to be answered. A security detection and mitigation strategy is no longer enough; greater prediction of threats and correlation of these insights drive the requirement to have a threat intelligence solution broader than just a deployed security information and event management (SIEM) product. New Concerns for Security As today's CISOs understand, just because appliances are in place to protect the network, it may not be impenetrable to intrusion. Threats are more versatile and diverse and threat actors are more patient, mature, and creative than in the past. These new security concerns demand greater knowledge, coordination, and attention than previous and more "basic" threats to the network. They demand either a scaleup of both security products and resources or an engagement with a security partner that can assess, advise, design strategy for, and even where desired assume some or all of this for the organization. W h a t I s a C I S O t o D o? Secure the Network? Network security products are a necessary staple in any IT department, but now more than ever, an overarching and holistic security strategy is critical. It is no longer enough to throw more point products at the problem hoping they will fill all the holes. Web and attacks continue to evolve, and security systems must be managed to ensure that they identify and mitigate these challenges. To do this, they must be updated to stay relevant in this ever-changing landscape. In addition, access management needs to be comprehensive but not so restrictive that employees revolt. The incoming younger generation of workers desire access to the network from any device, any time, but IT still wants full control over who goes where and when. Load Up on Heavy Artillery? It is not enough to deploy SIEM to capture and log security events. In addition to SIEM, the department must have round-the-clock analysts to analyze logs to assist in predicting future threats. The amount of data captured and correlated can be astounding and the effort massive. These efforts fold in with an overarching breach management posture that most companies have not fully thought through, stopping at mitigation but not considering how to manage a possible public relations and brand reputation nightmare. Comply with Regulatory Standards? Regulatory compliance is like an octopus that extends its limbs into all areas of the business. Simply ticking off a checklist of compliance actions opens up additional 2013 IDC #

4 security concerns and questions for IT. Now more than ever, as regulatory standards cycle through changes at a faster and faster pace, companies are hiring an army of compliance and security consulting experts to assist in this rapidly evolving arena. Consider a Security Services Advisor? To navigate the challenges in today's threat landscape, IT managers know that at a minimum in addition to a security operation center (SOC) they must have enhanced analytics, data consolidation, and global threat intelligence knowledge of APTs and other adaptive, complex, and dynamic threats. 24 x 7 in-house security solutions are expensive, and expertise is scarce. In addition, they know that they must have the correlation capability to keep the information of these threats flowing to critical areas of the organization. Given the budgetary pressures CISOs face, this conversation can become a "build versus buy" discussion. First and foremost, the CISO looks for a trusted advisor to walk his or her department through a series of assessments to better understand gaps and opportunities for improvement. Next, this advisor will help to design a security policy and implementation strategy for the future. And finally, the CISO may look to engage a managed security services provider (MSSP) that can enable an organization to transfer the cost of ownership from capex to an operational expense (opex), thereby making security more of a predictable expense with a regular cadence in the budget cycle. Professional S e c u r i ty S ervices Engaging with a reputable professional security services partner can help the CISO enhance security capabilities while also creating a corporate culture that understands security and risk management. Such an engagement looks to increase cost efficiency in spite of mounting threats and regulatory burdens. Professional security consultants work to develop a comprehensive information security framework that addresses requirements for information protection, incident prevention, and detection and response, consistent with industry best practices. They look to establish a plan that addresses risk monitoring and mitigation requirements that encompass emerging technologies such as mobile and cloud computing. The outcome of a security consulting engagement will provide a detailed roadmap for effective implementation of the security strategies proposed. M a n aged Security Services An MSSP will have an enhanced security environment, with scalable and flexible security platforms capable of handling future expansion. MSSPs often have research labs that study and monitor threat trends on a global basis, and the findings from these organizations are critical to helping enterprises deal with the latest threats. In addition, many MSSPs offer compliance solutions to help clients adhere to mandates and prepare for audits. Leveraging the scale and expertise of a service provider can be beneficial to companies with many geographically dispersed sites. The large number of customers an MSSP supports gives them visibility into a large variety of threats on a global basis. An MSS engagement is not a one-size-fits-all proposition: no matter the size of the company and the current maturity of its security infrastructure, the organization can approach such an engagement gradually or entirely, depending on its needs. 4 # IDC

5 H a n d f u l o f V e n d o r s C a n F u l f i l l t h e " T r u s t e d S e c u r i t y P a r t n e r " R o l e In an ideal world, the security partner selected by an enterprise will have a broad array of professional services that work with the company's security and IT organizations to assess the current security posture, identify existing gaps, develop practices and procedures, design architectures, perform penetration and vulnerability tests, provide incident investigation and forensic data compilation, and perform compliance audits. If the enterprise is looking for predictable opex and desires to move to a managed security engagement, the security partner selected should be able to provide a wide range of managed security solutions, including network-based security services, from firewalls to monitoring and management services and emergency response services, all in a partnership that recognizes shared risk and responsibility. Only a handful of vendors can be the end-to-end partner that can seamlessly move from assessing the enterprise security posture to recommending and fulfilling hardware and software security deployments, implementing the products and, where needed, manage and monitor the environment. Add to that the need in many different size organizations for a partner to perform assessments and pre-audits on regulatory and compliance issues and even in some cases to manage the overall risk posture of the company. IDC believes that AT&T is one such partner. There are many other providers in the telecommunication industry that offer a broad lineup of security services, from professional consulting and integration to managed security services such as Verizon and CenturyLink. IT vendors such as HP, IBM, and Dell SecureWorks and security vendors such as Symantec and McAfee also offer security services comparable to AT&T's. It is a diverse and fragmented market and value can be found in many different forms along the continuum. Increased merger and acquisition (M&A) activity has brought consolidation, especially in the MSS space, leading IDC to believe that this will become a telco-versus-integrator battle. AT&T is extremely well positioned both in its network capabilities and in the very broad portfolio it has fashioned in security services. AT&T offers a complete Security Services portfolio where enterprises have a choice of network-based or premises-based security solutions that provide them with the level of support and the cost structure that best meet the needs of the business. The AT&T Security Services portfolio includes the services discussed in the sections that follow (see Figure 1) IDC #

6 F I G U R E 1 A T & T S e c u r i t y S e r v i c e s : A L a y e r e d " T h r e a t P r o t e c t i o n " S u i t e Source: AT&T, 2013 Consulting AT&T Security Consulting provides a portfolio of compliance and related security services. AT&T Security teams are focused in six areas: Security Strategy; PCI Solutions; Governance, Risk, and Compliance (GRC) Solutions; Secure Infrastructure Solutions; Threat and Vulnerability Management; and Application Security. These services help clients develop security strategies and roadmaps; assess gaps in and meet governance, risk, and compliance requirements; create payment card industry (PCI) solutions; install and assist with infrastructure; and manage threats and vulnerabilities. Specific features include the following: AT&T's Security Strategy and Roadmap service offers an advisory service to assist with the development of comprehensive and informative security strategies. An information security framework is developed for information protection, incident prevention, and detection and response, consistent with industry best practices. The plan addresses risk monitoring and mitigation requirements as well as emerging technologies such as mobile and cloud computing. A customized roadmap is developed with detailed project plans, identified owners, timelines, and resource allocation for the implementation of the security strategies. AT&T Governance, Risk, and Compliance provides consulting and advisory services for information security, governance, risk management, compliance, and implementation to develop, update, and/or validate security. 6 # IDC

7 AT&T Consulting is a PCI Qualified Security Assessor (QSA), a Payment Application Qualified Security Assessor (PA-QSA), and a Qualified Incident Response Assessor (QIRA). The PCI Consulting offer assesses the client business model and the critical supporting components and systems. The offer also performs assessments as well as strategic and tactical advice in the event that a PCI objective or control is not met or there is a data breach. AT&T's Secure Infrastructure Services assesses the security infrastructure, making recommendations on network consolidation and the analysis of data and packet flow with the goal of fine-tuning security devices to improve performance and minimize impact. Data leakage, data loss prevention, and security event management devices are assessed to develop an integrated and adaptive security architecture. AT&T's Vulnerability and Threat Management offer provides an independent baseline and validation of the organization's security posture through vulnerability assessment and penetration testing services. AT&T Consulting simulates realworld attacks to identify vulnerabilities in the network, evaluate risks, and develop remediation plans. AT&T Application Security Services offers four categories of application security services: Application Security Assessment provides automated and manual testing designed to circumvent the logic of the application in order to gain elevated access to systems or information. Application Security Program Management provides an application inventory, identification, and assignment of risk classification, development of testing plans, and management and execution of the program. Security Code Review examines all codes to identify potential weaknesses and vulnerabilities that could put the application and sensitive data at risk of disclosure or loss. PCI PA-QSA Application Security Assessment offers an assessment of certifications of payment applications in accordance with the PCI Payment Applications Best Practices program. AT&T's Security Event and Threat Analysis Service is a virtual security operation center that provides security analysis and operations to correlate information from multiple devices and device types, on premises and embedded in the AT&T network. Based on information gathered, AT&T provides notification of prioritized events based on risk and the ability to mitigate them. AT&T Security Device Management provides monitoring and management of security hardware and software located on premise or the implementation of complex and customer security solutions. Clients utilize the AT&T Security Network Operations Center (S/NOC) to monitor and manage security hardware and security infrastructure or to migrate to a custom security architecture designed to meet specific requirements IDC #

8 Managed Security Services At the operations level, AT&T provides customers with security solutions, including network-based security services, from firewalls to monitoring and management services, rapid response services, and security options on individual network services. Managed security services features include: AT&T Internet Protect provides security alerting and mitigation of attacks, including viruses, worms, and DDoS attacks that are in the early formulation stages. AT&T Private Intranet Protect analyzes traffic on the client's virtual private network (VPN), looking for known threats that originate both internal and external to the network. AT&T Mobile Security extends security controls beyond the mobile device into the AT&T network including the use of application controls and antivirus/antimalware scans. It provides access to an organization's VPN, the Internet, or cloud-based services as well as additional traffic filtering and scanning and is mobile-carrier agnostic. AT&T Network-Based Firewall Services provides enforcement of policy in the cloud or on the premises with a network-based firewall; premises-based firewall and Web application firewall services; day-to-day management, maintenance, support; and proactive 24 x 7 x 365 security monitoring. AT&T Web Security Service offers a managed network solution for content filtering and Web control. AT&T Intrusion Detection/Prevention Service helps detect and respond to malicious activities by sending the client alerts specific to the network and provides tools to assist the client with implementing internal network defense. AT&T Secure Gateway Services is a security-as-a-service solution that offers protection against inbound -borne threats, such as malicious Web links and attachments, and targeted phishing in addition to blocking traditional spam and viruses. AT&T Endpoint Security Service is a fully managed solution that helps protect both end users' and companies' internal systems from external hazards posed by doing business on the Internet. The service is designed to enforce compliance with customer-defined policies for firewall, antivirus, and software compliance at remote endpoints. AT&T Threat Management scans traffic and helps AT&T Security managers identify emerging problems, as well as see the sources of the problems, and take preventative action. This is both a standalone offering and an offering that integrates with the managed security services offering. 8 # IDC

9 AT&T DDoS Defense consists of detection and mitigation service components that examine net flow data, sending an alarm to an AT&T operations center and to the client with notification of the detected attack. AT&T Secure Network Gateway bundles AT&T Network-Based Firewall Services, AT&T Secure Gateway Service, and AT&T Web Security Service. AT&T also provides encryption services for and data encryption as well as token authentication services to help organizations know who is gaining access to network applications using two-factor authentication. F U T U R E O U T L O O K I D C F o r e c a s t s S t r o n g G r o w t h i n S e c u r i t y S e r v i c e s The increased complexity of security threats along with the need to evaluate various consumption models (on-premise, managed, hosted, and cloud) will require enterprises to seek consulting and strategy engagements from third-party providers to help align technology requirements with business objectives. IDC predicts that the total worldwide professional security services market is expected to reach $17.4 billion in 2013 and will grow to $22 billion by 2017, with a five-year compound annual growth rate (CAGR) of 5.9%. As discussed, MSS can provide reduction of capex and offer predictable opex and is therefore often a perfect solution to the security/boardroom conundrum discussed previously. IDC expects double-digit growth in the MSS market. C H A L L E N G E S / O P P O R T U N I T I E S Keeping pace with threats and staying on the cutting edge of mitigation at all layers of the network is a challenge that most security organizations cannot meet without some assistance. Given the nature of the constantly evolving threat landscape we've discussed and the budgetary pressures and board-level oversight to improve the administrative efficacy of security, it is critical to select a security services partner that provides the following at a minimum: A comprehensive security services offerings portfolio, from consulting and implementation through managed security services offerings Threat intelligence that creates actionable data that feeds into a managed service A broad array of security products and partnerships with vendors 2013 IDC #

10 C O N C L U S I O N IDC believes that to stay ahead of threats in this ever-increasingly complex landscape, it is important to work with a partner that supports a broad spectrum of security needs. As this paper discusses, some providers bring pieces of the solution, while AT&T does it all, from the perimeter to the endpoint. In addition, AT&T offers a menu of security services offerings that allows the customer flexibility and scale of solutions. C o p y r i g h t N o t i c e External Publication of IDC Information and Data Any IDC information that is to be used in advertising, press releases, or promotional materials requires prior written approval from the appropriate IDC Vice President or Country Manager. A draft of the proposed document should accompany any such request. IDC reserves the right to deny approval of external usage for any reason. Copyright 2013 IDC. Reproduction without written permission is completely forbidden. 10 # IDC

Worldwide Security and Vulnerability Management 2009 2013 Forecast and 2008 Vendor Shares

Worldwide Security and Vulnerability Management 2009 2013 Forecast and 2008 Vendor Shares EXCERPT Worldwide Security and Vulnerability Management 2009 2013 Forecast and 2008 Vendor Shares IN THIS EXCERPT Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015

More information

2012 North American Managed Security Service Providers Growth Leadership Award

2012 North American Managed Security Service Providers Growth Leadership Award 2011 South African Data Centre Green Excellence Award in Technology Innovation Cybernest 2012 2012 North American Managed Security Service Providers Growth Leadership Award 2011 Frost & Sullivan 1 We Accelerate

More information

Symantec Global Intelligence Network 2.0 Architecture: Staying Ahead of the Evolving Threat Landscape

Symantec Global Intelligence Network 2.0 Architecture: Staying Ahead of the Evolving Threat Landscape WHITE PAPER: SYMANTEC GLOBAL INTELLIGENCE NETWORK 2.0.... ARCHITECTURE.................................... Symantec Global Intelligence Network 2.0 Architecture: Staying Ahead of the Evolving Threat Who

More information

Sluggish Incident Response: Next-Generation Security Problems and Solutions

Sluggish Incident Response: Next-Generation Security Problems and Solutions CUSTOMER NEEDS AND STRATEGIES Sluggish Incident Response: Next-Generation Security Problems and Solutions Christian A. Christiansen Christina Richmond Robert Westervelt IDC OPINION The rush to adopt technologies

More information

Payment Card Industry Data Security Standard

Payment Card Industry Data Security Standard Symantec Managed Security Services support for IT compliance Solution Overview: Symantec Managed Services Overviewview The (PCI DSS) was developed to facilitate the broad adoption of consistent data security

More information

I D C A N A L Y S T C O N N E C T I O N

I D C A N A L Y S T C O N N E C T I O N I D C A N A L Y S T C O N N E C T I O N Robert Westervelt Research Manager, Security Products T h e R o l e a nd Value of Continuous Security M o nitoring August 2015 Continuous security monitoring (CSM)

More information

W H I T E P A P E R I m p a c t o f C y b e r s e c u r i t y A t t a c k s a n d N e w - A g e S e c u r i t y S t r a t e g i e s

W H I T E P A P E R I m p a c t o f C y b e r s e c u r i t y A t t a c k s a n d N e w - A g e S e c u r i t y S t r a t e g i e s W H I T E P A P E R I m p a c t o f C y b e r s e c u r i t y A t t a c k s a n d N e w - A g e S e c u r i t y S t r a t e g i e s IDC Middle East, Africa, and Turkey, Al Thuraya Tower 1, Level 15, Dubai

More information

The Benefits of an Integrated Approach to Security in the Cloud

The Benefits of an Integrated Approach to Security in the Cloud The Benefits of an Integrated Approach to Security in the Cloud Judith Hurwitz President and CEO Marcia Kaufman COO and Principal Analyst Daniel Kirsch Senior Analyst Sponsored by IBM Introduction The

More information

Advanced Threat Protection with Dell SecureWorks Security Services

Advanced Threat Protection with Dell SecureWorks Security Services Advanced Threat Protection with Dell SecureWorks Security Services Table of Contents Summary... 2 What are Advanced Threats?... 3 How do advanced threat actors operate?... 3 Addressing the Threat... 5

More information

What is Security Intelligence?

What is Security Intelligence? 2 What is Security Intelligence? Security Intelligence --noun 1. the real-time collection, normalization, and analytics of the data generated by users, applications and infrastructure that impacts the

More information

Cisco Security Services

Cisco Security Services Cisco Security Services Cisco Security Services help you defend your business from evolving security threats, enhance the efficiency of your internal staff and processes, and increase the return on your

More information

Preemptive security solutions for healthcare

Preemptive security solutions for healthcare Helping to secure critical healthcare infrastructure from internal and external IT threats, ensuring business continuity and supporting compliance requirements. Preemptive security solutions for healthcare

More information

Worldwide Security and Vulnerability Management 2014 2018 Forecast and 2013 Vendor Shares

Worldwide Security and Vulnerability Management 2014 2018 Forecast and 2013 Vendor Shares Market Analysis Worldwide Security and Vulnerability Management 2014 2018 Forecast and 2013 Vendor Shares Charles J. Kolodgy IN THIS EXCERPT The content for this excerpt was taken directly from IDC Market

More information

With Cloud Defender, Alert Logic combines products to deliver outcome-based security

With Cloud Defender, Alert Logic combines products to deliver outcome-based security With Cloud Defender, Alert Logic combines products to deliver outcome-based security Analyst: Javvad Malik 13 Nov, 2014 Security has typically been a technology-driven area. If a company puts up a website,

More information

McAfee Acquires NitroSecurity

McAfee Acquires NitroSecurity McAfee Acquires NitroSecurity McAfee announced that it has closed the acquisition of privately owned NitroSecurity. 1. Who is NitroSecurity? What do they do? NitroSecurity develops high-performance security

More information

Q1 Labs Corporate Overview

Q1 Labs Corporate Overview Q1 Labs Corporate Overview The Security Intelligence Leader Who we are: Innovative Security Intelligence software company One of the largest and most successful SIEM vendors Leader in Gartner 2011, 2010,

More information

SOLUTION BRIEF. Next Generation APT Defense for Healthcare

SOLUTION BRIEF. Next Generation APT Defense for Healthcare SOLUTION BRIEF Next Generation APT Defense for Healthcare Overview Next Generation APT Defense for Healthcare Healthcare records with patients personally identifiable information (PII) combined with their

More information

WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales

WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales The Cost of Cybercrime Sony $171m PlayStation 3 data breach (April 2011) $3 trillion

More information

Cloud Assurance: Ensuring Security and Compliance for your IT Environment

Cloud Assurance: Ensuring Security and Compliance for your IT Environment Cloud Assurance: Ensuring Security and Compliance for your IT Environment A large global enterprise has to deal with all sorts of potential threats: advanced persistent threats (APTs), phishing, malware

More information

Cisco Security Optimization Service

Cisco Security Optimization Service Cisco Security Optimization Service Proactively strengthen your network to better respond to evolving security threats and planned and unplanned events. Service Overview Optimize Your Network for Borderless

More information

I D C E X E C U T I V E B R I E F

I D C E X E C U T I V E B R I E F Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com I D C E X E C U T I V E B R I E F P e netration Testing: Taking the Guesswork Out of Vulnerability

More information

FIVE PRACTICAL STEPS

FIVE PRACTICAL STEPS WHITEPAPER FIVE PRACTICAL STEPS To Protecting Your Organization Against Breach How Security Intelligence & Reducing Information Risk Play Strategic Roles in Driving Your Business CEOs, CIOs, CTOs, AND

More information

NEC Managed Security Services

NEC Managed Security Services NEC Managed Security Services www.necam.com/managedsecurity How do you know your company is protected? Are you keeping up with emerging threats? Are security incident investigations holding you back? Is

More information

Address C-level Cybersecurity issues to enable and secure Digital transformation

Address C-level Cybersecurity issues to enable and secure Digital transformation Home Overview Challenges Global Resource Growth Impacting Industries Address C-level Cybersecurity issues to enable and secure Digital transformation We support cybersecurity transformations with assessments,

More information

IBM Security QRadar Vulnerability Manager

IBM Security QRadar Vulnerability Manager IBM Security QRadar Vulnerability Manager Improve security and compliance by prioritizing security gaps for resolution Highlights Help prevent security breaches by discovering and highlighting high-risk

More information

Cloud Economics: A Financial Analysis of Information Management IT Delivery Models

Cloud Economics: A Financial Analysis of Information Management IT Delivery Models WHITE PAPER Cloud Economics: A Financial Analysis of Information Management IT Delivery Models Sponsored by: Viewpointe LLC Michael Versace October 2013 Randy Perry IDC OPINION Executive Summary Cost optimization

More information

Company-owned managed security technologies, in addition to more than 500 third-party technologies that Trustwave manages and monitors

Company-owned managed security technologies, in addition to more than 500 third-party technologies that Trustwave manages and monitors VENDOR PROFILE Trustwave: Solutions and Services for Security and Compliance Christina Richmond IDC OPINION Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com

More information

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst ESG Brief Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: APTs first came on the scene in 2010, creating a wave

More information

I D C T E C H N O L O G Y S P O T L I G H T. S e r ve r S e c u rity: N o t W h a t It U s e d t o Be!

I D C T E C H N O L O G Y S P O T L I G H T. S e r ve r S e c u rity: N o t W h a t It U s e d t o Be! I D C T E C H N O L O G Y S P O T L I G H T S e r ve r S e c u rity: N o t W h a t It U s e d t o Be! December 2014 Adapted from Worldwide Endpoint Security 2013 2017 Forecast and 2012 Vendor Shares by

More information

Trustwave blocks Web-borne malware - guaranteed, or your money back

Trustwave blocks Web-borne malware - guaranteed, or your money back Trustwave blocks Web-borne malware - guaranteed, or your money back Analyst: Adrian Sanabria 16 Jul, 2014 Today, Trustwave makes a bold announcement a zero malware guarantee. The anti-malware market has

More information

Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs

Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs IBM Global Technology Services Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs Achieving a secure government

More information

Italy. EY s Global Information Security Survey 2013

Italy. EY s Global Information Security Survey 2013 Italy EY s Global Information Security Survey 2013 EY s Global Information Security Survey 2013 This year s survey our 16th edition captures the responses of 1,909 C-suite and senior level IT and information

More information

Business Case Outsourcing Information Security: The Benefits of a Managed Security Service

Business Case Outsourcing Information Security: The Benefits of a Managed Security Service Business Case Outsourcing Information Security: The Benefits of a Managed Security Service seccuris.com (866) 644-8442 Contents Introduction... 3 Full- Time Experts vs. a Part- Time In- House Staff...

More information

North American Electric Reliability Corporation (NERC) Cyber Security Standard

North American Electric Reliability Corporation (NERC) Cyber Security Standard North American Electric Reliability Corporation (NERC) Cyber Security Standard Symantec Managed Security Services Support for CIP Compliance Overviewview The North American Electric Reliability Corporation

More information

OVERVIEW. Enterprise Security Solutions

OVERVIEW. Enterprise Security Solutions Enterprise Security Solutions OVERVIEW For more than 25 years, Trend Micro has innovated constantly to keep our customers ahead of an everevolving IT threat landscape. It s how we got to be the world s

More information

End-user Security Analytics Strengthens Protection with ArcSight

End-user Security Analytics Strengthens Protection with ArcSight Case Study for XY Bank End-user Security Analytics Strengthens Protection with ArcSight INTRODUCTION Detect and respond to advanced persistent threats (APT) in real-time with Nexthink End-user Security

More information

Assessing the Business Value of the Secured Datacenter

Assessing the Business Value of the Secured Datacenter IDC SOLUTION BRIEF Assessing the Business Value of the Secured Datacenter Sponsored by: Cisco Pete Lindstrom Matthew Marden December 2014 Richard L. Villars OVERVIEW The world of IT is in the midst of

More information

IBM QRadar Security Intelligence April 2013

IBM QRadar Security Intelligence April 2013 IBM QRadar Security Intelligence April 2013 1 2012 IBM Corporation Today s Challenges 2 Organizations Need an Intelligent View into Their Security Posture 3 What is Security Intelligence? Security Intelligence

More information

Security. Security consulting and Integration: Definition and Deliverables. Introduction

Security. Security consulting and Integration: Definition and Deliverables. Introduction Security Security Introduction Businesses today need to defend themselves against an evolving set of threats, from malicious software to other vulnerabilities introduced by newly converged voice and data

More information

Requirements When Considering a Next- Generation Firewall

Requirements When Considering a Next- Generation Firewall White Paper Requirements When Considering a Next- Generation Firewall What You Will Learn The checklist provided in this document details six must-have capabilities to look for when evaluating a nextgeneration

More information

Unified Threat Management, Managed Security, and the Cloud Services Model

Unified Threat Management, Managed Security, and the Cloud Services Model Unified Threat Management, Managed Security, and the Cloud Services Model Kurtis E. Minder CISSP Global Account Manager - Service Provider Group Fortinet, Inc. Introduction Kurtis E. Minder, Technical

More information

Caretower s SIEM Managed Security Services

Caretower s SIEM Managed Security Services Caretower s SIEM Managed Security Services Enterprise Security Manager MSS -TRUE 24/7 Service I.T. Security Specialists Caretower s SIEM Managed Security Services 1 Challenges & Solution Challenges During

More information

Simplify Your Network Security with All-In-One Unified Threat Management

Simplify Your Network Security with All-In-One Unified Threat Management Singtel Business Product Factsheet Brochure Managed Defense Unified Services Management Simplify Your Network Security with All-In-One Unified Management Singtel Managed Unified Management (UTM) Services,

More information

Conquering PCI DSS Compliance

Conquering PCI DSS Compliance Any organization that stores, processes or transmits information related to credit and debit card payments has a responsibility to protect each cardholder s personal data. To help accomplish this goal,

More information

Tata Communications Security Outsourcing. A Must-have for Entry into the Global Economy. www.tatacommunications.com. www.tatacommunications.

Tata Communications Security Outsourcing. A Must-have for Entry into the Global Economy. www.tatacommunications.com. www.tatacommunications. Tata Communications Security Outsourcing A Must-have for Entry into the Global Economy www.tatacommunications.com www.tatacommunications.com 2 Tata Communications Security Outsourcing A Must-have for Entry

More information

Increase insight. Reduce risk. Feel confident.

Increase insight. Reduce risk. Feel confident. Increase insight. Reduce risk. Feel confident. Define critical goals with enhanced visibility then enable security and compliance across your complex IT infrastructure. VIRTUALIZATION + CLOUD NETWORKING

More information

Content Security: Protect Your Network with Five Must-Haves

Content Security: Protect Your Network with Five Must-Haves White Paper Content Security: Protect Your Network with Five Must-Haves What You Will Learn The continually evolving threat landscape is what makes the discovery of threats more relevant than defense as

More information

CYBER SECURITY, A GROWING CIO PRIORITY

CYBER SECURITY, A GROWING CIO PRIORITY www.wipro.com CYBER SECURITY, A GROWING CIO PRIORITY Bivin John Verghese, Practitioner - Managed Security Services, Wipro Ltd. Contents 03 ------------------------------------- Abstract 03 -------------------------------------

More information

Leveraging security from the cloud

Leveraging security from the cloud IBM Global Technology Services Thought Leadership White Paper IBM Security Services Leveraging security from the cloud The who, what, when, why and how of cloud-based security services 2 Leveraging security

More information

Advantages of Managed Security Services

Advantages of Managed Security Services Advantages of Managed Security Services Cloud services via MPLS networks for high security at low cost Get Started Now: 877.611.6342 to learn more. www.megapath.com Executive Summary Protecting Your Network

More information

Managed Security Services for Data

Managed Security Services for Data A v a y a G l o b a l S e r v i c e s Managed Security Services for Data P r o a c t i v e l y M a n a g i n g Y o u r N e t w o r k S e c u r i t y 2 4 x 7 x 3 6 5 IP Telephony Contact Centers Unified

More information

MANAGED SECURITY SERVICES (MSS)

MANAGED SECURITY SERVICES (MSS) MANAGED SECURITY SERVICES (MSS) The Cyber Security Initiative. Cybercrime is becoming an important factor for CIOs and IT professionals, but also for CFOs, compliance officers and business owners. The

More information

2011 Forrester Research, Inc. Reproduction Prohibited

2011 Forrester Research, Inc. Reproduction Prohibited 1 2011 Forrester Research, Inc. Reproduction Prohibited Information Security Metrics Present Information that Matters to the Business Ed Ferrara, Principal Research Analyst July 12, 2011 2 2009 2011 Forrester

More information

ESG Brief. Overview. 2014 by The Enterprise Strategy Group, Inc. All Rights Reserved.

ESG Brief. Overview. 2014 by The Enterprise Strategy Group, Inc. All Rights Reserved. ESG Brief Webroot Delivers Enterprise-Class Threat Intelligence to Security Technology Providers and Large Organizations Date: September 2014 Author: Jon Oltsik, Senior Principal Analyst; Kyle Prigmore,

More information

Combating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center

Combating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center Combating a new generation of cybercriminal with in-depth security monitoring 1 st Advanced Data Analysis Security Operation Center The Challenge Don t leave your systems unmonitored. It takes an average

More information

A HELPING HAND TO PROTECT YOUR REPUTATION

A HELPING HAND TO PROTECT YOUR REPUTATION OVERVIEW SECURITY SOLUTIONS A HELPING HAND TO PROTECT YOUR REPUTATION CONTENTS INFORMATION SECURITY MATTERS 01 TAKE NOTE! 02 LAYERS OF PROTECTION 04 ON GUARD WITH OPTUS 05 THREE STEPS TO SECURITY PROTECTION

More information

DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER

DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND Introduction > New security threats are emerging all the time, from new forms of malware and web application exploits that target

More information

Mobile Device and Application Trends Are Mobile Applications Moving to the Cloud?

Mobile Device and Application Trends Are Mobile Applications Moving to the Cloud? White Paper Mobile Device and Application Trends Are Mobile Applications Moving to the Cloud? Sponsored by: Cisco Denise Lund April 2014 IDC OPINION The use of mobile devices across job levels and functions

More information

Transformative Technology in Document Security

Transformative Technology in Document Security INSIGHT Transformative Technology in Document Security Arianna Valentini IDC OPINION The majority of organizations have taken steps in making sure that their IT environments are secure. Worldwide Security

More information

Information & Asset Protection with SIEM and DLP

Information & Asset Protection with SIEM and DLP Information & Asset Protection with SIEM and DLP Keeping the Good Stuff in and the Bad Stuff Out Professional Services: Doug Crich Practice Leader Infrastructure Protection Solutions What s driving the

More information

Seven Things To Consider When Evaluating Privileged Account Security Solutions

Seven Things To Consider When Evaluating Privileged Account Security Solutions Seven Things To Consider When Evaluating Privileged Account Security Solutions Contents Introduction 1 Seven questions to ask every privileged account security provider 4 1. Is the solution really secure?

More information

CORE Security and GLBA

CORE Security and GLBA CORE Security and GLBA Addressing the Graham-Leach-Bliley Act with Predictive Security Intelligence Solutions from CORE Security CORE Security +1 617.399-6980 info@coresecurity.com www.coresecurity.com

More information

Combating a new generation of cybercriminal with in-depth security monitoring

Combating a new generation of cybercriminal with in-depth security monitoring Cybersecurity Services Combating a new generation of cybercriminal with in-depth security monitoring 1 st Advanced Data Analysis Security Operation Center The Challenge Don t leave your systems unmonitored.

More information

BlackRidge Technology Transport Access Control: Overview

BlackRidge Technology Transport Access Control: Overview 2011 BlackRidge Technology Transport Access Control: Overview 1 Introduction Enterprises and government agencies are under repeated cyber attack. Attacks range in scope from distributed denial of service

More information

REVOLUTIONIZING ADVANCED THREAT PROTECTION

REVOLUTIONIZING ADVANCED THREAT PROTECTION REVOLUTIONIZING ADVANCED THREAT PROTECTION A NEW, MODERN APPROACH Blue Coat Advanced Threat Protection Group GRANT ASPLUND Senior Technology Evangelist 1 WHY DO I STAND ON MY DESK? "...I stand upon my

More information

Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA. Cyber: The Catalyst to Transform the Security Program

Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA. Cyber: The Catalyst to Transform the Security Program Cyber: The Catalyst to Transform the Security Program Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA A Common Language? Hyper Connected World Rapid IT Evolution Agile Targeted Threat

More information

Unified Security Management

Unified Security Management Unified Security Reduce the Cost of Compliance Introduction In an effort to achieve a consistent and reliable security program, many organizations have adopted the standard as a key compliance strategy

More information

Clavister InSight TM. Protecting Values

Clavister InSight TM. Protecting Values Clavister InSight TM Clavister SSP Security Services Platform firewall VPN termination intrusion prevention anti-virus anti-spam content filtering traffic shaping authentication Protecting Values & Enterprise-wide

More information

INFORMATION PROTECTED

INFORMATION PROTECTED INFORMATION PROTECTED Symantec Protection Suite Effective, comprehensive threat protection Safeguarding your organization s business-critical assets in today s ever-changing threat landscape has never

More information

2015 GLOBAL THREAT INTELLIGENCE REPORT EXECUTIVE SUMMARY

2015 GLOBAL THREAT INTELLIGENCE REPORT EXECUTIVE SUMMARY 2015 GLOBAL THREAT INTELLIGENCE REPORT EXECUTIVE SUMMARY 1 EXECUTIVE SUMMARY INTRODUCING THE 2015 GLOBAL THREAT INTELLIGENCE REPORT Over the last several years, there has been significant security industry

More information

By John Pirc. THREAT DETECTION HAS moved beyond signature-based firewalls EDITOR S DESK SECURITY 7 AWARD WINNERS ENHANCED THREAT DETECTION

By John Pirc. THREAT DETECTION HAS moved beyond signature-based firewalls EDITOR S DESK SECURITY 7 AWARD WINNERS ENHANCED THREAT DETECTION THE NEXT (FRONT) TIER IN SECURITY When conventional security falls short, breach detection systems and other tier 2 technologies can bolster your network s defenses. By John Pirc THREAT HAS moved beyond

More information

IBM Security Strategy

IBM Security Strategy IBM Security Strategy Intelligence, Integration and Expertise Kate Scarcella CISSP Security Tiger Team Executive M.S. Information Security IBM Security Systems IBM Security: Delivering intelligence, integration

More information

IBM Security Intelligence Strategy

IBM Security Intelligence Strategy IBM Security Intelligence Strategy Delivering Insight with Agility October 17, 2014 Victor Margina Security Solutions Accent Electronic 12013 IBM Corporation We are in an era of continuous breaches Operational

More information

WHITE PAPER Malicious Code and Mobile Devices: Best Practices for Securing Mobile Environments

WHITE PAPER Malicious Code and Mobile Devices: Best Practices for Securing Mobile Environments Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com WHITE PAPER Malicious Code and Mobile Devices: Best Practices for Securing Mobile Environments Sponsored

More information

Building a Web Security Ecosystem to Combat Emerging Internet Threats

Building a Web Security Ecosystem to Combat Emerging Internet Threats I D C V E N D O R S P O T L I G H T Building a Web Security Ecosystem to Combat Emerging Internet Threats September 2005 Adapted from: Worldwide Secure Content Management 2005 2009 Forecast Update and

More information

Cisco Cloud Web Security: A Key Component of a Unified Security Architecture

Cisco Cloud Web Security: A Key Component of a Unified Security Architecture Cisco Cloud Web Security: A Key Component of a Unified Security Architecture Marketing/Technical description for services Scope of the Service Cisco Cloud Web Security (previously known as ScanSafe) builds

More information

WHITE PAPER Making Cloud an Integral Part of Your Enterprise Storage and Data Protection Strategy

WHITE PAPER Making Cloud an Integral Part of Your Enterprise Storage and Data Protection Strategy WHITE PAPER Making Cloud an Integral Part of Your Enterprise Storage and Data Protection Strategy Sponsored by: Riverbed Technology Brad Nisbet December 2010 Richard L. Villars Global Headquarters: 5 Speen

More information

DNS Server Security Survey

DNS Server Security Survey EXECUTIVE BRIEF DNS Server Security Survey Sponsored by: EfficientIP Romain Fouchereau June 2014 INTRODUCTION With most organizations having some business linked to and more importantly relying on an online

More information

PCI Requirements Coverage Summary Table

PCI Requirements Coverage Summary Table StillSecure PCI Complete Managed PCI Compliance Solution PCI Requirements Coverage Summary Table January 2013 Table of Contents Introduction... 2 Coverage assumptions for PCI Complete deployments... 2

More information

High End Information Security Services

High End Information Security Services High End Information Security Services Welcome Trion Logics Security Solutions was established after understanding the market's need for a high end - End to end security integration and consulting company.

More information

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to

More information

MANAGED SECURITY SERVICES: WHEN IT'S TIME TO STOP GOING "IT" ALONE

MANAGED SECURITY SERVICES: WHEN IT'S TIME TO STOP GOING IT ALONE MANAGED SECURITY SERVICES: WHEN IT'S TIME TO STOP GOING "IT" ALONE August 2014 Derek E. Brink, CISSP, Vice President and Research Fellow, IT Security and IT GRC Report Highlights p2 p3 p6 p7 Security is

More information

W H I T E P A P E R T h e I m p a c t o f A u t o S u p p o r t: Leveraging Advanced Remote and Automated Support

W H I T E P A P E R T h e I m p a c t o f A u t o S u p p o r t: Leveraging Advanced Remote and Automated Support W H I T E P A P E R T h e I m p a c t o f A u t o S u p p o r t: Leveraging Advanced Remote and Automated Support Sponsored by: NetApp Brad Nisbet December 2008 Matt Healey IDC OPINION Global Headquarters:

More information

Proven LANDesk Solutions

Proven LANDesk Solutions LANDesk Solutions Descriptions Proven LANDesk Solutions IT departments face pressure to reduce costs, reduce risk, and increase productivity in the midst of growing IT complexity. More than 4,300 organizations

More information

Security for Financial Services: Addressing the Perception Gaps in a Dynamic Landscape

Security for Financial Services: Addressing the Perception Gaps in a Dynamic Landscape White Paper Security for Financial Services: Addressing the Perception Gaps in a Dynamic Landscape Financial services organizations have a unique relationship with technology: electronic data and transactions

More information

Current IBAT Endorsed Services

Current IBAT Endorsed Services Current IBAT Endorsed Services Managed Network Intrusion Prevention and Detection Service SecureWorks provides proactive management and real-time security event monitoring and analysis across your network

More information

Extreme Networks Security Analytics G2 Vulnerability Manager

Extreme Networks Security Analytics G2 Vulnerability Manager DATA SHEET Extreme Networks Security Analytics G2 Vulnerability Manager Improve security and compliance by prioritizing security gaps for resolution HIGHLIGHTS Help prevent security breaches by discovering

More information

Bringing Continuous Security to the Global Enterprise

Bringing Continuous Security to the Global Enterprise Bringing Continuous to the Global Enterprise Asset Discovery Network Web App Compliance Monitoring Threat Protection The Most Advanced Platform 3+ Billion IP Scans/Audits a Year 1+ Trillion Events The

More information

DETECT AND RESPOND TO THREATS FROM THE DATA CENTER TO THE CLOUD

DETECT AND RESPOND TO THREATS FROM THE DATA CENTER TO THE CLOUD SOLUTION OVERVIEW: ALERT LOGIC THREAT MANAGER WITH ACTIVEWATCH DETECT AND RESPOND TO THREATS FROM THE DATA CENTER TO THE CLOUD Protecting your infrastructure requires you to detect threats, identify suspicious

More information

WHITE PAPER Practical Information Governance: Balancing Cost, Risk, and Productivity

WHITE PAPER Practical Information Governance: Balancing Cost, Risk, and Productivity WHITE PAPER Practical Information Governance: Balancing Cost, Risk, and Productivity Sponsored by: EMC Corporation Laura DuBois August 2010 Vivian Tero EXECUTIVE SUMMARY Global Headquarters: 5 Speen Street

More information

WHAT ARE THE BENEFITS OF OUTSOURCING NETWORK SECURITY?

WHAT ARE THE BENEFITS OF OUTSOURCING NETWORK SECURITY? WHAT ARE THE BENEFITS OF OUTSOURCING NETWORK SECURITY? Contents Introduction.... 3 What Types of Network Security Services are Available?... 4 Penetration Testing and Vulnerability Assessment... 4 Cyber

More information

I D C A N A L Y S T C O N N E C T I O N

I D C A N A L Y S T C O N N E C T I O N I D C A N A L Y S T C O N N E C T I O N David Tapper Vice President, Outsourcing and Managed Services T h e B u s i n e ss Value of Managed Servi c e s i n Optimizing Productivi t y, D r i vi n g D ow

More information

Compliance Guide ISO 27002. Compliance Guide. September 2015. Contents. Introduction 1. Detailed Controls Mapping 2.

Compliance Guide ISO 27002. Compliance Guide. September 2015. Contents. Introduction 1. Detailed Controls Mapping 2. ISO 27002 Compliance Guide September 2015 Contents Compliance Guide 01 02 03 Introduction 1 Detailed Controls Mapping 2 About Rapid7 7 01 INTRODUCTION If you re looking for a comprehensive, global framework

More information

RE Think. IT & Business. Invent. IBM SmartCloud Security. Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC

RE Think. IT & Business. Invent. IBM SmartCloud Security. Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC RE Think Invent IT & Business IBM SmartCloud Security Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC 2014 IBM Corporation Some Business Questions Is Your Company is Secure

More information

I D C S P O T L I G H T. Ac c e l e r a t i n g Cloud Ad o p t i o n w i t h Standard S e c u r i t y M e a s u r e s

I D C S P O T L I G H T. Ac c e l e r a t i n g Cloud Ad o p t i o n w i t h Standard S e c u r i t y M e a s u r e s I D C S P O T L I G H T Ac c e l e r a t i n g Cloud Ad o p t i o n w i t h Standard S e c u r i t y M e a s u r e s March 2012 Adapted from Worldwide Cloud Security 2011 2015 Forecast: A Comprehensive

More information

Protecting against cyber threats and security breaches

Protecting against cyber threats and security breaches Protecting against cyber threats and security breaches IBM APT Survival Kit Alberto Benavente Martínez abenaventem@es.ibm.com IBM Security Services Jun 11, 2015 (Madrid, Spain) 12015 IBM Corporation So

More information

Information Security Services. Achieving PCI compliance with Dell SecureWorks security services

Information Security Services. Achieving PCI compliance with Dell SecureWorks security services Information Security Services Achieving PCI compliance with Dell SecureWorks security services Executive summary In October 2010, the Payment Card Industry (PCI) issued the new Data Security Standard (DSS)

More information