• Insider’s Guide to Defeating Ransomware: Protect Your Data at its Source

    Cybercriminals are increasingly using ransomware to attack companies like yours, with 40% of businesses hit by ransomware in 2015. In the ebook “Insider’s Guide to Defeating Ransomware: Protect Your Data at its Source,” you’ll learn how to protect your data and your business from being held hostage by cybercriminals.
  • eBook: Cyber Security is the Board’s Business

    Board members have a fiduciary responsibility to establish and govern business policies and practices that drive a company’s financial performance and growth. But do they have a comprehensive view of the company’s defense posture to assure they are a conscientious steward of the business?

    In this eBook, Board members will discover why they need to be concerned about cyber security and how to get more involved.
  • Cyber Security Board Oversight: Taking Ownership of Cyber Security Risks

    Enterprise-level cyber security solutions require more than just technology and employee training; they require the top-down involvement of everyone within the organization, including the Board of Directors. Getting buy-in from a Board of Directors is not always easy, however.

    In this eBook, CEOs and CIOs will discover new ways to educate their Board of Directors and get them onboard with their cyber security.
  • Combat today’s threats with a single platform for app and data security

    Read Combat Today’s Threats with a Single Platform for App and Data Security and learn how to protect web applications and sensitive data across the enterprise and in the cloud. Employing a practical approach, this paper guides you through four simple steps to discover, assess, protect and monitor access to sensitive data.
  • Gartner Best Practices for Managing 'Insider' Security Threats

    Read Gartner’s Best Practices for Managing 'Insider' Security Threats and get threat prevention strategies to protect your enterprise from security breaches by internal users.
  • Harvard Business Review: The Danger from Within

    The biggest threat to enterprise security is the people organizations hire and fire. Read this article from the Harvard Business Review, “Danger from Within,” and learn why the number of insider cyberattacks is growing and get five tips on how to tackle the problem.
  • Plugging the Security Gaps of Cloud File Sharing Services

    This paper examines seven items to consider when it comes to security and compliance of cloud file sharing services like Box, Dropbox, OneDrive, and Google Drive, and how you can mitigate the risks with a Cloud Access Security Broker (CASB) solution such as Imperva Skyfence. Learn why Gartner says a CASB is a required security platform for organizations using cloud services.
  • Interview with Executive Allan Tessler: Corporate Directors Must Be Involved in Cyber Security

    A corporate board needs to be responsible for ensuring that an organization’s intellectual assets as well as customer information are protected. Customer data is one of the primary sets of information that needs to be safeguarded from hacking and invasion because of the potential mal-use of that information. Read this short Q&A to learn why it’s important for corporate directors to understand cyber security risks.
  • How Malware and Targeted Attacks Infiltrate Your Data Center

    Advanced targeted attacks leverage social engineering techniques and malware to bypass the security perimeter and compromise those individuals already on the inside of your enterprise. It only takes one infected employee to unknowingly unleash an attack on your entire network. This white paper will examine the seven stages of an advanced targeted attack, explore why traditional defenses, such as firewalls and IPS solutions lack the application and data focus needed to protect data center assets, and outline the functionality required to safeguard your organization from targeted attacks.
  • [eBook] Targeted Attacks: 8 Steps to Safeguard Your Organization

    User accounts and devices provide a direct pathway for hackers to access your most valuable asset - your data. By targeting your trusted employees, attackers can circumvent conventional solutions like firewalls and IPS solutions to penetrate your network and compromise your data center. A multi-layered strategy with malware detection and data center security is critical as it buys your IT department time to remediate compromised devices on your schedule and without impeding user productivity. This eBook includes case studies from eight organizations in highly targeted industries that suffered an advanced targeted attack; explains how targeted attacks, often using spear phishing and malware, consistently defy firewalls and IPS solutions; details critical layers of technology that businesses can implement to ensure data center protection; and provides an eight step plan for safeguarding your organization from attack.
  • An Inside Track on Insider Threats

    How do leading companies mitigate the invisible problem of rogue insiders? Imperva analyzed dozens of companies to understand some of the commonly deployed practices across human resources, legal and technology to stop malicious insiders from taking data and intellectual property. Specifically, we identify nine practices top enterprises have found the most useful to control the leakage of digital assets. Pinpointing the source and scope of data theft is often hard to quantify, especially since your largest internal threat may actually be one of your most loyal employees. This research presents the findings of the first-ever global insider threat study that catalogs common practices used by leading organizations across numerous verticals.
  • Advanced Persistent Threat - Are You the Next Target?

    Security researchers have been talking about advanced persistent threat (APT) for some time. Recently, we have seen a steep increase in the number of organizations hit by this type of attack. Initially, researchers thought APTs were mostly aimed at government agencies or political targets, but the latest attacks on enterprises suggest that APTs are not confined to a specific type of organization or sector.
  • [eBook] SharePoint Security Playbook

    The increasing use of Microsoft SharePoint to store sensitive business data and extend access and collaboration to partners, customers, and suppliers has outpaced native SharePoint security capabilities. More and more organizations are storing and accessing sensitive, regulated information through this platform. To improve business security, organizations must invest in organizing, managing, and protecting these valuable assets. By implementing the five lines of defense outlined in this eBook, you will be able to overcome operational challenges and protect your SharePoint deployments against both internal and external threats.
  • Compliance with the HIPAA Security Rule - Meeting the Electronic Code of Federal Requirements

    The HIPAA Security Rule establishes national standards to protect individuals' medical records and other personal health information. In this paper we review the security standards for protection of e-PHI as listed under part 164 of the 45 CFR, and map SecureSphere Data Security Suite solutions to the specified requirements described in these standards.
  • How to Secure Your SharePoint Deployment

    This paper presents five best practices for securing your SharePoint environment. It discusses how SecureSphere for SharePoint can help organizations get the most out of SharePoint's existing permissions system, and fill some of SharePoint's security gaps.
  • Cutting IT Operations Costs for Unstructured Data

    Market analysts estimate that 80% of all enterprise data is unstructured and that unstructured data will grow tenfold in the next five years. Crushed under the weight of these files are the IT organizations tasked with managing and securing them. Operationally, it's nearly impossible to keep track of who is creating all of these business documents, who owns them, and who can - and is - accessing them.
  • 10 Building Blocks for Securing File Data

    Three fundamental capabilities are lacking in most organizations:
    1. Operationally efficient file activity monitoring and auditing
    2. Scalable user rights management for files
    3. Automated business policy enforcement for file data
    These three capabilities are core components of the emerging File Activity Monitoring market, and form the basis of a phased approach to file security. This guide describes ten phases for securing file data, including how and when to use these basic capabilities, as well as when to deploy other complementary technologies.
  • Security for PCI Compliance

    Addressing Security and Auditing Requirements for Web Applications, Databases, and File Servers

    For many organizations, Web, database, and file security present the most challenging barriers to achieving PCI DSS compliance. Often, businesses must provision new technologies or roll out new processes to satisfy Web application security, data audit, and user rights management requirements in the PCI standard.

    This paper focuses on the key PCI DSS requirements that impact application and data security. Designed for auditors and security professionals, it describes how Imperva SecureSphere solutions can help organizations address the most costly and complex PCI mandates.
  • Five Signs Your File Data is at Risk

    Persistent insider threats and regulatory compliance mandates make protecting sensitive file data a business requirement for virtually every organization. However, the sheer volume of file data and its rapid and continuous growth make it a challenge to secure properly. This whitepaper reviews the five questions to help you assess your file security posture. If you aren't able to answer these five questions confidently, your file data is probably at risk.
  • Top 10 Guide to Data Security for Federal Agencies

    Web application and database security remains one of the most vulnerable areas across federal agencies as well as the private sector in virtually every geography and business vertical. An essential difference between enterprises and federal agencies is the attacker.

    Irrespective of attacks from inside or outside an organization data remains the prize. Traditional network security controls while valuable and necessary simply don't scale to address data-centric attacks, and organizations need to augment them with data-centric solutions focused on the targets: Web applications and databases. But federal agencies are not just focused on security - they also need to demonstrate compliance to both agency and congressional mandates.