Gartner Report: Five High-Priority Changes to Tackle the EU GDPR
The GDPR takes effect soon and requires huge changes in privacy data processing. Not sure where to start? Read Gartner’s Focus on Five High-Priority Changes to Tackle the EU GDPR report now to ensure your organization is on track for compliance.
Forrester Report: The Future of Data Security and Privacy
Most security professionals still explain the value of data security to the business only in terms of risk reduction, cost reduction and regulatory compliance. Data Security today is so much more than cost reduction. Read this Forrester report to learn how Data Security today is, in fact, a driver of revenue and growth.
Beginners Guide to Data Masking
As data continues to grow and proliferate throughout the enterprise, data breaches continue to make headlines across all industries. As a result, regulators are increasingly focused on data protection and privacy. Beginners Guide to Data Masking explores what data masking is and how it can help organizations defend themselves against data breaches and improve compliance with data protection regulations.
eBook: Cyber Security is the Board’s Business
Board members have a fiduciary responsibility to establish and govern business policies and practices that drive a company’s financial performance and growth. But do they have a comprehensive view of the company’s defense posture to assure they are a conscientious steward of the business?
In this eBook, Board members will discover why they need to be concerned about cyber security and how to get more involved.
Cyber Security Board Oversight: Taking Ownership of Cyber Security Risks
Enterprise-level cyber security solutions require more than just technology and employee training; they require the top-down involvement of everyone within the organization, including the Board of Directors. Getting buy-in from a Board of Directors is not always easy, however.
In this eBook, CEOs and CIOs will discover new ways to educate their Board of Directors and get them onboard with their cyber security.
Combat today’s threats with a single platform for app and data security
Read Combat Today’s Threats with a Single Platform for App and Data Security and learn how to protect web applications and sensitive data across the enterprise and in the cloud. Employing a practical approach, this paper guides you through four simple steps to discover, assess, protect and monitor access to sensitive data.
SharePoint Governance and Security: Where to Start
SharePoint is a complex platform experiencing explosive growth in adoption, exposure, and storage of sensitive content. Consequently, SharePoint security and governance are under greater scrutiny at the executive level and require immediate mitigation actions. The phased, risk-based perspective outlined in this paper aligns investments and priorities to accomplish the greatest security return for existing SharePoint deployments. Security plans should include both preventative and analytical capabilities and incorporate automated tools to provide controls and information that cannot be addressed practically by native SharePoint functionality or corporate resources.
Five Steps for Protecting Australian Government Information
According to the Information Security Manual (ISM), the primary cyber threat to Australia is cyber exploitation: malicious activities designed to silently gather information from ICT systems. The disclosure of sensitive commercial or government information can threaten national interests. The disclosure of sensitive personal information can enable malicious activities against individuals. The security of sensitive government and commercial information is critical for ensuring that Australia continues to be a safe place to do business online. This paper outlines Five Steps to protect critical information.
Information Security Risk Management for Australian Financial Service Organizations
Published in 2010 by the Australian Prudential Regulation Authority (APRA), the prudential practice guide PPG 234 aims to assist regulated financial institutions in the management of security risk in information and information technology. The guide targets areas where APRA continues to identify weaknesses as part of its ongoing supervisory activities. PPG 234 reflects the need for sound risk management disciplines and solid business understanding to evaluate and manage the IT security risk profile. This paper identifies how SecureSphere enables financial institutions to incrementally address the PPG 234 security recommendations and mitigate risks to their information and information systems.
Implementing Security Controls for addressing DHS Sensitive Systems Policy Directive 4300A
This paper reviews how SecureSphere enables DHS components to implement the technical controls described in chapter 5 of the DHS 4300A Sensitive Systems Handbook. With SecureSphere Data Security Solutions, DHS components can facilitate detection of security violations, and support security requirements for applications and data, including Identification and Authentication, Access Controls and Auditing.
Compliance with the HIPAA Security Rule - Meeting the Electronic Code of Federal Requirements
The HIPAA Security Rule establishes national standards to protect individuals' medical records and other personal health information. In this paper we review the security standards for protection of e-PHI as listed under part 164 of the 45 CFR, and map SecureSphere Data Security Suite solutions to the specified requirements described in these standards.
Meeting NIST SP 800-53 Guidelines
This paper reviews information security requirements described by NIST in SP 800-53. It discusses the main implementation challenges organizations struggle with. The paper also maps key capabilities of Imperva's SecureSphere Data Security Suite to NIST SP 800-53 guidelines, describing how SecureSphere solutions can be used to implement required controls, manage risk to federal information and demonstrate compliance.
Top 10 Guide to Data Security for Federal Agencies
Web application and database security remains one of the most vulnerable areas across federal agencies as well as the private sector in virtually every geography and business vertical. An essential difference between enterprises and federal agencies is the attacker.
Irrespective of attacks from inside or outside an organization data remains the prize. Traditional network security controls while valuable and necessary simply don't scale to address data-centric attacks, and organizations need to augment them with data-centric solutions focused on the targets: Web applications and databases. But federal agencies are not just focused on security - they also need to demonstrate compliance to both agency and congressional mandates.