Email Alerts
-
VoIP security strategy helps WNS tackle cross-party risk
Indian BPO major WNS ensures robust risk management and PCI-DSS compliance through simple VoIP security solution, despite outdated client infrastructure. Case Study
-
Genpact boosts security management with SIEM tool
An early adopter of SIEM technology in India, leading BPO firm Genpact’s nine-year journey to SIEM nirvana forms the focus of this case study. Case Study
-
Airtel's ISO 27001 certification tale: Benefits, challenges & lessons
Leading Indian telecom player Bharti Airtel’s ISO 27001 implementation is one of the largest in the world. Join us, as we take a peek under the hood. Case Study
-
Static code analysis tools gain traction in India as SDL models mature
Static analysis tools are gaining popularity with Indian companies as software development models and perspectives mature. Here are some popular choices. Feature
-
HDFC Bank’s ISO 27004 compliant security metrics a boost toward GRC
An ISO/IEC 27004 compliant metrics program is a rarity in the Indian infosec circuit. Indian BFSI major HDFC Bank’s ISMS has been there, done that. Case Study
-
IRM solution helps training provider secure critical assets
Information rights management (IRM) with Seclore’s FileSecure was PurpleLeap’s weapon of choice against the dangers of intellectual property leakage Case Study
-
Network security assessments: India Inc. is going beyond routine
As network security assessments become essential hygiene, security experts at Indian enterprises are honing in to specifics. Some tips, insights and advice. Feature
-
CEH certification gains credence in IT security domain
CEH certification is much sought after in the IT security domain today. Here’s how you can obtain CEH certification and why you should attempt do so. Feature
-
Essar’s WAN encryption strategy to secure data in motion: In focus
Indian conglomerate Essar puts WAN encryption in place using Cisco’s GET VPN to protect data flows between remote locations. A closer look. Case study
-
Exploit development tutorial - Part Deux
In our exploit development tutorial’s second part, we examine how you can write exploits in PERL. Then we see how to port exploits by scripting in Ruby. Tutorial
- See more Essential Knowledge on Enterprise risk management strategies
-
Security tech market set to grow 8.7% in 2013, says Gartner
The worldwide security technology and services market will reach $67.2bn in 2013, up 8.7% from 2012, according to research firm Gartner News | 11 Jun 2013
-
A malicious charger could hack Apple devices easily, claim researchers
A modified phone charger or battery could be used to hack Apple devices, say researchers from Georgia Tech News | 04 Jun 2013
-
BYOD: Securing the risk to access the cost benefits
Bring-your-own-device schemes offer businesses the opportunity to cut the costs and improve user experiences, but benefits can be dwarfed by the risks. News | 17 May 2013
-
Indian companies must increase phishing awareness
Businesses are being targeted for phishing attacks. These attacks are increasingly turning into a corporate concern, with much at stake -- such as reputation damage. News | 25 Apr 2013
-
Emerging threats include kinetic attack, offensive forensics: RSA 2013
At RSA 2013, experts Ed Skoudis and Johannes Ullrich explained how the SANS CyberCity supports offensive forensics and helps prevent kinetic attacks. News | 04 Mar 2013
-
Cutwail botnet spam campaign tied to Zeus banking Trojan
The cybercriminals connected to the notorious Zeus Trojan are using the Cutwail botnet to distribute spam designed to steal account credentials. News | 05 Dec 2012
-
Phishing attack, stolen credentials sparked South Carolina breach
A phishing attack and stolen credentials gave an attacker access to the systems of the South Carolina Department of Revenue for two months. News | 21 Nov 2012
-
Cloud security begins with the contract, says expert
Enterprises must empower their legal teams to ask the right questions and write contracts based on risk management, explains Tom Kellermann of Trend Micro. News | 21 Nov 2012
-
Deception, proactive defenses can better protect IP, says expert
Deceptive environments, phony data in the enterprise can fool attackers and increase the cost of hacking, says noted cybersecurity expert Paul Kurtz. News | 20 Nov 2012
-
PCI Council: Risk assessment methodology unique to company environment
The PCI Risk Assessment Special Interest Group concludes that risk assessments are based on a company's unique risk tolerance and environment. News | 19 Nov 2012
- See more News on Enterprise risk management strategies
-
How to reduce IT security risk with IT asset management
IT asset management expert Barb Rembiesa explains how ITAM best practices like IT asset standardization and rationalization reduce IT security risk. Tip
-
A CIO's five-point plan for managing endpoint security
Niel Nickolaisen offers a five-point solution for managing endpoint security for the hyper-connected enterprise -- starting with data governance. Tip
-
With DLP, encryption and integration strengthen security policies
Encryption and DLP integration can be used to enhance and strengthen security policies for sensitive data, and for blocking and enforcement actions. Tip
-
Assumption of breach: How a new mindset can help protect critical data
By adopting the assumption-of-breach security model, CISOs and security pros can better protect critical data. Expert Ernie Hayden explains. Tip
-
Audits and compliance requirements for cloud computing
Even as India Inc experiments with the cloud, security concerns play spoilsport. These cloud computing audit and compliance tips will make your journey easier. Tip
-
PCI validation: Requirements for merchants covered by PCI DSS
Mike Chapple details the PCI validation requirements for merchants covered by PCI DSS. Tip
-
Security business analyst – a role whose time has come
For effective information security, India Inc requires security business analysts. These should be people who understand security, technology and the business. Tip
-
Mitigate phishing attacks in the cloud: A how-to
As Indian enterprises increasingly move to the cloud, so are phishing attempts. Here are some ways to mitigate the risks of phishing in the cloud. Tip
-
Combat social engineering attacks with these mantras
Of all the security threats, those involving the human angle are perhaps the deadliest. Keep social engineering at bay with these tips. Tip
-
After antimalware: Moving toward endpoint antivirus alternatives
Is it time to "cut the cord" with endpoint antimalware? Matthew Pascucci discusses possible antivirus alternatives. Tip
- See more Tips on Enterprise risk management strategies
-
Can network security devices replace firewalls?
There are many new network security devices on the market today. Expert Chris Partsenidis opines on whether these can replace firewalls. Answer
-
Security vs. compliance: Moving beyond a 'checkbox security' mentality
Mike Chapple discusses the compliance vs. security challenge and why a "checkbox security" mentality may actually be a good thing. Answer
-
Securing big data: Architecture tips for building security in
Expert Matt Pascucci advises a reader on securing big data with tips for building security into enterprise big data architectures. Answer
-
How penetration testing helps ensure a secure data store
A third-party penetration test is the best way to determine whether an online data store can be compromised. Answer
-
How to choose a general security risk assessment
Looking to do a general security risk assessment, but aren't sure how to choose one? In this security management expert response, David Mortman explains how to assess risk and get the funding you need to mitigate it. Ask the Expert
-
Seclore Technology (Seclore)
Seclore Technology is a Mumbai-based security software company incubated by the Indian Institute of Technology (IIT) in Bombay. Definition
-
Mahindra Special Services Group (MSSG)
Mahindra Special Services Group (MSSG) is a corporate security consultancy firm. Definition
-
Cyberoam
Cyberoam is a vendor for information security products and services. Definition
-
information security management system (ISMS)
An information security management system (ISMS) is a set of policies and procedures for systematically managing an organization's sensitive data. Definition
-
vulnerability and patch management
Vulnerability management is a pro-active approach to managing network security. Definition
-
Highlights from PwC’s State of Information Security Survey, India 2013
We bring you excerpts from PwC’s India survey on the state of information security as part of this photofeature. Photo Story
-
How to use Wireshark to detect and prevent ARP spoofing
Video: Keith Barker of CBT Nuggets demonstrates how to use Wireshark, the popular open source packet analyzer, to prevent ARP spoofing attacks. Screencast
-
10 robust USB drive security tools for India Inc
USB drives are ubiquitous in Indian businesses, but pose security threats as they are easily lost/stolen. Here are 10 tools to ensure robust USB security. Photo Story
-
Five DDoS attack tools that you should know about
In this photo-story we explore common distributed denial-of-service (DDoS) attack tools and their features. Also learn how to guard against DDoS attacks. Photo Story
-
Adopting BYOD culture sans chaos: An Indian perspective
The bring your own device (BYOD) concept is changing security and cost paradigms. We look at BYOD considerations for Indian businesses in this series. Photo Story
-
Compliance reporting forces risk management, security evolution
In this podcast, analyst Chris McClean discusses how increasingly complex compliance reporting requirements force closer scrutiny of risk management and security processes. Podcast
-
11 security audit essentials
IT security audit tools automate the IT security audit process, making it more efficient and effective. Here are 11 must-have IT security audit tools. Photo Story
-
The CISO Power List, 2012
Our CISO Power List for 2012 brings you the who’s who in the Indian information security scene. Join us, as we pay tribute to India’s top 15 CISOs. Photo Story
-
Security researcher calls for greater focus on supply chain assurance
Hart Rossman, vice president and CTO for cyber programs at SAIC says more needs to be done to secure hardware and software moving in the global supply chain. Rossman explains the threat posed by poorly manufactured, bogus parts and software. Unfortun... Video
-
Cyber espionage prevention strategies for your business
Cyber espionage has become a common threat. Join cyber security expert Jeffrey Carr, as he discusses ways to protect your organization from cyber espionage. Podcast
- See more Multimedia on Enterprise risk management strategies
-
Security tech market set to grow 8.7% in 2013, says Gartner
The worldwide security technology and services market will reach $67.2bn in 2013, up 8.7% from 2012, according to research firm Gartner News
-
A malicious charger could hack Apple devices easily, claim researchers
A modified phone charger or battery could be used to hack Apple devices, say researchers from Georgia Tech News
-
How to reduce IT security risk with IT asset management
IT asset management expert Barb Rembiesa explains how ITAM best practices like IT asset standardization and rationalization reduce IT security risk. Tip
-
BYOD: Securing the risk to access the cost benefits
Bring-your-own-device schemes offer businesses the opportunity to cut the costs and improve user experiences, but benefits can be dwarfed by the risks. News
-
A CIO's five-point plan for managing endpoint security
Niel Nickolaisen offers a five-point solution for managing endpoint security for the hyper-connected enterprise -- starting with data governance. Tip
-
Indian companies must increase phishing awareness
Businesses are being targeted for phishing attacks. These attacks are increasingly turning into a corporate concern, with much at stake -- such as reputation damage. News
-
Can network security devices replace firewalls?
There are many new network security devices on the market today. Expert Chris Partsenidis opines on whether these can replace firewalls. Answer
-
With DLP, encryption and integration strengthen security policies
Encryption and DLP integration can be used to enhance and strengthen security policies for sensitive data, and for blocking and enforcement actions. Tip
-
Assumption of breach: How a new mindset can help protect critical data
By adopting the assumption-of-breach security model, CISOs and security pros can better protect critical data. Expert Ernie Hayden explains. Tip
-
Emerging threats include kinetic attack, offensive forensics: RSA 2013
At RSA 2013, experts Ed Skoudis and Johannes Ullrich explained how the SANS CyberCity supports offensive forensics and helps prevent kinetic attacks. News
- See more All on Enterprise risk management strategies
About Enterprise risk management strategies
Minimize operational risk due to information security breaches with these resources. Reduce enterprise risk with security best practices, and learn how to conduct efficient information security audits. Discover enterprise risk management and mitigation strategies using information security management.