Cyber Security White Papers
2020 Endpoint Security Report
The 2020 Endpoint Security Report includes the latest endpoint security trends and data points to help you benchmark how your own organization is doing. It also has insights into why and how organizations invest in endpoint security, and the security capabilities companies are prioritizing.
Next-Gen Endpoint Security eGuide: 5 Tips To Get Started With EDR
If you’re considering moving to a next-gen endpoint security solution, it can be confusing. Here are five areas to consider if you know you need to move beyond antivirus solutions but aren’t sure where to start.
2019 Cloud Security Report
The 2019 Cloud Security Report highlights what is and what is not working for operational teams securing their cloud data, systems, and services. The report includes the latest cloud security trends and data points to help you benchmark how your own organization is doing. It also has insights into cloud security threats, organizational investment priorities, and solutions.
How to Overcome Cloud Misconfigurations
Organizations of all sizes find it challenging to implement security controls across their various cloud environments. In this white paper, we discuss configuration risk factors for cloud infrastructure, SaaS, and DevOps, and how to identify and prioritize them.
Understanding The Challenges of Cloud Monitoring and Security
While cloud providers offer many security measures, organizations are ultimately responsible for securing their own data, their own applications, and their own services in the cloud. We discuss how companies are adapting to new cloud security challenges and the important considerations they need to make before choosing a cloud monitoring solution.
Cloud Data Breaches: How They Happen and How to Avoid Them
The cloud movement is rapidly transforming today’s business landscape, and most organizations now manage environments in a combination of on-premise, cloud infrastructure, and software-as-a-service (SaaS) models. Not surprisingly, this has led to an increasing number of security incidents and data breaches. In this white paper, we’ll look at some of the biggest cloud breaches in recent history, how they happened, and how you can avoid making similar mistakes.
An Office 365 Security Blueprint for Midsized Organizations
Moving to Microsoft Office 365 is often the first step that midsized organizations take when migrating sensitive business activities to the cloud. Without careful consideration and planning, adopting Office 365 can complicate security and compliance efforts. In this white paper we offer a practical guide to security for Office 365.
Best Practices: Incident Response and Business Continuity Programs
In most organizations, cyber security incident response and business continuity or disaster recovery are still considered separate functions and distinct disciplines.
These disciplines share the common goals of protecting the organization’s reputation and ensuring continuity of operations. Therefore, it makes sense to integrate them so you can respond to attacks and data breaches faster, efficiently, and effectively. Here are some best practices to follow.
10 Tips for Selecting an MSSP
Most businesses have trouble keeping up with today’s constant barrage of cyber threats. Many are turning to MSSPs (managed security services providers) to protect their networks cost-effectively and reliably. But choosing an MSSP requires thought and research. Not all offer the same levels of protection, so you should focus your search on a provider with a solid track record and reputation. Here are 10 best practices to follow when selecting an MSSP.
10 Steps for Establishing an Effective Insider Threat Program
Insider threats continue to be a significant concern for organizations. New research conducted by Crowd Research Partners, in co-ordination with Cybersecurity Insiders and the LinkedIn Information Security Group, reveals that 90 percent of organizations feel vulnerable to insider threats, while 73 percent of security professionals say insider attacks against their organizations have remained the same or have increased over the last 12 months.
Part of the problem is that most organizations still don’t have the proper controls or processes in place to fight off the insider threat surge. We will walk you through 10 Essential Steps you need to take to implement tangible processes, policies, and frameworks that are repeatable and sustainable, to go beyond a plan that’s on paper only.
Threats to Client Confidentiality in a Digital Legal World
Beyond the immediate costs of liability for a breach, law firms must consider that the reputational effects of a breach can be catastrophic in an industry that relies on trust. In this white paper we examine why law firms are becoming a target and how to protect privileged data.
Cyber Due Diligence
Cyber security must be approached from an organization-wide perspective. An effective defense incorporates technical solutions with proper management of people and processes. In this white paper we examine how to manage and mitigate the risk of advanced cyber threats to law firms, and cover strategic solutions law firms can incorporate into their information security programs.
Can Your Security Team Handle a Breach?
In this white paper, we discuss how cyber exercises can improve incident response plans. By clearly identifying roles and responsibilities, clarifying the chain of command for decisions, and ensuring a strong understanding of protocols and requirements, organizations can improve their capacity to successfully respond to and recover from significant cyber events.
Hacker Secrets Revealed
The technical objective of security assessments is to emulate an outside adversary to get access into an internal network, escalate privileges, and obtain sensitive information. The intent is not to find every single vulnerability in the way that a vulnerability scan might do, but rather to find some of the vulnerabilities that exist, and attempt to exploit those.
Top 10 Cyber Incident Pain Points: Are You Prepared?
Regardless of how many security controls are placed on a network and the components that go into making a network operate, there will always be vulnerabilities in a connected world. So, what do you do in an environment that allows for such risk of compromise? One of the best methods of protecting organizations is by ensuring that response capabilities are effective and efficient, and one of the most valuable steps in strengthening a response capability is learning from others’ experiences. This white paper discusses the pain points that organizations grapple with when responding to incidents, and how they can address them.
Cyber Compliance Primer for Healthcare
A well-designed and purposefully managed cyber security program that emphasizes basic data-protection hygiene with appropriate investments in suitable technologies and supporting services will allow most small-to-medium-sized healthcare enterprises to create and maintain an effective security posture.
What You Need to Know About Ransomware & HIPAA Compliance
There is no more hedging on whether ransomware incidents should be identified and treated the same way as other data breaches under the Health Insurance Portability and Accountability Act (HIPAA). The United States Department of Health and Human Services Office for Civil Rights (OCR) has stated that ransomware attacks constitute a breach unless there is substantial evidence to the contrary.
Preparing For Cyber Risks To Healthcare Operations
One of the biggest challenges healthcare security professionals face is identifying the specific risks that threats pose to operations. We address methods for identifying threats healthcare security professionals must prioritize, and offer best practices for maintaining healthcare operations, patient care, and business continuity in the event of an attack.
Cyber Security and the Grid: The Definitive Guide
The goal of this white paper is to provide a deeper understanding of the role of the grid in our critical infrastructure paradigm; the current grid regulatory scheme; and the technical and non-technical cyber threats facing the grid, including legal liability for operators.
The Evolution of Cyber Threat Hunting
By adopting the durable, flexible, and holistic definition of hunt as a capability to detect threats steady-state security teams missed, organizations gain direct and indirect benefits. In this white paper, we discuss how hunt should not only be interpreted but how hunt can be implemented. In turn, we’ll also reveal the true value that threat hunting represents for stakeholders and steady-state security teams.
Cyber Security and The Board of Directors
Recent high-profile, high-impact cyber breaches at some of the largest companies in the U.S. have highlighted the fact that boards of directors need to take an active role in the management of cyber risk. This white paper offers the Delta Risk perspective on how boards, particularly those of financial services firms, should engage in managing cyber security risks, particularly in four key areas.