Page 2 - White Papers in Governance & Risk Management

Are Your Internet Assets Behaving?

Continuously analyze suspicious traffic patterns and exposed services, anywhere in the world, with Expanse Behavior In a time where networks evolve each day and include a diverse collection of Internet Assets such as IP addresses, domains, and certificates - how do you ensure that none of your Internet Assets...

SANS Review | Device Visibility and Control: Streamlining IT and OT Security

Device visibility remains a daunting challenge for the modern enterprise. Forescout provides a multifaceted information technology (IT) and operational technology (OT) platform designed to solve visibility challenges for the modern enterprise by providing complete device discovery and classification, risk assessment,...

Sponsored by Tenable

Focus On The Vulnerabilities That Pose The Greatest Risk

Security teams are dealing with more vulnerabilities than they can handle. Spreading these limited resources too thin can quickly lead to inefficiency and burnout. Don't waste precious time re-mediating vulnerabilities that pose little to no risk. With risk-based vulnerability management, you'll know exactly which...

Sponsored by Tenable

How Lucrative Are Vulnerabilities? A Closer Look At The Economics of The Exploit Supply Chain

How much do you know about the supply chain that takes a vulnerability and turns it into an exploit? In this new report, Tenable Research explores the lifecycle of exploits - from discovery to utilization in a breach. Their analysis of cybercrime economics will help you better protect your organization. Read the...

Sponsored by Tenable

Practical Industrial Control System (ICS) Cybersecurity: IT and OT Have Converged - Discover and Defend Your Assets

Written by SANS experts, Practical Industrial Control System Cybersecurity: IT and OT Have Converged explores key issues arising when IT and OT are combined into cyber-physical systems, where risks must be continually identified and managed. Download the whitepaper to learn how to answer these key questions: Why...

Closing the Cybersecurity Skills Gap: How to Address Skills and Capacity

Organizations across all sectors are experiencing the cybersecurity skills gap however, it's not just a skill deficit - it's a capacity gap that is widening, driven mainly by the fact that our networks are becoming more complex.They're more distributed, mobile- and cloud-enabled; therefore, it's becoming more of a...

A Common Sense Approach for Assessing Third-Party Risk

"How secure is your supply chain?" It's a question that can strike terror into the heart of a CISO - even one who's in charge of a mature security organization.

Sponsored by Tenable

Gartner: Seven Imperatives to Adopt a CARTA Strategic Approach

This Gartner report charts your course to the future of information security with Gartner's "continuous adaptive risk and trust assessment" (CARTA) as your guide. This reports highlights a need for security and risk management leaders to embrace a strategic approach where security is adaptive, everywhere, all the...

Automatic Protection Against Advanced Threats

As damaging breaches continue to occur, more organizations are considering endpoint detection and response (EDR) solutions to address the incidents that aren't being handled adequately by their existing defenses. However, EDR solutions come in a wide variety of implementations and can vary significantly in scope and...

Key Approaches for Securing Business Operations

The role of the CISO is growing in importance, as is the need to have an enterprise-wide IT security strategy that supports the company's mission and goals. Download this research report and learn why: The CISO role is becoming more critical in managing enterprise risk; CISOs must articulate IT security...

How the Financial Services Industry is Staying a Step Ahead of Cyberattacks in 2018

Bug bounties are fundamentally changing the way financial service organizations approach the security of the Internet, moving from the realm of novelty towards becoming best practice. This report presents how the financial services industry is actively looking to bug bounty programs to augment their existing...

Overcoming the Unique Challenges Security Vendors Face in 2018

Security vendor products are held to a higher standard of security. They must help their customers solve complex security problems, as well as have the most stringent security measures in place throughout the software development lifecycle. To meet those standards, many security vendors are turning to more innovative...

Federal Agencies Tech Brief: Security Investigation, Detection and Rapid Response

The fact that Federal agencies are prime targets for the most sophisticated cyber threats is undeniable. If cyberattacks are inevitable, then robust capabilities for security investigation, threat hunting, and rapid response are essential. Government cybersecurity professionals require visibility across their silos of...

SSH Study: U.S., U.K. and Germany Executive Summary

A recently published 2017 survey of over 400 security professionals in the U.S., U.K. and Germany measured how well their organizations implemented security controls for SSH keys. The results show that most organizations are underprepared to protect against SSH-based attacks, with fewer than half following industry...

Making Risk Management More Effective with Security Ratings

Although cyber security risk is now top of mind among executives and regulators, measuring and managing security risk levels has been a difficult task. Current risk management tools offer limited visibility and leave organizations vulnerable to emerging threats internally and within the networks of business partners...