On Demand Endpoint Management, Security and Compliance Webcasts

How to Prevent Security Breaches Through Management and Control of USB Devices

The DoD has banned the use of USB devices after an unauthorized device containing "agent.btz", a variation of the Storm Worm, was connected to a sensitive DoD network causing massive outages. To ensure security without impeding government business, a new policy is forthcoming that will require the management and reporting of USB device usage on government networks. Listen to Steve Antone, Lumension Vice President of Federal Solutions Group as he discusses how to prevent security breaches through effective management and control of USB devices.

In this Lumension webinar, you will learn:

How USB Devices are Used to Transfer Data
About the Federal Government Ban on USB Devices and Its Impact
How to Effectively Manage USB Devices to Secure Data and Networks without Impacting Productivity

Click here to download it now »

Going Beyond HIPAA Compliance: Securing the Evolving Endpoint

This webinar will discuss how to go beyond HIPAA Compliance and ensure that your health care organization’s systems and confidential information are protected from a rapidly increasing threat environment. Hear directly from John C. Lincoln Health Network CIO Rob Israel on how his organization has achieved HIPAA Compliance and improved its security posture through the use of proactive security solutions from Lumension. And hear how through the use of Lumension solutions, John C. Lincoln has achieved a 365% return on their security investment. By viewing this webcast you will:

Learn about the many dynamic threats to your confidential data and systems and how endpoints have evolved and all of the sources of risk within your organization
Learn how to define and enforce policies that ensure HIPAA Compliance and an improved security posture
Learn best practices for working with your end user community to improve your overall security

Click here to download it now »

2008 Interop Session with Lumension and PGP

Lumension and PGP discuss threats posed by iPods, iPhones, and other removable media and why enterprises need to adopt effective data protection strategy to protect from the dangers within.

Click here to download it now »

How to Protect Medical Records, Ensure HIPAA Compliance and Improve Productivity

Tough economic times, technology advances and regulations have pushed healthcare organizations to put their records online, including: patient medical records, insurance information and billing information. This confidential information must be readily accessible to doctors, insurance companies, other healthcare facilities and patients themselves, but with data accessible to multiple parties it is also at great risk for loss or theft. With 50 million uninsured Americans, medical identity theft is increasing faster than retail/banking theft and more information is involved. Meanwhile, HIPAA and several state regulations are beginning to enforce significant financial penalties for non-compliance.
In this webinar, experts at Lumension and John C. Lincoln Health Network who will discuss how to:

Enable doctors and other healthcare workers to increase productivity without putting Electronic Protected Health Information (ePHI) at risk
Enforce removable device usage and data encryption policies
Effectively comply with HIPAA Security Rule
Demonstrate the value of security to your overall business strategy

Click here to download it now »

5 Ways You Can Optimize Your Security Posture in a Tough Economy

We are experiencing a perfect storm. Dramatic market fallouts around the globe have caused an exponential increase in daily network threats. IT budgets are coming under pressure - more than 40 percent of large businesses have cut their IT budgets this year and 24 percent of firms have put discretionary spending on hold. * While IT budgets are being cut, the risk to your vital business information has never been greater. Don’t add more risk to your business by not adequately protecting against the rise of targeted threats.

In this webinar, Paul Henry, Security and Forensic Analyst and Don Leatham, Senior Director of Solutions and Strategy at Lumension will outline:

Five ways to secure your critical systems and data in a tough economy
The new trends and underlying threats that are impacting your business today
Best practices for optimizing your security TCO

*Forrester Research, Inc.

Click here to download it now »

Best-in-Class Approach to Protecting and Managing Endpoints: How do you Rate?

In today’s current economic and threat landscape, the rise of financially motivated and sophisticated cybercriminals and insider threats, evolving compliance measures and increasing IT budget pressures have presented organizations with a new challenge - how to effectively protect and manage endpoints while reducing costs. In this webinar, Aberdeen Group Vice President and Research Fellow, Derek Brink, highlights findings from Aberdeen Group’s latest report, “Endpoint Security, Endpoint Management: The Cost-Cutter’s Case for Convergence”, including:

“Best-in-Class” approaches to protecting and managing endpoint systems
Economic advantages realized by organizations with top performance
Key methods for optimizing, automating and streamlining security and operational processes used by “Best-in-Class” organizations

Click here to download it now »

Data on the Edge: Protecting Your Business Information with Lumension Data Protection

In today's borderless enterprise, sensitive information is more at risk than ever before from both external and internal threats. Financially motivated criminal organizations are targeting attacks against specific companies and specific information, while corporate insiders maliciously steal or accidentally lose data with astounding regularity. With the increase of data breaches and the average cost skyrocketing to more than $350,000, protecting your data has never been more important.

In this webinar, a panel of industry and solution experts will explain how to protect sensitive information by:

Discussing the everyday threats to information, whether at rest, in motion or in use
Examining fundamental steps for protecting information, including: Discovery, Policy Establishment, Policy Enforcement, Policy Monitoring and Compliance Reporting
Highlighting the key capabilities that protect data from loss or theft
Demonstrating the award-winning Lumension Data Protection Solution

Learn how the Lumension Data Protection Solution proactively protects data from theft or loss through endpoint and device discovery, enforcing device usage and data encryption, and assessing data loss risk.

Click here to download it now »

Medical Records on the Run: Protecting Patient Data with Device Control and Encryption

In an increasingly online health care environment where medical records are shared among doctors, insurance companies, health care facilities, federal/state/local government entities and others, the risk of improper EPHI disclosure is at an all time high. Technology advances, such as USB devices, have facilitated the movement of patient data beyond the four walls of the healthcare organization and also can introduce malicious threats into the network. Add in HIPAA Security Rule requirements and health care organizations are presented with the unique challenge of balancing worker productivity with the risk of data loss.

In this webinar, we’ll examine:

The current threat and regulatory environment for health care organizations, especially as it pertains to removable devices
Proven methods to ensure business enablement without risking improper EPHI disclosure, using device control and data encryption technologies
A real life example of how device control and encryption capabilities have been implemented at University Health Care System

Click here to download it now »

Profile of the World's Top Hackers: Part I with Mafia Boy

Data theft and breaches from cybercrime may have cost businesses as much as $1 trillion globally in lost intellectual property and expenditures for repairing damage¹. And this current economic climate has undoubtedly created more opportunities for hackers, criminals, and industrial espionage firms who are targeting critical infrastructures and systems to steal sensitive information – an organization’s crown jewels.

Get an inside view of the underground cybercrime economy, featuring leading experts including Michael Calce, a.k.a Mafia Boy, one of the most notorious hackers and author of How I Cracked the Internet and Why It’s Still Broken, Byron Acohido, investigative reporter and author of Zero Day Threats, as well as Paul Henry, security and forensics analyst with Lumension.

In this webinar, you will learn:

How hackers’ techniques have evolved and get an insider’s look at the world of cybercrime
How and why the motives and targets have changed
How organizations are impacted today and what they can do to reduce the threat of attack

1-http://news.cnet.com/8301-1009_3-10152246-83.html

Click here to download it now »

Protecting Company Information: Why, How and What If

The need to protect your company information has never been higher. A constant flurry of data breaches, where important company information has been stolen, lost or compromised, are regularly made the headlines.

The cost to recover data after a breach is only the beginning. And as recently highlighted by the ISC2 information security global workforce study, the cost of reputation and brand equity is much higher.

Company information is not only at risk from well-funded criminal organisations with financial motive, but also from insider activity - both malicious and accidental.

On this webinar, a panel of industry experts from Bloor Research, The Salvation Army and Lumension will:

Highlight the greatest threats to your valuable information.
Discuss the impact to business if valuable information is compromised.
Advise how to protect against information loss.
Offer practical advice for protecting against threats via policy enforcement and whitelisting.

Click here to download it now »

Security Mega Trends and Emerging Threats for 2009

What will be the biggest threats to an organization’s sensitive and confidential data over the next 12 to 24 months? Cybercrime, data breaches, Web 2.0 and outsourcing were named the top security concerns for 2009 in a new study commissioned by Lumension and conducted by The Ponemon Institute. The study also highlights major alignments and gaps that exist between the traditional disparate IT functions within the organization – IT operations and IT security. This webcast examines how these Mega Trends will introduce new risks and challenges into the corporate IT landscape and outline key ways to effectively manage these emerging threats and protect vital information in a challenging business climate.

The webcast features a panel of industry experts, including, Dr. Larry Ponemon of The Ponemon Institute, Paul Henry, Security and Forensic Analyst and Ed Brice, SVP of Marketing at Lumension, who examine:

Key Security Mega Trends such as the rise in Cybercrime, Data Breaches, Cloud Computing, Web 2.0
How these Mega Trends will impact organizations today and during the next 12-24 months
Key recommendations to effectively manage these new risks and protect your vital information for 2009 security planning

Click here to download it now »

Staying Ahead of Threats: A Look at Lumension Vulnerability Management Solution

With the dramatic increase of remote employees, widespread availability and use of mobile technology, growth in vulnerable applications, operating systems and configurations and with the exponential increase in malware and targeted attacks, organizations are finding it increasingly difficult to enforce and maintain their desired environments.

In this webinar, a panel of industry and solution experts will explain how to stay ahead of threats by:

Discussing the increased challenges of securing environments from a rash of software and configuration vulnerabilities that leave organizations open to significant risk
Examining the necessary steps within a vulnerability management workflow including: Discovery and Assessment, Deployment and Remediation, Monitoring and Maintenance
Highlighting the key capabilities that enable the automatic identification and remediation of critical vulnerabilities
Demonstrating the award-winning Lumension Vulnerability Management Solution

Learn how the Lumension Vulnerability Management Solution helps organizations effectively minimize security risks through the proactive discovery of IT assets and automated remediation of software and configuration vulnerabilities.

Click here to download it now »

The Business Value of Security: How to Optimize Your IT and Reduce Costs

The current economic climate has already produced a surge in lost jobs, reduction in budgets, disgruntled employees, leaked data, and increasing cyber criminal activities. This will undoubtedly create more opportunities for hackers, criminals, and industrial espionage firms who are targeting your sensitive information – your most prized possession.

While the threat environment continues to evolve and intensify, IT is under constant pressure to reduce costs and mitigate risks to their business information. Every cost within your organization is being carefully evaluated and the need to identify and demonstrate the business value of security has never been higher.

By attending this webinar, you will learn:

Key strategies to reduce IT costs
Best practices for mitigating risk to your IT systems and information
Ways to identify and demonstrate overall value for your business
How one company’s security strategy is enabling their business

Click here to download it now »

The Threat from Within: How Insiders Have Become Your Greatest Security Risk

Information security experts are bracing for the law of unintended consequences to swing into action in 2009 as layoffs, downsizing and low morale bring the worst out of trusted insiders looking to profit off of proprietary intellectual property, customer contact lists, trade secrets and any other sensitive information. Many employees have admitted as much themselves in recent surveys - last December 53 percent of participants in a survey reported that if they were fired tomorrow they would definitely take company data with them to their next employer. To neutralize the threats posed by insiders with ample motivation, IT departments must take away the means and the opportunities to commit crimes. In this webinar, Forrester analyst Natalie Lambert, Security and Forensics expert Paul Henry, and Lumension VP of Market Strategy Paul Zimski examine:

How employees and partners are engaging with your IT assets and intellectual property
The different types of insider threat
Key steps to prevent this new insider threat within your organization
How two organizations have effectively enabled their employees while mitigating the risk of the insider threat

Click here to download it now »

UK Government Data Handling - A Clear Direction for the Future

A large data breach incident within the last year opened the floodgates to press coverage, concern, a lack of public confidence in the government’s data handling ability and also ensured that a spotlight would shine on any other government department if and when they suffered a similar data security breach. In response, ‘The Data Handling Procedures in Government’ report (“the Report”) sets out clear and mandatory procedures to be followed by all UK government employees that have access to - and responsibility for - citizen data. Individual departments now have a responsibility to show compliance on their progress in meeting the requirements of the new Data Handling procedures and electronic data must be stored and shared in a way that ensures the protection of this information while also improving the government’s provision of services such as healthcare, benefits, child welfare and law enforcement.

In this webinar, Nigel Stanley, security practice leader at Bloor Research and Andrew Clarke, International SVP at Lumension will discuss the current data handling landscape, share an NHS case study and some recommended steps to ensuring the protection of citizens’ data, including:

Know Your Environment
Manage Known Risk
Prevent Unknown Threats
Prevent Removable Device Misuse
Protect Mobile Devices

Click here to download it now »

5 Ways to Reduce Your IT Audit Burden

Most organizations spend 30-50% more on compliance than they should. With more and more regulations emerging, it seems nobody is immune to scrutiny, but why spend so much more than what is necessary? In order to reduce the burden of an IT audit, you must understand the costs involved to demonstrate due care, which can be almost as harrowing as the fines and litigation costs for non-compliance.

If your organization continues to rely on ad hoc, manual and disjointed compliance and audit processes – which is the norm in many organizations today – you can be sure that your IT audits will be expensive and inefficient. Recent research has noted that organizations struggle with as many as 40,000 spreadsheets for just one compliance purpose. If you must support multiple regulations, mandates and internal policies, the amount of spreadsheets will surely get out of hand, ensuring inaccuracies and forcing you to rely upon costly third party consultants.

The good news is that compliance can be achieved effectively and efficiently and in this webinar you will learn five key methods to streamline your compliance efforts and reduce your IT audit burden.

Click here to download it now »

Evolving Threats: A Big-Mac Attack

Today’s global enterprise is more mobile than ever, with new applications promising to improve productivity and new devices needing to stay connected. With the current economic climate forcing organizations to take a hard look at reducing costs, new processes are being introduced to efficiently support a 24x7 business environment. But with each new endpoint comes greater support requirements and greater risk, such as vulnerable applications, missing OS patches and configuration errors. And the vulnerability landscape has evolved considerably as the list of non-Microsoft vulnerabilities continues to grow.

In this Lumension audiocast, you will learn:

The impact of the latest Microsoft patch update
How the vulnerability landscape has changed with the large patch output from Apple
Why applications are another delivery mechanism for malware and must be patched
Key steps to effectively manage critical risks across diverse environments and reduce costs

Click here to download it now »

Evolving Threats: 2008 Year in Review and a Look Ahead

Over the course of 2008 we have witnessed the continuing wave of data breaches, web-borne malware, stealthy botnets, targeted phishing attacks and the first large scale incident of Cyber-Warfare. With recent record drops in the global economy and no end in site near, targeted cyber attacks will only continue to increase.

In this Lumension audiocast, Evolving Threats and Countermeasures: 2008 Year in Review and a Look Ahead - we’ll:

examine the dynamic threat environment of 2008
highlight some lessons learned
discuss threats organizations should expect to face in 2009
explain how organizations can effectively and efficiently minimize their critical risk and protect their vital business data
and what opportunities organizations can take advantage of in 2009 to improve IT processes and productivity

Click here to download it now »

Evolving Threats: The Achilles Heel of Data Loss and Theft

In 2008 we have witnessed more than 550 data breaches in which tens of millions of records have been exposed. One major cause of these data breaches is the consumerization of IT such as USB devices. In a recent Forrester Research survey, 52 percent of companies said they suffered data loss via USB drives and other removable media. Recent headlines have also shown how these devices can be used to steal sensitive information.

In this Lumension audiocast with security and forensics expert, Paul Henry, you will learn:

Why removable media devices are the top security threat
Why insiders pose the greatest risk to your information
The 5 key steps to safeguarding vital information from loss or theft

Click here to download it now »

Evolving Threats: Conficker and SQL Injections

Over the past few weeks we have witnessed the impact of attacks that target vulnerabilities across operating systems, applications and user behavior. The Conficker worm, which has wreaked havoc for many months still continues to proliferate. And while SQL injection attacks have also been around for a while, we’ve seen a recent wave of these come through again, impacting many organizations.

In this Lumension audiocast, you will learn:

Why you need to manage vendor patches outside of simply Microsoft regarding the flaw remediation process
How the Conficker Worm works, it’s global impact and some recommendations to prevent it from impacting your organization
About the most recent SQL injection attacks and highlight key steps to protect your organization from this threat

Click here to download it now »

Evolving Threats: Conficker Botnet and Top Security Configuration Challenges

In this evolving threat landscape, we continue to see vulnerabilities exploited across numerous applications outside of just Microsoft. And the time available to shore up these security gaps continues to rapidly decrease as exploits are already in the wild for many of these vulnerabilities. Conficker continues to wreak havoc and now systems on the Mac platform are vulnerable to the iBotnet. With more complex and dynamic network environments, mis-configured systems also provide a large window for exploits to leverage.

In this Lumension audiocast, you will learn:

The impact of Microsoft patches as well as the latest string of non-Microsoft vulnerabilities
How Conficker has continued to evolve
About the iBotnet and some key recommendations to safeguard your Mac environment
Key recommendations to improve your security posture and reduce costs through the enforcement of configuration policies

Click here to download it now »

Evolving Threats: Conficker Botnet and Insider Threat

The sophistication of threats continue to evolve, as new methods to exploit vulnerabilities are leveraged just as mechanisms are developed to defend against older versions of the exploit. And in addition to these new vulnerability exploits, 2009 looks more and more like it is the year of the insider threat.

In this Lumension audiocast, you will learn:

About the impact of Microsoft’s latest patches as well as the latest Adobe vulnerability
How the Conficker Worm is now verging on becoming a botnet
About the different types of insider threats and how to prevent them

Click here to download it now »

Moving Beyond AV to Ensure Secure and Compliant Endpoints

In today’s Web 2.0 world, software is more distributed than ever before. Employees download a variety of Internet applications on a regular basis, with each new download altering system configurations and increasing your exposure to malicious software. Financially motivated cybercriminals are designing malware attacks to specifically bypass traditional security methods and ultimately gain access to networks with sensitive information. Organizations have traditionally invested heavily in Anti-Virus solutions, often stacking multiple layers along the data path in an attempt to stop malware from infecting endpoints. While AV plays a crucial role in identifying known malware and cleaning infected systems, the reality is that relying on layers of the same defense mechanism leaves organizations exposed to attacks and data theft.

This Lumension audiocast will examine:

Today’s dynamic threat landscape and how it impacts organizations
AV’s role in today’s IT environment
How application whitelisting enables IT to effectively deliver a true defense-in-depth capability, filling in the gaps that AV was not designed to cover

Click here to download it now »

Reducing IT TCO with Effective Endpoint Security Management

In today’s economic environment, financially motivated threats that target sensitive information and business systems are on the rise, while IT budgets face greater pressures. Threats to vital information over the past year have grown by 50% and the impact to an organization’s bottom line is significant – the average cost of a data breach is now $6.6 million, with lost business directly accounting for more than two-thirds of that cost.

To stay competitive in today’s environment, you must maximize the value of your security investment and effectively protect and manage endpoints to ensure compliance with government regulations and industry standards and reduce IT operational costs.

In this Lumension audiocast, you will learn:

The findings from Aberdeen Group's latest report “Endpoint Security, Endpoint Management: The Cost Cutter’s Case for Convergence”
About the economic advantages realized by organizations with top performance
Which endpoint security management technologies are used by “Best-in-Class” organizations
Key recommendations to improve your security and ultimately reduce IT TCO

Click here to download it now »

Reduce Your Cost of Compliance with Lumension Risk Manager

Government regulations, such as SOX, PCI, HIPAA, industry mandates and internal policies are being enforced with more regularity and the stakes are higher than ever before with mounting fines, costly 3rd party consulting fees, and rising litigation as the result of non-compliance. Many organizations continue to rely upon ad hoc, disjointed and manual compliance and audit processes, which is a surefire way to extend the cost, time, errors, and resources needed to complete an IT audit - potentially resulting in a 50% higher spend on compliance than what is necessary¹.

Lumension has tackled these challenges with our latest product innovation Lumension® Risk Manager, which will help you standardize and automate IT audit procedures across your organization, enable you to demonstrate compliance with numerous regulations and internal policies simultaneously, allow you to prioritize your IT risk and remediation efforts to focus on your top business priorities and continuously monitor your compliance and IT risk management posture.

Watch this webinar now to learn how this latest innovation from Lumension will help you:

Harmonize IT controls, IT resources and regulatory requirements (such as HIPAA, PCI, etc.) into a single compliance and IT risk management framework
Automate compliance and IT risk assessment through integration with Lumension or third-party tools such as vulnerability scanners
Streamline the audit process by automating survey workflows and data collection
Prioritize remediation efforts to address pressing compliance deficiencies
Monitor your environment to ensure continuous compliance

Source:

IT Policy Compliance, Managing Spend on Information Security and Audit for Better Results, February 2009

Click here to download it now »

Harmonizing Controls to Reduce Your Cost of Compliance

Mounting regulations across the globe have increased the cost and burden on organizations. The high cost is especially felt by organizations which must adhere to multiple requirements – 75 percent of organizations must comply with two or more regulations and corresponding audits and more than 40 percent must comply with three or more regulations.

Audit preparation typically occurs in functional silos, with different project teams focused on addressing an individual compliance initiative, resulting in significant operational inefficiencies and higher costs to demonstrate compliance.

This webinar examines the Unified Compliance Framework and how it can be leveraged to harmonize controls across multiple regulations such as PCI, SOX, HIPAA, NERC and many others. Learn how to eliminate overlapping control requirements and ensure a more efficient and less costly approach to compliance.

Click here to download it now »

Device / Port Control and Data Encryption within Microsoft® System Center

Today’s global enterprise is more mobile than ever. Data can be transferred via removable storage devices quite easily, enhancing productivity but also introducing risk such as data loss and theft, as well as malware introduction via removable devices / media. While organizations have been able to maximize the value of Microsoft® System Center by deploying a wide range of incremental configuration and management capabilities via their core System Center infrastructure, they have not been able to extend this functionality to include device / port control and data encryption capabilities.

Historically, in order to enjoy the security benefits of an advanced device control solution, System Center users would have to deploy a secondary infrastructure (including server, console, agents) and incur the delays, disruption, and costs associated with implementing a solution from scratch. Now System Center customers can easily enforce device / port control and data encryption policies without requiring new infrastructure and without additional administration overhead.

In this Lumension webinar, Microsoft SCCM users will learn about:

Today’s data protection challenges facing many organizations
Lumension® Device Control for Microsoft® System Center, the latest innovation to help Microsoft System Center users leverage and extend your existing infrastructure to deliver award-winning device / port control and data encryption capabilities.

Click here to download it now »

Tips to Manage IT Risk Improve Visibility and Reduce Operating Costs

In today’s dynamic and highly regulated IT environment, organizations currently spend a significant amount of effort and money to ensure compliance – in fact, many spend up to 50% more than necessary. But before you get compliant, you must understand your IT risk. Aberdeen Group recently published research on IT GRC and found that the two differentiating attributes of best-in-class organizations are their commitment to automation of risk and compliance processes and controls and to the development of a continuous compliance infrastructure.

In this webinar, leading experts from Aberdeen Group and Lumension discuss some of these latest IT GRC research findings and identify recommended actions for organizations to provide greater visibility into IT environments, mitigate technical and operational risks and ultimately reduce the total cost of ownership.

Click here to download it now »

Key Steps to Aligning Security and Compliance - How to Connect the Dots

The pressure is on as organisations today face mounting demands to maintain an enterprise-wide security posture while adhering to the growing number of compliance regulations. Without the right processes and tools to effectively navigate through the security and compliance maze, IT professionals often resort to manually poring through spreadsheets and pulling together all of the necessary data and proof points to pass their audit and check the compliance box. But it doesn’t have to be this painful with today’s innovations in compliance and IT risk management. By aligning and connecting the dots across security and compliance, organisations can create business value as policies and procedures can be formalised and security of data and other assets preserved. In this webcast, Nigel Stanley, analyst with Bloor Research and Alan Bentley, VP of Lumension, examine:

The types of risks introduced by poor compliance and security failures
The impact to an organisation's brand and reputation as well as the costs to the bottom line
Practical steps organisations should take to align security and compliance initiatives

Click here to download it now »

Key Steps to Surviving Patch Tuesday

As the number of vulnerabilities increase and shift from the OS to the browser and applications, the challenge of keeping software patched in a timely and effective manner is becoming increasingly difficult for IT organizations. To keep end users protected, application vendors are releasing ever-growing waves of patches, and some are doing so on Microsoft's notorious "Patch Tuesday." For many organizations, patching effectively and reliably is becoming a time-consuming and never-ending process, demanding a robust and dynamic infrastructure to ensure protection.

In this Lumension webcast with Security and Forensic expert Paul Henry, we'll:

Examine how the vulnerability and threat landscape has evolved beyond the OS
Discuss recommended steps to ensure continuous Patch Tuesday readiness

Click here to download it now »

Preparing for HITECH - What You Need to Know

The Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009 was designed to advance the electronic exchange of large amounts of health information. This regulation also expands the reach of HIPAA’s data privacy and security requirements to ensure the security of protected health information. This Lumension webcast uncovers what you need to know about the HITECH Act including:

An overview of the requirements
Who must comply
Upcoming deadlines
Penalties for non-compliance
Recommendations to secure ePHI and to ensure continuous HITECH compliance

Click here to download it now »

6 Critical Elements to Ensure Pain-Free FISMA Compliance

Federal CISOs note compliance as one of their top three priorities with significant time spent on addressing compliance issues. This is exacerbated by the complexity of today’s IT environment, including physical and virtual environments, multiple operating systems and applications supported, and the mobility of data and users. A FISMA compliance approach that relies on a manual and labor-intensive process can produce mountains of paper and elec¬tronic documents that become quite burdensome to manage and ultimately don't ensure a secure network. It’s no surprise then, that in a recent ISC2 survey, while FISMA is generally viewed as having had a positive effect, two in five CISOs believe it has become misdirected or is a time-wasting exercise.

In this Lumension webcast with keynote speaker Michael Rasmussen of Corporate Integrity, you will learn:

The 6 critical elements necessary to reduce the burden of FISMA compliance processes, improve security and optimize resources
How to apply these critical elements to achieve economical FISMA compliance

Click here to download it now »

Four Practical Steps to Minimizing Insider Risk

In today's increasingly collaborative and always-accessible working environment, organizations are challenged to balance the need to put information at the fingertips of productive workers with the responsibility to preserve the privacy and integrity of sensitive data stores. Data still flows freely through unsecured endpoints, USB storage devices, P2P networks and Web 2.0 applications. And this fast-and-loose atmosphere has bred uncertainty about and antipathy toward organizational data policies. Well-meaning-but-clueless insiders continue to use unauthorized and illegal applications and removable devices that puts data at risk and malicious insiders have more options at their fingertips to steal data than ever before.

This webcast examines:

The new risk drivers enabling data loss
What types of data is leaving organizations
Four steps to minimizing these risks

Click here to download it now »

Its 2010 - Are You in Compliance Yet with the Massachusetts Data Security Regulation

If you are small, medium or large business and you “own or license personal information about a resident of the Commonwealth of Massachusetts” then you must comply by March 1, 2010 with strict data security requirements to safeguard such personal information. The time is now to take an assessment of your current compliance and risk posture as it relates to this looming regulation and make sure you have a data security plan in place.

Watch this webcast to learn about the latest revisions to the Massachusetts Data Security regulation ( 201 CMR 17.00 ) and how your company can become compliant in a cost effective and secure manner. Specifically, you will learn:

The components (and revisions) of the Massachusetts Data Security regulation and who must comply
Types of personal information that are mandated for protection under this regulation
The steps necessary to achieve compliance by adopting a "risk-based" approach
Solutions available now to help you cost-effectively achieve compliance

Click here to download it now »

Streamlining and Ensuring Continuous Compliance - Tips Tricks and Lessons Learned

The regulatory environment continues to evolve with new requirements seeming to come at us daily from all angles. With many new mandates and stricter enforcement of requirements, the only way to stay above the fray is to find innovative ways to streamline the compliance efforts without sacrificing effectiveness. Watch this webcast to learn tips and tricks from fellow practitioners who are in the trenches right alongside of you.

Click here to download it now »

Six Keys to Cost-Effective IT Security and Compliance for Healthcare Organizations

Eighty percent of responding healthcare organizations experienced at least one data breach within the past year. And regulators have clamped down - enforcing HIPAA Security Rule requirements with more regularity and instituting heavy financial penalties and numerous audit requirements to those non-compliant organizations. Other regulations including HITECH, PCI DSS and many state data protection/breach notification laws have placed even more urgency and burden around safeguarding electronic protected health information (ePHI) and ensuring compliance.

Yet many organizations continue to address each regulation as one-off projects and rely on compliance by spreadsheet, which is a surefire way to extend the cost, time, errors, and resources needed to complete audits. Not only is such an approach more costly, but it does not provide the necessary visibility into an organization's IT risk so that ePHI can be effectively safeguarded. This webcast examines six keys to cost-effectively ensuring IT security and compliance in the healthcare space.

Click here to download it now »

How to Comply with Nevada's New Data Protection Law

The new Nevada data protection law, NRS 603 (passed as SB 227), is unique in several ways. It is the first state data protection law to provide a “safe harbor” for merchants who are fully PCI-compliant, and it provides further protection for organizations that use NIST-compliant encryption to protect personal information. However, ensuring compliance and avoiding liability is not quite so simple.

In this webcast you will learn:

The details of this new legislation and the standards behind it
Who needs to be concerned about this law and how to ensure you are compliant with it
Why compliance with this regulation has a multiplying impact for most organizations
What processes and technical controls are recommended to ensure compliance

Click here to download it now »

Social Media: How to Reduce Your Web 2.0 Risks

Today, over 95 percent of companies are now using social media tools such as Twitter and Facebook. The use of Web 2.0 has opened new risk channels for the bad guys to take advantage of users’ trust to further gain control of their sensitive information. In this video presentation, Security and Forensic Analyst Paul Henry will review the implications of everyday use of social media, the latest risks these Web 2.0 applications bring into your organization and how to manage them effectively.

Click here to download it now »

Think New: Intelligent Whitelisting

The explosion in malware and vulnerabilities over the last several years has narrowed the usefulness of traditional security approaches. While still important, it can no longer remain the mainstay of the modern security program. A shift is needed, and whitelisting seems to be the answer to beat the hackers at the rising malware game. In this presentation you will learn about the latest innovations that operationalize application whitelisting across dynamic business environments and deliver more effective endpoint security above and beyond standalone anti-malware technologies.

Click here to download it now »

Simple Steps to Reducing Your Insider Risk

Recent economic times have lead to increasing insider risk. According to the Worldwide State of the Endpoint Survey 2010, more than 51 percent of IT operations professionals are concerned with negligent insiders than they are about external threats and more than 72 percent of IT security professionals state the same concern. In this video presentation, Security and Forensic Analyst Paul Henry will overview best practices in how to reduce your insider risk without impacting productivity.

Click here to download it now »

Avoiding the £500,000 Fine:Four Steps to Continuous Audit-Readiness for GCSX Code of Connection

The GCSX Code of Connection (CoCo) is an important step in providing a secure infrastructure for public sector business. While most - if not all - local authorities have achieved compliance with the Code of Connection, authorities must still undergo annual audits. Regulations such as PCI DSS, the Data Protection Act and others also impact organisations from an audit perspective. As such, compliance should not be viewed as 'point-in-time', but as a continuous journey which can be used as a catalyst for an improvement in overall organisational compliance, as opposed to simply a 'tick in the box' from an auditor. Without proper visibility of compliance and security practises, an information security breach, data loss or compliance related incident can rapidly turn into an election issue and ultimately cost political posts. Furthermore, as of 6 April 2010, the Information Commission can impose a civil penalty of up to £500,000 for serious breaches on data controllers under the Data Protection Act.

It is vital that organisations understand the difference between compliance and information security. Organisations should be ready for audit 24/7. Watch this webcast to learn about:

The evolving regulatory climate and compliance enforcement
The difference between being compliant and being secure
The four key steps you can take to ensure continuous audit-readiness and improve security
The capabilities that can help streamline IT risk management processes and enable continuous compliance

Click here to download it now »

Federal Cyber Security Outlook for 2010

With growing concerns of sophisticated cyber attacks from overseas putting U.S. critical infrastructure at risk, Lumension commissioned Clarus Research Group to conduct the industry's first "Federal Cyber Security Outlook for 2010" study. Watch this webcast to learn the findings of this study, to understand the biggest security challenges and what Federal agencies can do to secure against cyber threats and protect intellectual property.

Click here to download it now »