In this Issue:
- IBM Q1 Labs Announces New Threat Analytics To Help Organizations Better Identify Hidden Security Attacks
- Data Breach Headline News: UNC at Charlotte and State of Utah
- InfoSphere Guardium is Coming to an Information Integration and Governance Forum Near You
- Don’t Miss the Global Security Summit – X-Force Evolving Threats Seminar Series
- Santiago Stock Exchange Case Study Video
- New eBook: Unifying Data Security and Integrity: Reduce Risk, Lower Costs
- On Demand Webcast: IBM X-Force 2011 Trend Report: Combat Data Security Threats
- InfoSphere Guardium Training Courses
- InfoSphere Guardium Bootcamp for Business Partners
- Data Security and Privacy Blogs
IBM Q1 Labs Announces New Threat Analytics To Help Organizations Better Identify Hidden Security Attacks
IBM (NYSE:IBM) unveils new analytics using advanced security intelligence that can flag suspicious behavior in network activities to help better defend against hidden threats facing organizations.
As organizations open up their networks to smartphones and increased social media access, traditional security defenses alone such as firewalls and antivirus software can’t adequately protect an organization.
To address this, IBM is announcing the QRadar Network Anomaly Detection appliance that analyzes complex network activity in real-time, detecting and reporting activity that falls outside normal baseline behavior. The analytics can look not only at inbound attacks, but also can detect outbound network abnormalities, where malware may have already infected a “zombie” system to send data outside the organization.
Read the press release.
Data Breach Headline News: UNC at Charlotte and State of Utah
In recent headlines, we are hearing more about data breaches caused by system misconfiguration, incorrect access settings and unauthorized access to sensitive data that have resulted in the exposure of personal information including social security numbers, health records and transactions.
The University of North Carolina at Charlotte said financial data and 350,000 Social Security numbers were exposed
The University of North Carolina at Charlotte blamed a system misconfiguration and incorrect access settings for the exposures, which also involved names and addresses of people who had done transactions with the university.
Read the full article.
Utah CIO reveals security flaws that lead to data breach –Utah’s Department of Health breach exposes data on 780,000 citizens’ personal information
The attackers were able to gain access via the server factory-default logins to access the state’s Medicaid healthcare program. The information was not encrypted and did not have hardened passwords.
Read the full article.
These exposures exists due to the complexity caused by the vast amount of data managed by multiple IT staff members, business groups and third party vendors who have direct access to applications. The use of sensitive data now caters to a much wider audience. Since users are not limited to inside employees, attackers now have a direct pipe—through the application, past perimeter defenses—into the database.
IBM® InfoSphere™ Guardium® database security products provide a simple, robust solution for continuously monitoring access to enterprise databases and simplifying compliance audits with automated and centralized controls for heterogeneous environments.
Download a complimentary e-Book: Protecting against data breaches and insider threats to learn more about the top 5 data breach scenarios and best practices to prevent data breaches, insider fraud and unauthorized changes to sensitive data.
InfoSphere Guardium is Coming to an Information Integration and Governance Forum Near You
The forum provides an opportunity for InfoSphere Guardium clients and perspective clients to discuss database security in the content of information governance. The Forums are perfect for IT executives, mid-level managers, influencing practitioners and database administrators who are in the process of implementing governance programs and want to understand how database security fits in.
At the Forum you’ll learn how to:
- Ensure your information is fresh, accurate and authentic
- Cut costs while integrating, managing and protecting information throughout its lifecycle
- Discover insights and optimize decisions fast enough to impact your business in real time
- Turn your data into a trusted asset with improved data integration and quality
- Align information and related projects to business goals
Register to attend an event near you.
Don’t Miss the Global Security Summit – X-Force Evolving Threats Seminar Series
Since the release of the X-Force report on March 22, 2012, we have seen a surge in press coverage and a flurry of social media activity focused on enterprise security. IBM is taking this discussion on the road with the XForce roadshow coming soon to a city near you! Talk with XForce researchers, dig deeper into the findings and learn about how InfoSphere Guardium can help address the threats and vulnerabilities raised in the report. As defined in XForce research, InfoSphere Guardium is a critical component in many emerging attack vectors including smarter more capable hackers, automated password guessing and the surge in automated shell command injection attacks. Join in the discussion with other InfoSphere Guardium clients and prospects and also network with colleagues concerned with network, application and identity management as you create your enterprise security and compliance strategy.
Register to attend an event near you.
Santiago Stock Exchange Case Study Video
The Santiago Stock Exchange provides back office services for their clients. Watch this video as Andrés Araya Falcone, Chief Information Officer, Santiago Stock Exchange, describes how they used IBM InfoSphere Guardium to protect and maintain data in a highly secure environment.
Watch the video.
New eBook: Unifying Data Security and Integrity: Reduce Risk, Lower Costs
Organizations must rigorously protect their data from all threats—including malicious attacks that can distort or destroy data, and the inadvertent corruption or misuse by employees. This job is becoming increasingly more difficult as the the sheer volume of data across organizations explodes and the number and diversity of data sources grows. Add to this mix, a layer of complexity where a very problematic siloed approach has resulted in order to satisfy various compliance mandates. This growth puts a tremendous strain on limited IT staff resources.
This in-depth guide shows you how every organization can benefit from a unified approach with:
- Consistent policies and controls
Read how a unified and comprehensive data security strategy supports heterogeneous database environments and unifies the protection controls for sensitive data from inappropriate use.
Register and download the eBook.