hether you're considering a security information management (SIM) solution to comply with regulations, such as PCI, SOX, GLBA, NERC CIP, FISMA and HIPAA, or attempting to simplify the collection and management of log and event data, or trying to increase your overall information security posture, or all of the above, there are some key factors to consider.

Join us for this webcast addressing "Data loss during downsizing," discussing the results of a survey conducted by the Ponemon Institute. In these tough economic times, many companies are going through layoffs or downsizing. According to the survey results, more than half of ex-employees admit to stealing company data. Attend this webcast to find out why companies need to know exactly where sensitive data resides, how it is being used, and how to prevent it from being copied, downloaded or sent outside the company.

Merchants who accept payment cards are challenged with complying with the Payment Card Industry's Data Security Standard (PCI DSS). Because all systems that accept or use payment cards are considered in scope for PCI DSS compliance, there are very few ways to cut corners when seeking compliance. This webcast will present the concept and use of a new data security model, tokenization, which substitutes data surrogates for card numbers in systems throughout the enterprise, thus reducing scope for PCI DSS compliance and annual audits as well as lowering the risk of a data breach.

Laptops present a significant challenge for security focused companies. Laptop computers can be a common mechanism for viruses, spyware, and other security threats to enter an otherwise well-protected network. Join us for an exciting look at how you can eliminate the need to have users run with administrative rights on their laptops.

The business of running a Security Operations Center (SOC) is a difficult one. Who has the time to retain the right people, build comprehensive processes and procedures, and implement a robust Security Event and Information Management (SIEM) infrastructure? Those tasks require time, expertise and experience. Would you like to take a shortcut? This session will give you the tips and tricks based on actual client engagements that you'll need to side-step, bypass, and throw out the rigorous project needed to make a successful SOC. Need a SOC up and running in two weeks, but don't necessarily care about it running one year from now? This session is for you.

Taking a reactive approach to IT security is a risky proposition. Besides presenting unnecessary operational hurdles, making patch, update and configuration decisions based on a flood of data from disparate scanning and logging solutions can still leave the door open to attack.

Today's systems are complex, sophisticated and providing more businesses the opportunity to innovate. However regulations and industry standards are also growing and many are prescribing specific controls for security and data protection. Providing the guidance and assurance for protection in a one size fits all strategy has not been effective to date. Dynamic whitelisting provides a solution that is adjustable to meet the basic compliance requirements and to go beyond and enable immediately impactful security for regulated industries. Learn about how dynamic whitelisting can make a difference and how it can immediately change how you look at security compliance.

Compliance, GRC, Policy Management, Risk mitigation, IT Governance, DLP, HIPAA, SOX, PCI-DSS...the new language of security can be confusing at best, and both management and IT staff are seeking answers. Where can we find out about the rules that apply to us? Are we at risk for compliance-related penalties? Are the legal and accounting departments on top of this?

Although roles-based access control (RBAC) has been the subject of much interest in the past, companies are still dealing with the complexity of managing roles at the technical infrastructure level (applications & provisioning). For some organizations, this complexity is an obstacle to deploying effective roles-based access governance.

Log management technology has been labeled -- often accurately -- as complex and expensive. But many organizations face regulatory mandates that require log management. Given today's climate of economic uncertainty, such organizations must find a way to effectively manage log data with a tightening budget. Cloud computing is the answer. In the cloud, organizations can meet the demands of both shrinking budgets and expanding regulations.

The Advanced Persistent Threat (APT) is a sophisticated and organized cyber attack to access and steal information from compromised computers. The intruders responsible for the APT attacks target the Defense Industrial Base, financial industry, manufacturing industry, and research industry. The attacks used by the APT intruders are not very different from any other intruder. The main differentiator is the APT intruder's perseverance and resources. They have malicious code (malware) that circumvents common safeguards such as anti-virus, and they escalate their tools and techniques as a victim's capability to respond improves. MANDIANT will discuss how they assist organizations in addressing the APT.

In this webcast, Jason Mafera, senior product manager for Imprivata, discusses the key findings from a recent Imprivata-sponsored survey examining trends in strong authentication. Jason reviews key survey findings and lends his expertise to decipher what this means for anyone considering strong authentication as part of their employee access management strategy in 2009.

As organizations continue to deal with the growing number of compliance regulations, information protection and security risks in these uncertain times, they have to figure out how to do more with less.

Previously known as UI Redress, clickjacking is a method to trick users into clicking on something without knowing what they clicked. Clickjacking allows for malicious content to be transparently overlaid on top of a legitimate application. If not properly handled by browsers it can lead to information theft. In this brief 10 minute webcast, learn about the dangers of clickjacking and countermeasures that can be taken to prevent becoming a victim.

As IT, security, and audit departments continue to deal with a growing onslaught of security risks and regulations, the message from management in these times of economic uncertainty could not be worse: "do more with less."

The average security breach costs an organization $6.5 million, plus countless employee hours, customer confidence, and hits to your brand reputation. We all know that passwords are the weakest link in our security armor, so the smartest budget choice we can make is to protect that link in real-time rather than deal with the aftermath.

All too often the loss of data results from well-meaning employees making innocent mistakes. But these mistakes can lead to infringement of data protection laws and ultimately damage to your reputation and brand. Learn how to significantly reduce your risk of sensitive data loss with a series of practical steps. Join this live one-hour webcast featuring security expert Jonathan Tait from Sophos.

If you're in the market for a two-factor authentication solution, don't miss this webcast. Learn how to choose the two-factor solution that is the right for your business. During the webcast, we'll discuss the key drivers for a successful two-factor implementation, identify key evaluation criteria, and compare two-factor authentication methods.

Access control management is an increasingly important aspect of IT security, particularly because of the growing complexity of the IT infrastructure.

As an organization that processes credit cards, you face tremendous pressure to comply with PCI DSS requirements. Specifically, Requirement 10, which requires log management or log analysis, can be the most costly and resource-consuming. In the rush to achieve initial PCI compliance, many large and midsize merchants established processes for manual log management.

PCI Compliance continues to be an elusive goal. This webcast presents a holistic approach to building an information security program in your enterprise.

How do you determine whether IAM improvement initiatives have delivered the expected level of enterprise benefits?

Experts from Sun Microsystems and LogLogic will discuss use cases for speeding time to compliance, increasing security and reducing compliance-related costs.