Do you have visibility into everything that privileged users are doing on your network? The frequency of these threats is increasing and compliance regulations are changing to mandate monitoring of privileged user access. Yet most organizations can't answer "yes" to these questions. This panel discussion will focus on both the practical and regulatory aspects of effective privileged user monitoring - featuring two IT executives and a compliance expert.

The people in your organization will do whatever they have to do to be productive. And if that means that your current IT infrastructure is not conducive to helping them be productive, they will look for ways around your IT infrastructure safeguards. What does that mean? That means if their e-mail box is not large enough they will go online and find ones that are. That large file can be sent via e-mail -- they will find services and technologies to solve that issue. Can't get access to presentations and documents necessary to do that perfect sales presentation when you are remote -- they will start hosting the very same presentation and documents in a place that allows them to get to it. The iPhone and android phones are not supported by IT -- they will create proxies using home computers to push and pull e-mail from their smart devices.

The concept of security in layers takes the view that no single component can ensure the level of protection necessary to safeguard sensitive data. Instead, by leveraging the various technologies and approaches available today, organizations can implement security policies that meet regulatory requirements, and provide cost-effective controls to minimize data breaches.

Join Websense Director, Patrick Murray, as he explains the need for true hybrid functionality in Web security and integrated Data Loss Prevention to protect your organization. Learn how robust, unified solutions can deliver the best security against modern threats at the lowest total cost of ownership (TCO).

Content Aware SIEM represents a new generation of Security Information and Event Management (SIEM) capabilities that extend the value and benefits of SIEM by providing visibility into the contents of applications, documents and protocols.

Keeping the network secure has become a daunting proposition for most enterprises. With hundreds of firewalls and a long list of network devices, it's hard for network teams to determine where to focus efforts to keep the network secure and available to users.

There are clear benefits to a company in providing remote access to the corporate network for their employees, customers and partners. However, access to the corporate network through an extranet, remote access gateway (VPN) or Microsoft® Windows® desktop effectively opens a door to the organization's most sensitive assets, intellectual property and customer data.

Ever stuck in a situation where you're expected to do more with less. Or have to choose among three different solutions, one each for cybersecurity, compliance and IT ops? Don't know what to do? Attend this informational webinar to learn how to convert digital fingerprints into a single pane of glass to combat cybercrime, demonstrate regulatory compliance and streamline IT operations.

The network security industry has witnessed shifts in three major areas. Compliance has gained tremendous traction as organizations are dealing with multiple regulations to mitigate the risk in data loss and application downtime. Second, the convergence of multiple security functions into products that support a single function has evolved to include policy management integration. Third, the consolidation of data center infrastructure is being driven by virtualization tools, such as cloud computing models. In this 10-minute webcast, Roark Pollock will discuss how business benefits could be undermined by rising security exposure and the complexities of today's evolving threat landscape if the right protection is not in place.

Join John Kindervag, senior analyst from Forrester Research, and Geoff Webb, senior manager of product marketing for NetIQ, for a web seminar on "Conquering Data Protection Challenges." You'll learn how the pressures to secure sensitive information are growing evermore acute, how the penalties associated with a breach can be very damaging, and how to begin to manage and secure access to your data wherever it resides.

Endpoint security has long been a major component in the IT security arsenal. However, the complexion of today's "workforce" and the IT environment is dramatically changing, forcing organizations to rethink the definition of an endpoint protection strategy.

Today's new business culture, with expanding corporate perimeters, ubiquitous network connectivity, and the proliferation of mobile devices, involves new security risks. Businesses must ensure that their security policies are up to date and effectively communicated to their workforces in order to enforce acceptable use and protect against data theft and hijacking. Join John N. Stewart, Cisco Vice President and Chief Security Officer, to hear his thoughts regarding current mobile workforce trends and challenges, and his recommendations on how to best secure mobile devices.

Establishing, developing, and maintaining robust and secure business teleworking environments for their employees can help organizations successfully reduce costs and increase productivity. In this 10 minute webcast, Mick Scully, VP of Product Management for the Access Router Technology Group at Cisco, will explore the evolution of teleworking and provide a recap of the benefits organizations can achieve as well as some of the security challenges they must address when building a teleworking platform for their remote users.

The most anticipated and misunderstood change in Windows 7 is User Account Control (UAC). Microsoft introduced UAC in Windows Vista to eliminate the need for users to run with administrative privileges. Despite its good intentions, Vista's UAC was widely criticized for its frequent user prompting for routine applications and installations and its inability to remove the need for users to run as local Administrator.

This 10 minute webcast features Matt Schnarr, Security Specialist with Intellitactics and reflects his real life experience at a global investment bank implementing consistent logging and event management for compliance and security.

Join us for an hour-long webcast covering the recent survey by the Ponemon Institute, The Security of Electronic Health Information. This webcast will include important findings from the recent survey by The Ponemon Institute, as well as current best practices to secure health care data.

Increasing protection from malware, preventing unauthorized software installs and stopping users from making unwanted desktop configuration setting changes is a priority for nearly all companies. Removing administrator rights is one of the best ways to secure desktops and to meet these goals. However, most users must be given administrative rights in order to run certain Windows applications, and self-install authorized software and ActiveX controls. In order to effectively secure desktops end users must still be able to perform necessary tasks for their jobs.

Two-factor authentication has become an IT security necessity for many reasons. Threats continue to increase in frequency and sophistication. Many industry regulations, like PCI DSS, FFIEC, HIPAA, and Sarbanes-Oxley require it. And ultimately, your employees, customers, and shareholders expect you to protect the sensitive data you are storing and transmitting on their behalf. But security tokens and many other forms of two-factor authentication have proven to be inconvenient for your users, cumbersome for your IT department, and expensive to implement and support. Phone-based authentication provides strong two-factor security with the ease and convenience your users and your IT department demand at a fraction of the cost.

SQL injection attacks, malfeasance by insiders and regulatory requirements are driving organizations to find new ways to secure their critical databases and achieve compliance with SOX, PCI-DSS, NIST 800-53 and data protection laws.

Securing IT infrastructures today has become more of a challenge with the rise of consumer electronics usage in the workplace, Web 2.0 social networking, and criminal sophistication. Join us for an in-depth update on global threats and trends as outlined in the recently-released Cisco 2009 Midyear Security Report. The key findings of the report will be discussed along with proactive ways to defend organizations in today's distributed environment.

If you are not concerned about the potential risks to your IT environment posed by mis-configured firewalls or competing rules - you should be. The average enterprise has hundreds of firewalls and thousands of rules - making it impossible to manually monitor, evaluate, and ensure firewall compliance in large networks. In this webcast, John Kindervag, senior analyst at Forrester and Gidi Cohen, CEO of Skybox Security, will discuss the critical drivers for firewall auditing and its challenges, and explain why automated firewall audit solutions are an indispensible tool for IT security.

Join us for this webcast addressing "Data loss during downsizing," discussing the results of a survey conducted by the Ponemon Institute. In these tough economic times, many companies are going through layoffs or downsizing. According to the survey results, more than half of ex-employees admit to stealing company data. Attend this webcast to find out why companies need to know exactly where sensitive data resides, how it is being used, and how to prevent it from being copied, downloaded or sent outside the company.

You already know the growth and changes in government, industry and internal regulations designed to protect data is becoming harder and more expensive to manage. Join us to learn how you can simplify the task by listening to The Top Tips to Keep Data Under Your Control. Compliance and security expert, John Metzger from Sophos, will present security compliance and recommend technology and strategies to help you succeed.

With bad behavior comes more regulation and that means regulatory oversight will continue to increase and put more pressure on overworked security and compliance groups. Whether it's PCI, HIPAA (and successors), NERC/FERC, or FISMA, organizations of all shapes and sizes tend to have to deal with not one, but many regulatory hierarchies and multiple audits. In this "10 Minutes On" SC Magazine webcast, Mike Rothman, SVP of Strategy for eIQnetworks will discuss an approach to provide leverage in both security and compliance operations.

hether you're considering a security information management (SIM) solution to comply with regulations, such as PCI, SOX, GLBA, NERC CIP, FISMA and HIPAA, or attempting to simplify the collection and management of log and event data, or trying to increase your overall information security posture, or all of the above, there are some key factors to consider.

Merchants who accept payment cards are challenged with complying with the Payment Card Industry's Data Security Standard (PCI DSS). Because all systems that accept or use payment cards are considered in scope for PCI DSS compliance, there are very few ways to cut corners when seeking compliance. This webcast will present the concept and use of a new data security model, tokenization, which substitutes data surrogates for card numbers in systems throughout the enterprise, thus reducing scope for PCI DSS compliance and annual audits as well as lowering the risk of a data breach.

Laptops present a significant challenge for security focused companies. Laptop computers can be a common mechanism for viruses, spyware, and other security threats to enter an otherwise well-protected network. Join us for an exciting look at how you can eliminate the need to have users run with administrative rights on their laptops.

The business of running a Security Operations Center (SOC) is a difficult one. Who has the time to retain the right people, build comprehensive processes and procedures, and implement a robust Security Event and Information Management (SIEM) infrastructure? Those tasks require time, expertise and experience. Would you like to take a shortcut? This session will give you the tips and tricks based on actual client engagements that you'll need to side-step, bypass, and throw out the rigorous project needed to make a successful SOC. Need a SOC up and running in two weeks, but don't necessarily care about it running one year from now? This session is for you.

Taking a reactive approach to IT security is a risky proposition. Besides presenting unnecessary operational hurdles, making patch, update and configuration decisions based on a flood of data from disparate scanning and logging solutions can still leave the door open to attack.

Today's systems are complex, sophisticated and providing more businesses the opportunity to innovate. However regulations and industry standards are also growing and many are prescribing specific controls for security and data protection. Providing the guidance and assurance for protection in a one size fits all strategy has not been effective to date. Dynamic whitelisting provides a solution that is adjustable to meet the basic compliance requirements and to go beyond and enable immediately impactful security for regulated industries. Learn about how dynamic whitelisting can make a difference and how it can immediately change how you look at security compliance.

Compliance, GRC, Policy Management, Risk mitigation, IT Governance, DLP, HIPAA, SOX, PCI-DSS...the new language of security can be confusing at best, and both management and IT staff are seeking answers. Where can we find out about the rules that apply to us? Are we at risk for compliance-related penalties? Are the legal and accounting departments on top of this?

Although roles-based access control (RBAC) has been the subject of much interest in the past, companies are still dealing with the complexity of managing roles at the technical infrastructure level (applications & provisioning). For some organizations, this complexity is an obstacle to deploying effective roles-based access governance.

Log management technology has been labeled -- often accurately -- as complex and expensive. But many organizations face regulatory mandates that require log management. Given today's climate of economic uncertainty, such organizations must find a way to effectively manage log data with a tightening budget. Cloud computing is the answer. In the cloud, organizations can meet the demands of both shrinking budgets and expanding regulations.

The Advanced Persistent Threat (APT) is a sophisticated and organized cyber attack to access and steal information from compromised computers. The intruders responsible for the APT attacks target the Defense Industrial Base, financial industry, manufacturing industry, and research industry. The attacks used by the APT intruders are not very different from any other intruder. The main differentiator is the APT intruder's perseverance and resources. They have malicious code (malware) that circumvents common safeguards such as anti-virus, and they escalate their tools and techniques as a victim's capability to respond improves. MANDIANT will discuss how they assist organizations in addressing the APT.

In this webcast, Jason Mafera, senior product manager for Imprivata, discusses the key findings from a recent Imprivata-sponsored survey examining trends in strong authentication. Jason reviews key survey findings and lends his expertise to decipher what this means for anyone considering strong authentication as part of their employee access management strategy in 2009.

As organizations continue to deal with the growing number of compliance regulations, information protection and security risks in these uncertain times, they have to figure out how to do more with less.