Managing enterprise-level security threats

This guide on threat management is aimed at showing companies how to heighten their security awareness and to strengthen their perimeter.
Written by ZDNet Staff, Contributor on

Security is a cost of doing business but too many companies have unrealistic return on investment (ROI) expectations, research firm Gartner believes.

"Companies should stop asking for a return on investment for certain security products and instead see them as a 'cost of doing business'," said research director Rich Mogull.

"What is the return on investment of buying a firewall or antivirus? It's like asking 'what is the return of investment on a fire extinguisher?' What is the return on investment on getting your employees desks?

"For some it really is just the cost of doing business. If you don't have antivirus, if you don't have firewalls then you are not going to be able to do anything else -- unless you do it all on paper," he said.

This guide is aimed at showing companies how to heighten their security awareness and strengthen their perimeter.

Best practices for defeating spyware
The financial motivation for stealing or damaging corporate information is tremendous and is reflected by a proliferation of spyware across the enterprise.
(free registration required)

The art of penetration testing
With new security attacks being unleashed every day, it's tough to know which ones threaten your business the most. And although vulnerability scanning can reveal the sheer number of exposure points, it doesn't help you pinpoint wherein your key risks actually lie.
(free registration required).

Controlling Network Access through an SSL VPN
There is tremendous buzz and confusion about network access control, or NAC. What is it and how does it fit with your need to provide secure remote access?
(free registration required)

Client security: A framework for protection
By establishing risk profiles that focus on three aspects -- users, data, and devices -- companies can take the guessing out of securing their client systems.
(free registration required)

Protection from emerging virus threats
Today's malware distributors skirt traditional defenses by exploiting the "zero hour gap," the time it takes to identify the attacking malware and write signatures that can detect and neutralise it. To exploit this gap, virus writers have taken to using several new distribution strategies.
(free registration required)

Eliminating the threat of malware
This paper examines how and why this threat is changing, as well as how malicious software or malware writers are fighting back against the antivirus software.
(free registration required)

Ten tips for managing passwords
Passwords are fatally flawed, it's true, but for now they are the best option for many companies. But almost everybody could be managing them more effectively.

Symantec sees Achilles' heel in Vista
Some of Microsoft's efforts to make Windows Vista its most stable and secure operating system ever could cause instability and new security flaws, according to Symantec.

Beware the Microsoft 'monoculture': Symantec
Without diversity in security software for Windows, computers running the Microsoft operating system will be sitting ducks, Symantec CEO John Thompson warns.

Oracle plugs 65 security holes
As part of its quarterly patch cycle, Oracle has released fixes for 65 security vulnerabilities that affect many of its products.

Australian firms spend less, feel less secure
Analyst group Gartner claims that almost three quarters of American companies feel safer than they were a year ago but only 22 percent of Australian firms feel the same way.

Microsoft plugs worm hole in Windows
Microsoft has made available fixes for 18 security vulnerabilities in Windows and Office software. Five have been deemed "critical".
Editorial standards