Bipin Chandra has just published a new white paper on the security on developerWorks community called "A t
You might also be interested in....
Security intelligence is the smart way to keep the cloud safe.
How much does a data breach cost your company? That's one of the toughest questions an IT security professional can be asked. The effects of a data breach are potentially catastrophic for a company, but it's a difficult task to quantify the risk.
That's why IBM has sponsored the Ponemon Institute's 2014 Study on the Cost of Data Breaches. This far reaching study is based on 1690 interviews across 10 countries and 16 sectors and is based on actual experiences of companies instead of could-have-happened theoretical discussions.
The Ponemon Institute has released both a global report and 10 country specific reports:
One of the most eye-popping charts in the report analyzes the reported data to show the clear relationship between the size of the breach and its cost: Keep in mind that this is not some hypothetical computer model. This is a regression based on the actual interviews and their reported data.
The 2014 Ponemon Cost Of Data Breach study is must reading for anyone needing to build a business case for protecting against data breaches.
Nikunj Panchal and Subramanian Krishnan have recently published an article on developerWorks showing how to integrate your PGP-based public key infrastructure with WebSphere Cast iron's built in support for data encryption so that you can acheive true-end-to-end data protection for all your enterprise orchestrations based on Cast Iron
You might also be interested in
Getting Started With WebSphere Cast Iron
The publication also includes three detailed scenarios covering real-world implementations of a Cast Iron Integration Solution.
I know everyone's scrambling to figure out what has to be patched to fix the Heartbleed bug. Please keep in mind that Heartbleed is a bug in the OpenSSL implementation of SSL, not a flaw in SSL itself. I know that many IBM products don't use OpenSSL and aren't affected by the Heartbleed bug. Having said that, there are probably some IBM products that DO need to be patched. And I wouldn't dare try to enumerate them.
Because IBM has a team of people whose job is specifically to monitor security vulnerability announcements and make sure the affected IBM products are made aware and to make sure patches get rolled out. They are the IBM
Jon Tate has published a post on the System Storage Redbooks blog with more details on how to get plugged into the PSIRT team's announcements about Heartbleed and other security alerts. So go check that post out and get plugged in.
You might also be interested in.....
Encrypting Data With Confidence
IBM has published a new white paper on encrypting data at enterprise scale. Learn about encrypting mission critical data with confidence and reduce security risks across the enterprise and beyond.
Tim Jones has just published "Had
Comments (3) Visits (4203)
See below for an announcement from Kathryn Zeidenstein about some new video tutorials on InfoSphere Guardium policies
Hi community members
Back in 2011 or so the lab services team had done a LotusLive education session on policies that was very well received. I have taken the first of these presentations and broken it into 4 modules that are now hosted on the InfoSphere Guardium YouTube channel.
You can find links to all 4 of the modules on this new page on the InfoSphere Guardium community wiki. http
Here are the direct links:
Break out the popcorn!!
Have a great weekend.
Mihal Iacob and Walid Rhaibi have just published "Res
From the article summary:
System administrators are responsible for, among other things, protecting a database against unauthorized access or misuse by authorized database users (for example, inappropriate access to sensitive information within a database). A common requirement to mitigate such risks is ensuring that users are allowed to connect to the database only from a list of trusted hosts or IP addresses that are known to be secure. This article gives a practical example of how such a requirement can be put in practice by making use of the CONNECT_PROC database configuration parameter of IBM® DB2® for Linux®, UNIX®, and Windows®.