Publications
 |
Security Among the Clouds Cloud computing offers clear benefits, yet its security risks are very real. Businesses must understand both the inherent shortcomings and strengths of cloud computing to unlock its full potential and value. |
 |
Trial by fire: What global executives expect of information security in the middle of the world's worst economic downturn in thirty years Today, in the middle of the worst economic downturn in thirty years, information security has an enormously important role to play. We asked the question- will information security be among the most likely cost centers to encounter cutbacks in funding when companies fall upon difficult economic times? For this report, we surveyed more than 7,200 CEOs, CFOs, CIOs, CISOs, CSOs and other executives responsible for their organization's IT and security investments. |
 |
Safeguard your sensitive data* A proactive approach to data security will help identify and stop breaches of high-value information CISOs have numerous automated security solutions to choose from, but none fully closes the loop on security. PricewaterhouseCoopers believes the missing link can be found in the basics: a company’s data. It is our view that organizations should augment automated security solutions by building and monitoring a comprehensive inventory of their data and information systems. In doing so, they will identify and classify data according to its sensitivity and risk and know where it resides and flows. Then they can more effectively take advantage of data breach indicators to identify and detect signs of breaches that may be overlooked by solutions such as identity management and data loss prevention. |
E-espionage: What risks does your organization face from cyber-attacks?
This report, written by our UK OneSecurity team, with support from CPNI (Centre for the Protection of Nation Infrastructure), highlights how a growing number of well-resourced and highly sophisticated cyber-criminal from across the globe are seeking to gain unauthorized access to valuable or sensitive data and information held by companies and governments.
Effective Security? From risk management to real business advantage
Risk and security departments are becoming so caught up with fire-fighting everyday risks they are missing the threats from more subtle areas of converged risk. Our research highlighted that risk and security departments are not even aware of its existence until it is too late and a breach or incident occurs.
Empower your business.* Information rights management can lock down confidential documents and improve your security posture
Information rights management (IRM), is an ideal complement to data loss prevention and identity management solutions. Its anywhere-anytime data protection solves a huge issue for CISOs, compliance officers, and business executives. In the past, they had to worry only about information stored on servers and laptops. In today’s world, email, USB thumb drives, laptops, and smart phones mean that data can—and does—go just about anywhere. Data leaks proliferate, whether accidental or intentional, introducing potentially costly and damaging risks to organizations’ reputations. This paper discusses how IRM will help plug these data leaks so that sensitive content, regulated data, and intellectual property are protected no matter where they reside.
Automated.* Security monitoring: the key to a successful compliance strategy*
Given the broadly accepted reality that every network can be compromised, there are too many systems offering too many services and running too many insecure applications. No amount of code reviews, patching, or access control can safeguard against every attacker. When prevention does fail, how do organizations prepare for the likely intrusions? Chances are they don’t know how. This paper addresses how organizations can step back and objectively consider how their risks and business objectives impact security.
How to align security with your strategic business objectives
As chief information security officer (CISO), you occupy the new seat at the executive table. In order to provide leadership in this position, you will need a clear vision for security, the ability to communicate its relevance and the managerial discipline to deliver its full value. This guidebook, based on our PricewaterhouseCoopers SecurityATLAS™ framework, explains how to achieve these goals.
Security outsourcing unlocks value* Managed security services can create lasting value and cost-saving efficiencies and enable you to focus on expanding your core business.
Managed security services can help your organization effectively manage security needs while improving efficiency and lowering costs. But to be successful and increase value, organizations will need carefully planned strategies and processes. Navigating the complexity of today’s volatile outsourcing options demands that organizations tap the same expertise and employ the same rigor used to plan and structure strategic business deals. Outsourcing decisions can have far-reaching implications to the growth of the organization, and they often require carefully planned strategies and approaches to help drive success and drive value. Think of managed security services as a complex strategic business deal and you’re on the right track.
10Minutes on Data & Identity Theft
The risk of data and identity theft is on the rise. 10Minutes on data and identity theft discusses key risk indicators of data and identity theft vulnerability and explains why having strong data safeguards in place can help secure a company's reputation, competitiveness, and financial well-being.
Global State of Information Security Survey 2008
Protecting corporate information assets is critical—especially as mobile devices proliferate, open use of the Internet surges, new business models shake out, and strategic sourcing initiatives stretch "long reach" supply chains further and across more countries and companies than ever before. We asked more than 7,000 CEOs, CFOs, CIOs, CSOs, vice presidents, and directors of IT and information security from 119 countries.
Data loss prevention
An increasing number of high-profile data security breaches have made headlines. These events can not only expose a business to costly and devastating legal ramifications, they can severely denigrate a brand— sometimes to a point beyond repair. Point solutions don’t work. For data loss prevention (DLP) to be effective, companies must decide on the right strategy, engage the right people, target the right data, and employ the right technology.
Focus on risk, and compliance will follow: Meeting the challenges of PCI DSS
In response to an alarming increase in payment card theft and fraud, including high-profile incidents at multiple companies, the major credit card companies collaborated to develop the Payment Card Industry Data Security Standard (PCI DSS) to increase the protection of payment card information. This publication discusses an integrated approach that can create a more secure and efficient — as well as compliant — organization.
From people to process: Unlocking the value of identity and access management with Oracle technology
This paper offers insights into an effective solution for organizations who are looking to resolve the complexities surrounding Identity and Access Management. PricewaterhouseCoopers' proficiency in enterprise security with Oracle's suite of solutions, can deliver a robust, holistic solution that tames IAM's complexity.
Getting it right: Resolving the complexities of identity and access management
Diverse requirements of IAM have left many organizations with an IT infrastructure that resembles an incomplete puzzle; some applications and solutions fit and interlock, while others are askew or absent. To assemble the puzzle, companies must create a holistic, centralized IAM solution that aligns with the existing IT platform, regulatory needs, and business goals. Only then can they resolve the challenges of identity management.
Email to a colleague
Print-friendly version