This report covers benchmarked practices within information security and IT audit functions across more than 3,000 organizations that are directly related to better operational and financial outcomes, for managing the integrity of information, compliance with regulatory audit, and business risks related to IT users. 

In the past, identity management and information security solutions were often procured, implemented, and managed independently with different tools, processes, and organizational units. This separation is quickly becoming a thing of the past. Why? Read this white paper for the answer. 

Data breaches run rampant and there is very little information about how to build a practical, effective data security program. We'll detail the steps to take and the technologies available to keep your organization's most valuable information assets safe. Read on to learn more about protecting the database without threatening the budget. 

The big news in this month's issue is the announcement of the winners of the fifth annual Security 7 Award. Other featured articles present tips for preventing future incidents and also explain how SOX compliance is hitting smaller public companies harder than the big guys. Read on for these great articles and more. 

Each month many companies, big or small, well known or unknown, experience a data security loss with the potential exposure of thousands to millions of sensitive customer or employee records. This brief examines cryptographic methods, specifically tape data encryption, to combat such security losses. 

This issue of information security magazine provides a step-by-step guide to securing database systems, explores the important factors in selecting a SaaS provider, presents a whole new approach to security management that has nothing to do with structure-driven policy architecture, and more. 

In this white paper, learn how with Tripwire Enterprise, organizations can quickly achieve IT configuration integrity by proactively assessing how their current configurations measure up to specifications as given in ISO 27001. 

Read this expert E-Guide and learn what CISOs said were their biggest challenges of 2008 and what lies ahead for 2009. Topics covered include the 4 pillars of an information security strategy and how to make security decisions in a way that business units will have added value and can be integrated smoothly along with other enterprise initiatives. 

Protecting messaging services is an important part of any business messaging strategy. Vulnerabilities abound when you allow messaging traffic for delivery over the Internet. The scope of this guide will focus on email security although many of these concepts will also apply to other types of messaging. 

This paper offers thought leadership to help you address challenges surrounding information security and compliance issues. It will also introduce you to the value and importance of a hardware security module as a key part of any successful information security program. 

This collection of slides from the Information Security Decisions Conference presents an extensive overview of the internet security threats that have risen up in 2009. Several different cybercrime tactics are discussed and detailed examples are provided for each. Download these slides to get an idea of the threats that your organization is facing. 

This collection of slides from the Information Security Decisions Conference presents a practical 5 step plan toward achieving greater standards of database security and compliance. These steps consist of discovering, securing, monitoring, protecting and managing your databases. Download the slides to learn more. 

Change management: Information security professionals have been known to cringe when they hear these words. But the change management process doesn't have to be as complicated as it might seem.