This white paper describes a structured approach toward the formation of a government security operations center (SOC) that enables organizations to integrate this capability into their overall Information Security Management System (ISMS) and align with many of the requirements introduced by ISO/IEC 27001:2013.
The theft of credit card data continues to grow at an alarming rate. It is costly to credit card companies and merchants, and it undermines consumer confidence. The Payment Card Industry has developed the PCI Data Security Standard (PCI DSS), which includes 12 requirements for protecting cardholder data. Despite substantial investments made in securing their networks, organizations are realizing that being PCI compliant does not mean an enterprise is protected against advanced cyberattacks.
This paper explores a combination of ongoing and emerging factors that are exposing a variety of deficiencies with current firewall designs. These issues and flaws are then used to establish the criteria that define the ideal solution: a next-generation firewall that incorporates application inspection at its core.