October 2012

Looking for a past month's issue?

Main Articles

What is Scaring Businesses the Most? Spear Phishing.

Gartner Finds Increase in Targeted Phishing Attacks

Leading analyst firm Gartner just released the 2012 Magic Quadrant for Secure Email Gateways (SEG)* and noted an uptick in targeted phishing attacks. The report states "Phishing attacks continue to oscillate, while more targeted phishing attacks increase. Better protection from targeted phishing attacks is the most critical new inbound protection capability, but only a few vendors have advanced the state of the art against these attacks."

Download the report

Insights from Top CSOs: 100% Concerned About Spear Phishing

Websense recently hosted a customer round-table discussion with 20 CSOs from top U.S. companies. We swapped war stories, hashed out the security challenges they face every day and they shared how they’ve been successful. These CSOs work in a variety of industries, including federal, finance and healthcare. Recently, there have been a number of highly public targeted attacks, which led to a lengthy discussion on spear-phishing. We found their insights very valuable and wanted to share some key points below.

100 percent of all the CSOs were very concerned about spear-phishing. Everyone felt their CEO would click on an infected spear-phishing link if an email got through. We all agreed there needs to be a published strategy for effectively dealing with spear-phishing blind spots.

Learn more...

To learn more on how to defend against today’s targeted phishing attacks, download the whitepaper

Be a CSI Investigator!

ACE Insight is a free online forensic tool that will interrogate a URL to uncover any risks it may present. Through the use of a free MyWebsense account, every aspect of a web page can be exposed from de-obfuscating hidden JavaScript to highlighting the risk of embedded links. Whether you are evaluating the links in a suspicious email, or just curious about what a web page may be attempting to do to a visitor's system, ACE Insight can quickly provide the details to make a confident ruling.

And the newly released CSI Forensic Services offering can take you to the next level of forensic investigation. CSI Services include a range of security training resources as well as ThreatScope, a researcher grade malware sandbox analysis tool used by our own researchers. Take a peek at a sample report and other features of this advanced forensic investigation service.

Websense Data Security Gateway and Citrix NetScaler for SDN Overview

The dynamic nature of cloud services requires a level of app-awareness, control and flexibility that go beyond the capabilities of today's data center networks. Enterprise core security concerns are shifting from malware to data protection.

Websense and Citrix have teamed up to jointly deliver Data Security Gateway on the next generation NetScaler SDX platform that powers NetScaler for SDN. Together they will provide consolidated, best-in-class L4-7 networking services and data protection, as well as app-awareness, control and flexibility to today's networks and tomorrow's SDNs on an open and unified platform.

Learn more...

10 Tips to Help Protect Company Information on Mobile Devices

Now that mobile devices have flooded the corporate world, I am sure you are trying to find a way to safely allow them in your workplace. Here are a few tips to get you started whether the devices are corporate or employee owned.

  • Require a passcode to be enforced on all mobile devices
  • Keep mobile software up to date
  • Backup / sync phone periodically
  • Establish a minimum security requirement for all devices connecting to your corporate networks
  • Don't allow jail broken devices to access corporate data
  • Allow only certain "trusted" mobile devices access to corporate networks
  • Only download apps from well-known markets with relatively good approval process
  • Only install approved, well-known security apps
  • Be aware of the permissions granted to the app
  • Define a clear strategy on what to do if a device is lost or stolen

All of these and more should be addressed in your company's acceptable use policy (AUP) for mobile devices. For more information on creating an AUP, please download the Websense BYOD Acceptable Use Policy Kit

For more information on the Websense TRITON Mobile Security Solution, please check out this page.

Find the Correct Acceptable Use Policy Kit for Your Company

Websense has several sets of Acceptable Use Policy (AUP) kits available for download. These template kits are aimed at facilitating the fast development, deployment and enforcement of AUPs for companies.

There are several different AUP kits available:

Each kit includes easily customizable AUP templates, best practices documents, and email communication templates for communicating AUP with employees. Feel free to download any or all of these kits from our website to help you with the development of a clear Acceptable Use Policy.

What Java Exploit?

Java runs on over 3 billion devices including ATMs, vending machines and DVD players. Were you able to stay on top of the series of Java Exploits over the summer that leveraged vulnerabilities to attack PCs, Macs and even mobile devices? Websense provides two separate blogs to meet the different requirements of your organization to stay on top of recent security research findings, or simply general security industry activity. You can subscribe to RSS feeds, twitter alerts, and more to easily keep abreast of important changes in the security landscape. Take a more proactive security stance by monitoring threats, and taking advantage of expert tips on how you can tighten your defenses before you come under attack.

Customer Research

Win a Kindle Fire! Help Design New Features

Win a Kindle Fire! Help Design New FeaturesHelp design new features for Websense security solutions. Take a brief survey on Websense Security product features!

You might even win a Kindle Fire!

Take the survey



By taking this survey, you are agreeing to our Terms and Conditions.

White papers

Defending Against Today’s Targeted Phishing Attacks

“Is this email a phish or is it legitimate?” That’s the question that employees — and executives in particular — are asking with greater frequency. They’ve heard about how high profile organizations and even government agencies have fallen prey to attacks that stemmed from seemingly harmless emails. Has the door been left wide open?

Read this whitepaper to learn guidance on how to recognize advanced threats and protect yourself from them. Key topics include:

  • The evolution of phishing attacks
  • Why traditional defenses fail
  • Best practices to catch today’s phishing attacks

Download the whitepaper

Security Overview: Websense ACE

Those wishing to understand why no one stops more threats than Websense can do no better than begin with a review of the Websense® ACE (Advanced Classification Engine) technology. Our web, email, data, mobile, cloud and forensic security solutions all rely upon ACE to optimize their defensive capabilities.

Read more...

On-Demand Webcasts

A Proactive Approach to Modern Malware

Chief information security officers (CISOs) worldwide say that most of today's emerging threats can bypass anti-virus and intrusion prevention solutions and firewalls. Analysts are therefore recommending that IT departments assume a more proactive security stance. This can include integrating defenses, strengthening in-house IT capabilities and using appropriate outside resources.

In this on-demand webcast, learn how your IT department can become more proactive. Topics include:

  • Expanding inbound defenses to include outbound controls
  • How to enhance in-house IT security expertise
  • Using research-grade forensic tools such as Websense® ThreatScope

Watch now.

A Practical Guide to Defending Today's Targeted Phishing Attacks

Phish or no phish? That’s the question that employees—and executives in particular—have been asking themselves more frequently. They’ve heard about how high profile organizations and even government agencies have fallen prey to attacks that stemmed from seemingly harmless emails. Has the door been left wide open?

Hear some best practice principles and technology than can help your organization minimize the risk of compromise. Listen here or download the Practical Guide to Defending Against Today's Targeted Phishing Attacks whitepaper.

Analyst review

Gartner names Websense a Visionary in Secure Email Gateways

Gartner MQ report overview: This Gartner report focuses on secure email gateways (SEG) and acknowledges Websense as a visionary. According to the report:

"The secure email gateway market is mature. Buyers should focus on strategic vendors, data loss prevention capability encryption and better protection from targeted phishing attacks."

Download the report now.

Featured review

Is Your Organization Under Constant Attack?

More than two million online attacks per month have been detected trying to infiltrate the systems at large government departments (such as HHS).

See how the U.S. Department of Health and Human Services has accomplished this feat.

Latest News

10 New Defenses That Help Prevent Data Loss and Theft

Websense Wins Award For Work Through Distributors

CRN: Another Java Zero-Day Vulnerability Found

eSecurity Planet: Fake KLM E-mails Deliver Malware

Quick Links