April 2014 Issue of SCMagazine
This month's issue includes our cover story on the next steps in authentication, plus features on botnets, a mobile case study and our annual "Global Data Breach" survey to give insight on the state of information security.
Despite the bullishness around information security planning and budgeting seen in the results of our survey, we're still seeing breaches like those experienced by Target
This month's news briefs includ revelations at the RSA Conference 2014 in San Francisco, new malware, zero-day fixes and more security news.
In this month's debate, experts discuss whether whistleblower Edward Snowden should be granted amnesty.
This month's company news features a new CTO at McAfee, Bit9 merging with Carbon Black, and a partnership between Qualys and AlgoSec.
Threat of the month
This month's vulnerability is currently being exploited by a worm known as "TheMoon."
2 minutes on
Following the recent headline-making breaches at Target and Neiman Marcus, as well as the secrets exposed by Edward Snowden, the question is: Who cares?
Skills in Demand
Organizations are in search of qualified cloud security architects to assist with migrating the business to the cloud.
Me and my job
James Hill senior security architect, Consolidated Data Services (CDS), discusses his role at his organization.
Many CIOs are still unsure what role governance should play in their data archiving strategy.
Growth businesses are always looking for flexible ways of working that reduce capital and running costs, while securely delivering the data users need, when and ...
SIEMs today are powerful beasts and they are necessary - if not always sufficient - for the protection of your enterprise.
Watching highly publicized supply-chain disasters unfold, we shake our heads in disbelief - but what supply chain risks are you taking today that would be ...
Some advice from pros for keeping your infrastructure out of the snares of a botnet. Alan Earls reports.
"Smart identification" is just one strategy seeking to replace passwords, says Google's Eric Sachs. Karen Epper Hoffman reports.
With the addition of 15,000 mobile devices accessing its network, a medical center found assurance - and met compliance mandates, reports Greg Masters.
Will recent high-profile cyber attacks spur stronger security and improved risk management? The consensus from our data breach survey indicates: Yes, reports Teri Robinson.
Choosing the right allies to ensure security requirements is a challenge for businesses both large and small, reports James Hale.
Group Test 1
AlienVault’s Unified Security Management product is an excellent introductory SIEM appliance.
LOG Storm from BlackStratus combines log management and correlation systems with real-time monitoring and an integrated incident response system all on one easy-to-deploy and use ...
System administrators looking to extend their logging capabilities, or security professionals needing to gain deeper insights into their computing environments, might start their search with ...
SecureVue from EiQ Networks provides log gathering, correlation and analysis services for numerous operating systems, network and security devices, combining these services into a solid ...
This feature-rich tool is designed to meet the needs of organizations of all sizes. It hits all the marks for an enterprise SIEM.
HP’s ArcSight ESM is a mature product that collects events from virtually any source.
Combining SIEM, log management, file integrity monitoring and analytics with powerful forensic tools, LogRhythm v6.2 offers security professionals a powerful monitoring and auditing platform to ...
Enterprise Security Manager from McAfee is a truly enterprise-grade SIEM. Able to process thousands of events per second and store billions of events and flows, ...
NetIQ’s SIEM helps to quickly identify and respond to threats and to simplify management and compliance reporting. It delivers scalable log collection, aggregation, correlation, and ...
The SolarWinds Log & Event Manager (LEM) offers a quality set of log management, event correlation, search and reporting facilities.
X1 is an agentless SAP auditing tool that is able to map out entire SAP landscapes and display any insecure configurations on the individual elements ...
Recent breaches prompt a new emphasis on education and corporate culture, says Allegis Capital's Bob Ackerman.
SC Magazine Articles
- Yahoo breach; State-sponsored actors suspected, at least 500 million accounts affected
- Cybercriminals already able to hack ATM biometric readers
- 185M incidents bypassed perimeter defenses - report
- OVH suffers massive 1.1Tbps DDoS attack
- IoT assault, connected devices increasingly used for DDoS attacks
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- CEO sacked after aircraft company grounded by whaling attack
- DōTERRA breach exposes customer info; including SS, DOB, and addresses
- UPDATE: Petya ransomware leverages Dropbox and overwrites hard drives
- Some U.S. Bancorp workers' W-2 info exposed in ADP data breach
- End-of-support devices on networks weakening cyberdefenses, report
- Android.Lockerscreen using pseudorandom passcodes to ensure payouts
- FBI investigating hacked mobile phones of Democratic officials
- 70% of IDTMs want UK gov to do more so young people enter tech field
- 69% of office professionals in the UK hoard data