July 2011 Issue of SCMagazine
CISOs must concede they eventually will see their infrastructures compromised.
Hack of SecurID used in attack on Lockheed Martin, LulzSec, compromised the website of InfraGard, AV malware targeting Mac OS X, and other news.
Lockheed Martin partners with Carnegie Mellon to launch a cyber lab, Charlie Miller named principal research consultant at Accuvant, Chris Davis new director of malware ...
Threat of the month
Be on the lookout for new mobile malware that leverages trojan, bot and "logic bomb" tricks.
2 minutes on
In the complex world of cybersecurity, it often is difficult to know which threats pose the most risk.
Skills in Demand
An increased demand for revenue has elevated the security project manager (PM) to the top of the food chain.
Me and my job
I would improve communication regarding threats between corporations, law enforcement and other government agencies.
The federal breach notification law, proposed by President Obama, should replace existing state laws.
Strict financial and identity theft are only a portion of the attacks targeting websites today.
The term "APT" is now becoming synonymous with any form of cyberattack, distracting attention away from the real challenge.
Given that a misrepresentation of the facts during attestation could result in civil and criminal penalties, what does a health care executive need to feel ...
James Holderman, chief judge of the U.S. District Court in Chicago, is working to improve the e-discovery process for lawyers and IT teams at a ...
Federated identity, the process of authenticating someone across multiple IT systems and organizations, is taking on new meaning with the growth of cloud and mobile.
The prescriptive nature of the Payment Card Industry Data Security Standard, often referred to as PCI, can benefit even those companies not processing credit card ...
The modern-day security operations center isn't just focused on physical surveillance. Many organizations have built situation rooms specifically to protect data and respond to cyberthreats.
The sky is not really falling. Instead, there are solutions to the dilemmas we face, even as progress makes surety ever more challenging.
Group Test 1
The Bit9 Parity Suite 6 is an endpoint protection solution comprised of a client/server architecture that provides application whitelisting, device control, file integrity monitoring, registry ...
Check Point Endpoint Security and Data Protection is a modular-based, client/server endpoint architecture made up of various “software blades,” which provide various types of endpoint ...
DeviceLock Endpoint DLP is a data and device protection solution which controls access to local Windows devices and watches input/output channels for sensitive data flow.
GFI EndPoint Security is a small-footprint endpoint agent, which is used to tightly control access to endpoint devices.
Identity Finder DLP Suite is an endpoint software solution focused primarily on helping organizations manage data leakage across all endpoints.
The Lumension Endpoint Management and Security Suite (LEMSS) is an operational and security endpoint solution that uses a client/server architecture to protect client computers.
McAfee Total Protection for Endpoint – Enterprise Edition is a fully featured endpoint security product that can be deployed on numerous platforms, including Windows, Linux, ...
ZENworks Endpoint Security Management is a client/server endpoint solution that works off of Novell’s ZENworks Control Center platform (ZCC).
Quaresso’s Protect on Q (PoQ) is not a traditional endpoint product. It is a software solution that helps secure endpoint web-browsing sessions on the server ...
Sophos Endpoint Security and Data Protection is a multifaceted endpoint protection suite featuring malware protection, application control, device control, client firewall, data control, host intrusion ...
Group Test 2
IronKey Enterprise is a two-part USB flash drive management platform seamlessly rolled together.
Junos Pulse from Juniper Networks provides full-scale mobile device control and security on a wide array of smart devices.
The Kingston Data-Traveler 4000-M looks like any Kingston USB flash drive, but it has more underneath the hood than just any everyday USB key.
The Mobile Enterprise Compliance and Security (MECS) Server from Mobile Active Defense (MAD) is designed to be much like the BlackBerry Enterprise Server, but for ...
The folks over at Sophos have begun to creep into the mobile device security game and, for a first release, this product brings some solid ...
Trend Micro Mobile Security is an add-on for the much bigger OfficeScan Suite.
PrivateEye from Oculis Labs blurs the computer screen to unreadability when the authorized user is not in front of it, and notifies the user when ...
The internet is evolving to deliver individualized experiences, but at what cost to privacy, asks Forrester's Chenxi Wang.
SC Magazine Articles
- GCHQ infosec group disclosed kernel privilege exploit to Apple
- 77% of organisations unprepared for cyber-security incidents
- 117 million LinkedIn email credentials found for sale on the dark web
- Furtim malware can run AND it can hide
- Ubiquiti warns of worm using known exploit on outdated AirOS firmware
- Some U.S. Bancorp workers' W-2 info exposed in ADP data breach
- Spearphishing attack nets $495K from investment firm
- Updated: Gmail, Yahoo email credentials among millions found on the dark web
- Report: Ransomware feeds off poor endpoint security
- Organizations need formal vendor risk management programs, study
- 2.5K Twitter accounts hacked to spread links to adult content
- Study: Federal agencies still lack strong cyber hygiene practices
- Petya and Mischa - the Ransomware Twins (sort of)
- Bad guys update ransomware DMA Locker with version 4.0
- Lieu, Hurd urge colleagues to use encryption, improve cyber hygiene