July 2011 Issue of SCMagazine

July 2011 Issue of SCMagazine

July 2011


You might be next: Data breaches

CISOs must concede they eventually will see their infrastructures compromised.


News briefs: RSA to replace SecurID tokens, LulzSec goes on rampage

Hack of SecurID used in attack on Lockheed Martin, LulzSec, compromised the website of InfraGard, AV malware targeting Mac OS X, and other news.

Company news: Apple bug hunter switches jobs

Lockheed Martin partners with Carnegie Mellon to launch a cyber lab, Charlie Miller named principal research consultant at Accuvant, Chris Davis new director of malware ...

Threat of the month

Threat of the month: AndroidOS/Smspacem

Be on the lookout for new mobile malware that leverages trojan, bot and "logic bomb" tricks.

2 minutes on

Indexing risk perception

In the complex world of cybersecurity, it often is difficult to know which threats pose the most risk.

Skills in Demand

Skills in demand: security project manager

An increased demand for revenue has elevated the security project manager (PM) to the top of the food chain.

Me and my job

Me and my job: Peter Morin

I would improve communication regarding threats between corporations, law enforcement and other government agencies.


Debate: A federal breach notification law should replace existing state laws.

The federal breach notification law, proposed by President Obama, should replace existing state laws.


Real-world web abuse: Identity theft

Strict financial and identity theft are only a portion of the attacks targeting websites today.

Is APT the new FUD?

The term "APT" is now becoming synonymous with any form of cyberattack, distracting attention away from the real challenge.

CSO's desk

Signing on the dotted line of HIPAA

Given that a misrepresentation of the facts during attestation could result in civil and criminal penalties, what does a health care executive need to feel ...


Justice for all: Reforming e-discovery

James Holderman, chief judge of the U.S. District Court in Chicago, is working to improve the e-discovery process for lawyers and IT teams at a ...

Federation 2.0: An identity ecosystem

Federated identity, the process of authenticating someone across multiple IT systems and organizations, is taking on new meaning with the growth of cloud and mobile.

Something borrowed: Benefits of PCI

The prescriptive nature of the Payment Card Industry Data Security Standard, often referred to as PCI, can benefit even those companies not processing credit card ...

Streamlining defenses: The new SOC

The modern-day security operations center isn't just focused on physical surveillance. Many organizations have built situation rooms specifically to protect data and respond to cyberthreats.

Product opener

Endpoints, endpoints... everywhere

The sky is not really falling. Instead, there are solutions to the dilemmas we face, even as progress makes surety ever more challenging.

Group Test 1

Bit9 Parity Suite 6

The Bit9 Parity Suite 6 is an endpoint protection solution comprised of a client/server architecture that provides application whitelisting, device control, file integrity monitoring, registry ...

Check Point Endpoint Security R80

Check Point Endpoint Security and Data Protection is a modular-based, client/server endpoint architecture made up of various “software blades,” which provide various types of endpoint ...

DeviceLock Endpoint DLP Suite 7.0

DeviceLock Endpoint DLP is a data and device protection solution which controls access to local Windows devices and watches input/output channels for sensitive data flow.

GFI EndPoint Security 4.3

GFI EndPoint Security is a small-footprint endpoint agent, which is used to tightly control access to endpoint devices.

Identity Finder DLP Suite 5

Identity Finder DLP Suite is an endpoint software solution focused primarily on helping organizations manage data leakage across all endpoints.

Lumension Endpoint Management and Security Suite 7.1

The Lumension Endpoint Management and Security Suite (LEMSS) is an operational and security endpoint solution that uses a client/server architecture to protect client computers.

McAfee Total Protection for Endpoint – Enterprise Edition

McAfee Total Protection for Endpoint – Enterprise Edition is a fully featured endpoint security product that can be deployed on numerous platforms, including Windows, Linux, ...

Novell ZENworks Endpoint Security Management 11

ZENworks Endpoint Security Management is a client/server endpoint solution that works off of Novell’s ZENworks Control Center platform (ZCC).

Quaresso Protect on Q v2.4

Quaresso’s Protect on Q (PoQ) is not a traditional endpoint product. It is a software solution that helps secure endpoint web-browsing sessions on the server ...

Sophos Endpoint Security and Data Protection 9.7

Sophos Endpoint Security and Data Protection is a multifaceted endpoint protection suite featuring malware protection, application control, device control, client firewall, data control, host intrusion ...

Group Test 2

IronKey Enterprise

IronKey Enterprise is a two-part USB flash drive management platform seamlessly rolled together.

Juniper Networks Junos Pulse Mobile Security Suite

Junos Pulse from Juniper Networks provides full-scale mobile device control and security on a wide array of smart devices.

Kingston/BlockMaster DataTraveler 4000-M

The Kingston Data-Traveler 4000-M looks like any Kingston USB flash drive, but it has more underneath the hood than just any everyday USB key.

Mobile Active Defense MECS Server Solution

The Mobile Enterprise Compliance and Security (MECS) Server from Mobile Active Defense (MAD) is designed to be much like the BlackBerry Enterprise Server, but for ...

Sophos Mobile Control

The folks over at Sophos have begun to creep into the mobile device security game and, for a first release, this product brings some solid ...

Trend Micro Mobile Security

Trend Micro Mobile Security is an add-on for the much bigger OfficeScan Suite.

First Look

Keeping an eye on the prize: PrivateEye from Oculis Labs

PrivateEye from Oculis Labs blurs the computer screen to unreadability when the authorized user is not in front of it, and notifies the user when ...

Last Word

Will mobile kill user privacy?

The internet is evolving to deliver individualized experiences, but at what cost to privacy, asks Forrester's Chenxi Wang.


Sign up to our newsletters