June 2011 Issue of SCMagazine

June 2011 Issue of SCMagazine

0611 cover

Editorial

Finding a cure for breach fatigue

There probably always will be some indifference to breach notifications, but I'd like to hope that today's average, technology-reliant consumer isn't blissfully trusting that businesses ...

Update

News briefs: Sony, FBI, privacy concerns, Amazon

News briefs from the past month regarding Sony, the FBI, privacy concerns, Amazon and other breaking stories.

Company news: New hires at Zscaler, ICANN, eCert; Diebold, CynergisTek partner

Zscaler appointed Lane Bess chief operating officer, Jeff Moss appointed CSO of the Internet Corp. for Assigned Names and Numbers (ICANN), and more personnel announcements ...

Threat of the month

Threat of the month: PlayStation breach

The Sony PlayStation Network/Qriocity service breach of 77 million records contained a twist that makes it dangerous.

2 minutes on

No harm, no foul? We'll see.

In a potentially precedent-setting court ruling, a federal judge declined to dismiss a lawsuit filed against RockYou over a breach that exposed millions of user ...

Skills in Demand

A need for risk managers with specific skills in business continuity planning and disaster recovery.

A need for risk managers with specific skills in business continuity planning and disaster recovery.

Me and my job

Ashwin Altekar security risk manager, Heartland Payment Systems

Ashwin Altekar, security risk manager at Heartland Payment Systems, says he must first understand the level of risk that technologies create for customers, and then ...

Debate

Debate: The U.S. government was justified to take control of Coreflood bot servers.

The U.S. government was justified to take control of Coreflood bot servers.

Opinion

Make the provider responsible

Using third-party cloud services, enterprises can quickly and affordably increase and decrease service or compute power at will.

Enterprise mobility: Level red

The explosion of internet-connected mobile devices, combined with the rapid move to cloud-based IT infrastructure and applications, is a security headache of epic proportions for ...

CSO's desk

A new era for risk management

The ability to ascertain the risk tolerance of the business gives us a benchmark to hit as opposed to just "guessing" and then getting political ...

DataBank: ThreatReport

DataBank Threat Report: Mapping cybercriminal activity across the world

Cybercriminal activity across the globe, plus a roundup of security-related news.

Features

Safety in the cloud: Cloud-based services

With more organizations hesitant to entrust their sensitive data to the cloud and a handful of high-profile breaches, providers are augmenting their protections capabilities.

The new frontier: Advancing education and innovation

A new nonprofit, with roots at the Kennedy Space Center, isn't concerned about shuttle launches and landings, but wants to be the facilitator for the ...

Power of many: Government and private sector alliance

Despite the fact that reports often stress the need for robust government and industry partnerships, they've been slow to take shape. What has held back ...

Eliminating trust: The zero-trust model

The so-called "zero-trust" model - making security ubiquitous throughout the network and not just at the perimeter - offers a fresh way of thinking about ...

Last Word

Discover your data to protect it

Data discovery is a fundamental factor in risk mitigation, says PixAlert CEO Gerard Curtin.

Product opener

Managing becomes more complex

The risk environment is becoming more complicated as time goes on and criminals become more and more sophisticated.

Letters

Letters: From the online mailbag

Letters from our readers responding to news and opinion items on our website and feature stories and other items in our print magazine.

Group Test 1

AlgoSec Security Management Suite

The AlgoSec Security Management Suite offers a two-piece firewall compliance and management product.

IBM Tivoli Endpoint Manager

This product features some very powerful functionality when it comes to policy and endpoint management.

New Net Technologies Change Tracker Enterprise

Change Tracker Enterprise from New Net Technologies (NNT) offers full compliance and configuration for pretty much anything that is connected to the network, including workstations, ...

Promisec INNERspace

INNERspace from Promisec provides full endpoint policy management in the large enterprise.

Tripwire Enterprise

With Tripwire Enterprise, administrators can easily manage many compliance standards.

Tufin Technologies Security Suite

The Security Suite from Tufin Technologies provides a two-piece approach to managing network device policy and auditing.

Agiliance RiskVision v6.0

A purpose-built GRC solution that brings together threat and vulnerability data, security configuration data, compliance requirements and risk assessments.

eGestalt Technologies SecureGRC

SecureGRC is a cloud-based, software-as-a-service (SaaS) enterprise application that provides security and regulatory compliance management.

Lightwave Security SecureAware v4.0.8

Lightwave Security’s Secure-Aware is a risk and compliance management and reporting platform supporting industry-standard frameworks, such as ISO 2700x, PCI DSS and COBIT 4.1.

Group Test 2

MetricStream Risk Management Solution v6.0

MetricStream Risk Management Solution v6.0 enables organizations to identify, assess, quantify, monitor and manage their enterprise’s operational and IT risks.

Modulo Risk Manager v7.2

Modulo Risk Manager v7.2 provides an easy-to-use, flexible, comprehensive risk management solution to automate the process of identifying, analyzing, evaluating and treating risks across the ...

RedSeal Systems Network Advisor & Vulnerability Advisor v4.2

RedSeal Systems develops security posture management solutions that allow organizations to assess and strengthen their cyberdefenses to quickly adapt to ever-changing threats and business conditions.

Network Advisor & Vulnerability Advisor v4.2

RedSeal Systems develops security posture management solutions that allow organizations to assess and strengthen their cyberdefenses to quickly adapt to ever-changing threats and business conditions.

Rsam v 7.2

Rsam Framework and Rsam Risk & Compliance Management Module is designed to effectively identify, assess, manage and mitigate risks, while providing enterprise-wide visibility, oversight and ...

Skybox Risk Control & Network Assurance v5.5

Skybox Security provides a portfolio of automated tools. Skybox Risk Control and Skybox Network Assurance v5.5 can be used separately or together to help organizations ...

McAfee Total Protection (ToPS) for Compliance v7.0

McAfee’s ToPS for Compliance proactively correlates threats with system state data, such as vulnerability, patch level, configuration and application information.

First Look

How much do you trust your public cloud provider?

What, in terms of security, should you expect from your cloud provider?

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US