June 2014 Issue of SCMagazine
Our June issue features in-depth articles on affecting the C-suite, new HIPAA regulations, government standards, as well as a special section on education in the security space.
This month's news briefs cover the Heartbleed bug, a Microsoft fix for IE, and more.
From new hires and acquisitions to securing millions in equity financing, this month's company news features a collection of industry moves.
Threat of the month
Security professionals should be aware of network deperimeterization, which decreases the usefulness of network edge security devices and increases the potential for device infection and ...
2 minutes on
In the wake of recent headline-grabbing breaches at retail chains, arguments quickly arose regarding what could be done in terms of prevention.
Skills in Demand
As global organizations work to stay ahead of cyber attacks, they require information security analysts to help steer them through risk assessment, vulnerability assessment and ...
Me and my job
It was while working with an elite group of cyber forces in the military that Col. (Retired) Barry Hensley realized the severity of security issues ...
While distributed denial-of-service attacks continue to plague organizations around the world, in this month's debate experts discuss whether they should be a top of mind ...
To provide assurance against counterfeit or tainted ICT products, solutions and services as well as end-to-end security practices should be addressed.
Those who occupy the C-suite all bow to one corporate god: Reputation, says Blackstone CISO Jay Leek. James Hale reports.
Adherence to HIPAA, the national law that aims to protect patient information, is about to get trickier, reports Alan Earls.
New government standards promise to address risk and improve online security for critical infrastructure, reports Karen Epper Hoffman.
This month, our Technology Editor Peter Stephenson looks at risk and policy management.
Group Test 1
STREAM Integrated Risk Manager v3.1 from Acuity Risk Management is a risk-driven, compliance-monitoring and reporting solution that can log, track, remediate and report against multiple ...
Agiliance RiskVision v7.0 provides a holistic view of security and compliance in one integrated enterprise platform that enables companies to move from a reactive threat-driven ...
The AlgoSec Security Management Suite is an appliance-based policy management toolset for analyzing routing tables, hit counters, log files and topology information from various firewalls, ...
Allgress Insight and Risk Manager v5 helps companies aggregate data from security and compliance assessments and technical inputs and turn it into meaningful, actionable risk ...
Brinqa Risk Analytics is an IT risk management and vulnerability risk management platform that provides a consolidated view of an organization’s risk factors. Handles Big ...
Citicus ONE is an integrated system for organizations to automate their IT governance, risk and compliance management processes.
Aegify from eGestalt Technologies is a subscription-based, cloud-delivered software-as-a-service (SaaS) solution for IT security monitoring and compliance management, vulnerability analysis and risk management.
The FireMon Security Intelligence Platform consists of a central security manager appliance fed via data collectors spread throughout the network.
ToPS for Compliance and ePolicy Orchestrator (ePO) software is an extensible management platform that enables centralized policy management and enforcement of security products and the ...
Modulo Risk Manager automates GRC processes, integrating different areas and activities and allowing for centralized reporting.
Change Tracker Enterprise from New Net Technologies enables organizations to bring their existing environment into a state of policy compliance and then continually monitor and ...
Netwrix Auditor for Active Directory is a small piece of the much larger Netwrix Auditor Suite, which provides change and configuration auditing across a vast ...
Promisec Endpoint Manager offers full agentless management and auditing of the many client computers on the enterprise network.
The RSA Archer GRC Platform 5.4 SP1 provides an organization with a consolidated view of its risk.
Rsam GRC v8.2 is a platform for risk management and security risk intelligence enabling organizations to perform risk assessments, manage compliance, threats and vulnerabilities, policies, ...
Skybox Risk Control is part of Skybox View, a complete portfolio of proactive security risk management solutions that automatically find, prioritize risks and drive remediation ...
TrustedAgent GRC v5.0.4 is an IT risk and governance tool modeled after the NIST 800-37 risk management framework – with two added steps that include ...
Network Configuration Manager from SolarWinds is a powerful tool for managing policy compliance across many network devices including routers, switches and firewalls.
Nipper Studio from Titania is a newcomer this year to our policy management review.
Tripwire Enterprise is a full-scale configuration management product that allows administrators to create master “known and trusted” configuration states for many types of systems and ...
The Tufin Orchestration Suite feature three modules for managing security and compliance policies on network devices, such as routers, switches and firewalls.
Application Control from Viewfinity offers full-scale application policy that can be deployed right from a group policy within Active Directory.
Group Test 2
By proxying all users to a site via a secure content delivery system most, if not all, of the risks are virtually eliminated by this ...
nCryptedCloud adds a layer of encryption between the user and the storage provider.
This service forces users through the cloud instead of via direct access to an organization’s internet portal.
Chip technology can prevent criminals from producing counterfeit credit cards.
SC Magazine Articles
- Yahoo breach; State-sponsored actors suspected, at least 500 million accounts affected
- Education sector bullied by ransomware and can barely defend itself, report
- DetoxCrypto ransomware imitates Malwarebytes software
- Cisco warns of exploitation of new flaws linked to Shadow Brokers exploits
- Hackers crack Tesla CAN Bus, DoT issues policy for securing connected car
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Hard Rock Hotel & Casino Las Vegas hit with POS breach
- X-ray and MRI machines among devices used as springboards for data breach attacks
- Hacker purportedly selling over 650,000 stolen medical records on dark web marketplace
- Wi-Fi warning! Study finds U.S. unaware of public Wi-fi risks
- OpenSSL patches 14 vulns, including high-severity flaw that can be exploited for DoS attacks
- IoT assault, connected devices increasingly used for DDoS attacks
- Cybercriminals already able to hack ATM biometric readers
- Cities planning transparency laws for police surveillance tech
- Malicious apps leveraging top UK brands has increased by 130%