June 2014 Issue of SCMagazine
Our June issue features in-depth articles on affecting the C-suite, new HIPAA regulations, government standards, as well as a special section on education in the security space.
This month's news briefs cover the Heartbleed bug, a Microsoft fix for IE, and more.
From new hires and acquisitions to securing millions in equity financing, this month's company news features a collection of industry moves.
Threat of the month
Security professionals should be aware of network deperimeterization, which decreases the usefulness of network edge security devices and increases the potential for device infection and ...
2 minutes on
In the wake of recent headline-grabbing breaches at retail chains, arguments quickly arose regarding what could be done in terms of prevention.
Skills in Demand
As global organizations work to stay ahead of cyber attacks, they require information security analysts to help steer them through risk assessment, vulnerability assessment and ...
Me and my job
It was while working with an elite group of cyber forces in the military that Col. (Retired) Barry Hensley realized the severity of security issues ...
While distributed denial-of-service attacks continue to plague organizations around the world, in this month's debate experts discuss whether they should be a top of mind ...
To provide assurance against counterfeit or tainted ICT products, solutions and services as well as end-to-end security practices should be addressed.
Those who occupy the C-suite all bow to one corporate god: Reputation, says Blackstone CISO Jay Leek. James Hale reports.
Adherence to HIPAA, the national law that aims to protect patient information, is about to get trickier, reports Alan Earls.
New government standards promise to address risk and improve online security for critical infrastructure, reports Karen Epper Hoffman.
This month, our Technology Editor Peter Stephenson looks at risk and policy management.
Group Test 1
STREAM Integrated Risk Manager v3.1 from Acuity Risk Management is a risk-driven, compliance-monitoring and reporting solution that can log, track, remediate and report against multiple ...
Agiliance RiskVision v7.0 provides a holistic view of security and compliance in one integrated enterprise platform that enables companies to move from a reactive threat-driven ...
The AlgoSec Security Management Suite is an appliance-based policy management toolset for analyzing routing tables, hit counters, log files and topology information from various firewalls, ...
Allgress Insight and Risk Manager v5 helps companies aggregate data from security and compliance assessments and technical inputs and turn it into meaningful, actionable risk ...
Brinqa Risk Analytics is an IT risk management and vulnerability risk management platform that provides a consolidated view of an organization’s risk factors. Handles Big ...
Citicus ONE is an integrated system for organizations to automate their IT governance, risk and compliance management processes.
Aegify from eGestalt Technologies is a subscription-based, cloud-delivered software-as-a-service (SaaS) solution for IT security monitoring and compliance management, vulnerability analysis and risk management.
The FireMon Security Intelligence Platform consists of a central security manager appliance fed via data collectors spread throughout the network.
ToPS for Compliance and ePolicy Orchestrator (ePO) software is an extensible management platform that enables centralized policy management and enforcement of security products and the ...
Modulo Risk Manager automates GRC processes, integrating different areas and activities and allowing for centralized reporting.
Change Tracker Enterprise from New Net Technologies enables organizations to bring their existing environment into a state of policy compliance and then continually monitor and ...
Netwrix Auditor for Active Directory is a small piece of the much larger Netwrix Auditor Suite, which provides change and configuration auditing across a vast ...
Promisec Endpoint Manager offers full agentless management and auditing of the many client computers on the enterprise network.
The RSA Archer GRC Platform 5.4 SP1 provides an organization with a consolidated view of its risk.
Rsam GRC v8.2 is a platform for risk management and security risk intelligence enabling organizations to perform risk assessments, manage compliance, threats and vulnerabilities, policies, ...
Skybox Risk Control is part of Skybox View, a complete portfolio of proactive security risk management solutions that automatically find, prioritize risks and drive remediation ...
TrustedAgent GRC v5.0.4 is an IT risk and governance tool modeled after the NIST 800-37 risk management framework – with two added steps that include ...
Network Configuration Manager from SolarWinds is a powerful tool for managing policy compliance across many network devices including routers, switches and firewalls.
Nipper Studio from Titania is a newcomer this year to our policy management review.
Tripwire Enterprise is a full-scale configuration management product that allows administrators to create master “known and trusted” configuration states for many types of systems and ...
The Tufin Orchestration Suite feature three modules for managing security and compliance policies on network devices, such as routers, switches and firewalls.
Application Control from Viewfinity offers full-scale application policy that can be deployed right from a group policy within Active Directory.
Group Test 2
By proxying all users to a site via a secure content delivery system most, if not all, of the risks are virtually eliminated by this ...
nCryptedCloud adds a layer of encryption between the user and the storage provider.
This service forces users through the cloud instead of via direct access to an organization’s internet portal.
Chip technology can prevent criminals from producing counterfeit credit cards.
SC Magazine Articles
- GCHQ infosec group disclosed kernel privilege exploit to Apple
- Adobe Flash remains threat as users fail to update, researchers
- Russian bank app changes password when users attempt removal
- Update: 117 million LinkedIn email credentials found for sale on the dark web
- 2.5K Twitter accounts hacked to spread links to adult content
- Some U.S. Bancorp workers' W-2 info exposed in ADP data breach
- Spearphishing attack nets $495K from investment firm
- Updated: Gmail, Yahoo email credentials among millions found on the dark web
- Adobe Flash remains threat as users fail to update, researchers
- Organizations need formal vendor risk management programs, study
- The Southeast Eye Institute patient information compromised
- Microsoft warns of new, self-propagating ransomware in the wild
- Email error leaks hundreds of Northern Ireland prison officer details
- Knock Knock! Unique new backdoor Trojan infecting computers
- CEO sacked after aircraft company grounded by whaling attack