June 2013 Issue of SCMagazine

June 2013 Issue of SCMagazine

This month's issue includes insightful features on digital natives, user education in the workplace, and more.


Privacy, please

If only privacy was the hottest thing since the 1990s-era Sega Game Gear, we'd all be in much better shape.


News briefs: CISPA passed by the house, Twitter breaches, and more

The latest security news, including breaches at Twitter and LivingSocial, and reports from Verizon and the Department of Defense.

Company news: Damballa's new CTO and Trustwave acquires SecureConnect

June's company news features a collaboration between the Cloud Security Alliance and (ISC)², Damballa's new CTO, and McAfee's new vice president of market insight and ...

Me and my job: Nick Hetrick, senior IS security operations analyst, WellSpan Health

Nick Hetrick, senior IS security operations analyst, WellSpan Health, discusses his latest projects, what motivates him and how he entered the field.

Threat of the month

Threat of the month: Java exploit

This month's "threat of the month" features a Java exploit that affects versions 7 Update 17 and prior.

2 minutes on

2 minutes on: Swatting the "swatters"

A recent wave of a vicious prank known as "swatting," in which mischief-makers call 9-1-1 and use special equipment to make it appear as if ...

Skills in Demand

Cloud security managers are in demand

Companies are increasingly incorporating cloud technologies to enhance business in the global market. This has increased demand for cloud security engineers to manage the advanced ...


Debate: Software developers are not incentivized to improve security

Experts from SilverSky and Adobe Systems debate on whether or not software developers are incentivized to improve security.


Back to basics: Advanced threats

Advanced threats push companies and individuals between the proverbial rock and a hard place.

Storage is risky on mobile devices

The biggest risk of mobile computing continues to be unauthorized physical access to the device as a result of loss or theft, but threats of ...

CSO's desk

A case study in curbing phishing

FedEx realizes its customers play an integral role in protecting themselves and helping secure cyber space, and the company attempts to do all it can ...


Fountain of youth: The impact of digital natives

Tech-savvy Generation Y workers can be an advantage in the enterprise, says James Beeson, CISO at GE Capital Americas. Marcos Colón reports.

Model behavior: User education in the workplace

Informing employees about best practices is still crucial to an enterprise security plan, reports Alan Earls.

Product opener

Risk and reward: Policy management tools

This month's products - and there are a slew of them - watch policy, make sure that you know what needs to be changed and ...

Group Test 1

Agiliance RiskVision v6.5 SP1

The Agiliance RiskVision platform manages enterprise risk by making it visible, actionable and measurable across business units, IT operations and security management in near real ...

AlgoSec Security Management Suite v6.4

The AlgoSec Security Management Suite is comprised of three parts: the FireWall Analyzer, FireFlow and BusinessFlow.

Allgress Insight and Risk Manager v4.1

Allgress Business Risk Intelligence helps companies quickly and automatically aggregate data from security and compliance assessments and technical inputs, and turn this into meaningful, actionable, ...

Aruvio GRC v2.2

The Aruvio GRC suite is a complete set of governance, risk, and compliance (GRC) applications, including controls, compliance, vendor risk, enterprise risk, incident management, and ...

Citicus ONE vR.35

Citicus ONE is an integrated system for organizations to automate their IT governance, risk and compliance management processes.

Lumension Risk Manager v4.4

Lumension Risk Manager (LRM) is a compliance and risk management solution that provides a framework for streamlining compliance management and assessing business risk.

ManageEngine DeviceExpert v5.9

DeviceExpert from ManageEngine provides a comprehensive approach to network configuration and change and compliance management.

Modulo Risk Manager v8.1

Modulo Risk Manager is a single, fully integrated platform for organizations to automate and unify their IT governance, risk and compliance (GRC) processes.

NetIQ Secure Configuration Manager v5.9

Secure Configuration Manager from NetIQ provides a feature-rich platform for monitoring and ensuring policy compliance throughout the network environment.

New Net Technologies Change Tracker Enterprise

Change Tracker Enterprise from New Net Technologies offers full change and policy compliance management and monitoring.

Promisec Endpoint Manager

Promisec Endpoint Manager is a full-scale policy and endpoint management platform that allows administrators to inspect, monitor and enforce configuration and compliance policy across the ...

RedSeal 6 Platform v6.6

RedSeal 6 Platform is a risk-based IT security management platform that enables organizations to identify, prioritize and respond to critical points of weakness in complex ...

RSA Archer GRC Platform 5.3 SP1

RSA Archer’s Risk Manager is part of an enterprise GRC product portfolio sold and licensed as modules: audit, policy, risk, compliance, enterprise, incident, vendor, threat ...

Rsam GRC v8

Rsam GRC v8 is a platform for risk management and security risk intelligence enabling organizations to perform risk assessments, manage compliance, threats and vulnerabilities, policies, ...

Skybox View Enterprise Suite v6.5

Skybox View Enterprise Suite v6.5 is a complete portfolio of proactive security risk management solutions that automatically find and prioritize risks and drive remediation.

SolarWinds Patch Manager and Firewall Security Manager

Patch Manager and Firewall Security Manager from SolarWinds are two products that can be used together by administrators and security professionals to achieve a full ...

Symantec Control Compliance Suite v11

Symantec Control Compliance Suite (CCS) automates key IT risk and compliance management tasks.

Tufin Security Suite R 13-1

Tufin Security Suite is back again this year and, just as in years past, it has some great new features onboard.

Group Test 2

Emerging products: Cloud security

The cloud is the extension of the virtual world, which is going to, you guessed it, replace our expensive, bloated physical data centers.

CipherCloud for Office 365

Office 365 is a cloud-based version of Microsoft Office that adds a few additional features making it an attractive option, especially for small to midsized ...


Symplified addresses access management to cloud applications.

CloudLock Information Security Suite for Google Apps

CloudLock provides data privacy, governance and management, as well as account protection and external application management and governance.

Total Defense for Business

Total Defense provides end-to-end security delivered from the cloud, including unified web, endpoint and email security, giving the same level of security as in the ...

Zscaler Security Cloud

Zscaler is a comprehensive suite of security services delivered from the cloud.

Last Word

App developers and privacy practices: Preach what you practice

Now is the time to prepare and post a privacy policy in a conspicuous place, says Stephen Wu.


Sign up to our newsletters