March 2013 Issue of SCMagazine

March 2013 Issue of SCMagazine

Editorial

Just get on with it already

Offering up more general guidelines to strengthen the country's critical infrastructure security - as in the president's recent executive order - is all well and ...

Update

News briefs: NY Times and Twitter hacked, cyber security executive order, and more

Security incidents at the U.S. Department of Health and Human Services and Zaxby's Franchising, and more.

Company news: CipherCloud, Yahoo, and Twitter's company announcements

The latest acquisitions and personnel moves from the likes of CipherCloud, Yahoo, Marble Cloud, Twitter, and more.

Threat of the month

Threat of the month: Java zero-day

Java zero-days are the "threat of the month," a vulnerability that allows remote code execution via browsers.

2 minutes on

The influence of overseas reforms

The European Union is close to implementing an information protection law that will homogenize the responsibility of all of its 27 member states, which could ...

Skills in Demand

Skills in demand: Penetration testers

Adam Weissman, director of legal technology at The Glenmont Group, says a significant expansion of IT infrastructures has increased demand for experienced penetration testers.

Me and my job

Me and my job: Dominic Vogel IT security analyst

Dominic Vogel, IT security analyst at a financial institution in British Columbia, Canada, shares how he entered the information security field and the challenges he ...

Debate

Debate: The FTC should have the right to penalize companies for poor data security/privacy practices.

This month's featured debate informs whether the FTC should have the right to penalize companies for poor data security/privacy practices.

Opinion

New risks must be valued

IT trends - cloud, social networking and BYOD - are making the practice of security management complex, and are forcing organizations to shift to a ...

CSO's desk

Maximizing quality and reliability

Information security executives must work to "engineer" their organizations to be better, faster, cheaper - and more secure, says Rafael Diaz, CISO, state of Illinois.

Features

Book of the night

Our program profiling the winners and finalists of the 2013 SC Awards U.S., held Feb. 26 in San Francisco.

CSO of the Year: John South, Heartland Payment Systems

John South joined Heartland Payment Systems when it still was reeling from a devastating breach...and it's the best career decision he's ever made. Dan Kaplan ...

Preparing for the new norm: 2013 Guarding against a data breach survey

With almost daily advanced attacks, organizations of all sizes must be at the ready, according to respondents to this year's "Guarding Against a Data Breach" ...

Losing control: Critical infrastructure

Industrial control systems remain troublingly vulnerable to both internal error and outside intruders, reports Danielle Walker.

Last Word

Before you take the plunge...

Prior to a job switch, ask questions to learn if the company you are considering is in good shape, says former Yahoo CISO Justin Somaini.

Product opener

UTMs becoming universal

The UTM started out as an evolution from multipurpose devices some years back, but has now morphed into a well-defined product that has morphed again ...

Group Test 1

Unified threat managers (UTM)

How unified is "unified"? Judging by this year's crop of unified threat managers under review, pretty doggone unified, says Peter Stephenson.

Check Point Threat Prevention Appliance

The Threat Prevention Appliance from Check Point provides full-scale threat protection at the perimeter, as well as incorporating with endpoint security applications to provide a ...

Cyberoam Technologies CR2500iNG

The CR2500iNG unified threat management appliance from Cyberoam offers a multitude of security and threat prevention features for the network perimeter.

Dell SonicWALL NSA E8510

The NSA E8510 from Dell SonicWALL is a monster security appliance designed for the large enterprise environment.

eSoft InstaGate 604

This product offers a stateful firewall with deep packet inspection capabilities, proxy-based scanning, real-time threat monitoring, scanning of both web and email for worms and ...

Fortinet FortiGate-60C POE

This product can protect the perimeter of the network with a firewall, intrusion prevention system and IPsec and SSL VPN.

gateprotect GPZ5000

This product features a full firewall with intrusion detection and prevention system; anti-malware at the gateway, including protection from viruses, worms and spyware; spam protection; ...

Kerio Technologies Kerio Control v7.4

Kerio Control provides a clear, snappy interface for administration.

NETGEAR ProSecure UTM25S

Unified threat management solutions shouldn’t be limited to large corporations with unlimited budgets. NETGEAR agrees, and offers their ProSecure UTM25S at a price point that ...

Sophos UTM 220

Targeting small to midsized offices with up to 150 users, it combines standard UTM offerings with a few features we didn't expect, making this product ...

VASCO Data Security aXsGUARD Gatekeeper

Administrators of smaller environments on a fixed budget could do very well by the aXsGUARD Gatekeeper by VASCO Data Security. While a little more complicated ...

WatchGuard XTM 830

WatchGuard XTM 830, though somewhat pricey, provides an excellent enterprise-grade perimeter defense against viruses, spam and other unwelcome traffic.

Wedge Networks 1005G AntiMalware Gateway

The Wedge Networks 1005G looks good on paper, but in reality is a little disappointing. While the initial setup was easy enough, ease-of-use issues and ...

Group Test 2

Emerging products: Virtual system security

Don't presume the vShield will protect you. That actually is not the case, says Peter Stephenson.

Reflex VMC (Virtualization Management Center)

VMC takes advantage of the nature of a virtual data center.

Bitdefender GravityZone

GravityZone lets users bounce between various computing environments: physical, virtualized and mobile.

McAfee MOVE Anti Virus

McAfee has successfully brought together the application of a centralized policy engine – ePO – with its anti-malware capability in the physical world.

Symantec Critical System Protection (CSP)

One might characterize CSP as a security wrapper for mission-critical environments.

Sign up to our newsletters

POLL