March 2014 Issue of SCMagazine
This month's issue includes our selection of CSO of the Year, plus features on zero-day vulnerabilities, DDoS attacks, SMBs facing cyber challenges, and contributed articles that give insight on the state of information security.
In the aftermath of the Target breach, there is a huge need for all the people who are engaging with technology to understand more about ...
Breaches at Target and other major retailers as well as Coca-Cola, Android mobile devices infected with malware, and other news.
This month's company news includes new hires at Rapid7 and Vaultive, as well as Palo Alto Networks acquiring security firm in Silicon Valley.
Threat of the month
For March's threat of the month, Secunia's Kasper Lindgaard believes Java vulnerabilities should be at the top of everyone's radar.
2 minutes on
After breaches of major retailers, the discussion regarding a potential federal breach notification law was brought back to the forefront among government leaders.
Skills in Demand
Recent breaches have highlighted the need for talented technologists with the ability to assess vulnerabilities long before they are under attack.
Me and my job
John Gibson discusses the challenges and rewards of his security role at tTech Ltd. as the senior IT security officer.
In this month's debate, experts discuss the possible issues that the Internet of Things presents for the industry.
It's time to admit that the bad guys can always make a first move, says Damballa's Manos Antonakakis.
We've all been breached, but there are steps we can take to evolve the system, says security strategist Dan Srebnick.
Has mobile malware changed through time as dramatically as the headlines might imply?
Cloud computing is becoming a reality that will need to be addressed by every security department.
The needs of the organizations we protect are complex and the response required due to the criticality of the services we provide tends to put ...
The entire organization needs to support security initiatives, says Forrest Smith, CISO, Nissan Americas.
A spate of recent DDoS attacks forced banks to change their threat response - and that's a good thing, reports Teri Robinson.
Small and midsized businesses are not exempt from cyber attack, reports James Hale.
Organizations are struggling with how to more quickly account for and guard against zero-day vulnerabilities, reports Karen Epper Hoffman.
Connection issues prompted an educational service in Illinois to find a solution to speed distribution of teaching materials. Greg Masters reports.
A few years back, I boldly predicted that UTMs would merge into a single product type with gateways and SIEMs. Boy, did I get that ...
Group Test 1
The Threat Prevention Appliance from Check Point Technologies provides a solid security platform that can be customized with the addition of several software blades.
The CR200iNG-XP from Cyberoam Technologies offers full-scale, best-of-breed protection including an intrusion prevention system, gateway anti-virus, spam prevention at the gateway, web content filtering and ...
The NSA 4600 from Dell SonicWALL incorporates next-generation firewall technology combined with a multi-core hardware platform to provide robust protection at the perimeter of even ...
The FortiGate-140D-POE from Fortinet offers a built-in firewall, intrusion prevention system, application control, web and email filtering and anti-virus in one solid appliance.
The Protector UTM appliance from SecPoint offers a full set of features packed into a single device.
This product provides a complete secure remote access platform that incorporates many perimeter security functions.
The XTM 545 from WatchGuard provides an excellent mix of best-of-breed functions and an easy-to-manage platform for robust perimeter security.
Group Test 2
Take a security server in your virtual environment, add tools on each of the virtual servers you want to protect, throw in a control center ...
This is the only virtual security product of its type exclusive to Microsoft Hyper-V.
This is a security automation product for use in a VMware environment.
Virtual management for virtual environments.
Secures servers with software-based attestation, full-memory encryption and OS hardening, providing a foundation for trusted computing.
CIRT from AccessData Group is a full lifecycle forensic tool - from detecting to analyzing to remediating - and it's all in a single package.
SC Magazine Articles
- Was Spotify breached? Account info shows up on Pastebin
- Report: Ransomware feeds off poor endpoint security
- Researcher finds backdoor that accessed Facebook employee passwords
- Over 7M Minecraft mobile credentials exposed after Lifeboat data breach
- DōTERRA breach exposes customer info; including SS, DOB, and addresses
- UPDATE: Petya ransomware leverages Dropbox and overwrites hard drives
- Federal court bucks trend, rules general liability insurance covers data breach
- The anatomy of a spearphishing scam, or how to steal $100M with a fake email
- FBI investigating attack against computer networks at U.S. law firms