March 2014 Issue of SCMagazine
This month's issue includes our selection of CSO of the Year, plus features on zero-day vulnerabilities, DDoS attacks, SMBs facing cyber challenges, and contributed articles that give insight on the state of information security.
In the aftermath of the Target breach, there is a huge need for all the people who are engaging with technology to understand more about ...
Breaches at Target and other major retailers as well as Coca-Cola, Android mobile devices infected with malware, and other news.
This month's company news includes new hires at Rapid7 and Vaultive, as well as Palo Alto Networks acquiring security firm in Silicon Valley.
Threat of the month
For March's threat of the month, Secunia's Kasper Lindgaard believes Java vulnerabilities should be at the top of everyone's radar.
2 minutes on
After breaches of major retailers, the discussion regarding a potential federal breach notification law was brought back to the forefront among government leaders.
Skills in Demand
Recent breaches have highlighted the need for talented technologists with the ability to assess vulnerabilities long before they are under attack.
Me and my job
John Gibson discusses the challenges and rewards of his security role at tTech Ltd. as the senior IT security officer.
In this month's debate, experts discuss the possible issues that the Internet of Things presents for the industry.
It's time to admit that the bad guys can always make a first move, says Damballa's Manos Antonakakis.
We've all been breached, but there are steps we can take to evolve the system, says security strategist Dan Srebnick.
Has mobile malware changed through time as dramatically as the headlines might imply?
Cloud computing is becoming a reality that will need to be addressed by every security department.
The needs of the organizations we protect are complex and the response required due to the criticality of the services we provide tends to put ...
The entire organization needs to support security initiatives, says Forrest Smith, CISO, Nissan Americas.
A spate of recent DDoS attacks forced banks to change their threat response - and that's a good thing, reports Teri Robinson.
Small and midsized businesses are not exempt from cyber attack, reports James Hale.
Organizations are struggling with how to more quickly account for and guard against zero-day vulnerabilities, reports Karen Epper Hoffman.
Connection issues prompted an educational service in Illinois to find a solution to speed distribution of teaching materials. Greg Masters reports.
A few years back, I boldly predicted that UTMs would merge into a single product type with gateways and SIEMs. Boy, did I get that ...
Group Test 1
The Threat Prevention Appliance from Check Point Technologies provides a solid security platform that can be customized with the addition of several software blades.
The CR200iNG-XP from Cyberoam Technologies offers full-scale, best-of-breed protection including an intrusion prevention system, gateway anti-virus, spam prevention at the gateway, web content filtering and ...
The NSA 4600 from Dell SonicWALL incorporates next-generation firewall technology combined with a multi-core hardware platform to provide robust protection at the perimeter of even ...
The FortiGate-140D-POE from Fortinet offers a built-in firewall, intrusion prevention system, application control, web and email filtering and anti-virus in one solid appliance.
The Protector UTM appliance from SecPoint offers a full set of features packed into a single device.
This product provides a complete secure remote access platform that incorporates many perimeter security functions.
The XTM 545 from WatchGuard provides an excellent mix of best-of-breed functions and an easy-to-manage platform for robust perimeter security.
Group Test 2
Take a security server in your virtual environment, add tools on each of the virtual servers you want to protect, throw in a control center ...
This is the only virtual security product of its type exclusive to Microsoft Hyper-V.
This is a security automation product for use in a VMware environment.
Virtual management for virtual environments.
Secures servers with software-based attestation, full-memory encryption and OS hardening, providing a foundation for trusted computing.
CIRT from AccessData Group is a full lifecycle forensic tool - from detecting to analyzing to remediating - and it's all in a single package.
SC Magazine Articles
- GCHQ infosec group disclosed kernel privilege exploit to Apple
- 77% of organisations unprepared for cyber-security incidents
- 117 million LinkedIn email credentials found for sale on the dark web
- Furtim malware can run AND it can hide
- Ubiquiti warns of worm using known exploit on outdated AirOS firmware
- Some U.S. Bancorp workers' W-2 info exposed in ADP data breach
- Spearphishing attack nets $495K from investment firm
- Updated: Gmail, Yahoo email credentials among millions found on the dark web
- Report: Ransomware feeds off poor endpoint security
- Organizations need formal vendor risk management programs, study
- 2.5K Twitter accounts hacked to spread links to adult content
- Study: Federal agencies still lack strong cyber hygiene practices
- Petya and Mischa - the Ransomware Twins (sort of)
- Bad guys update ransomware DMA Locker with version 4.0
- Lieu, Hurd urge colleagues to use encryption, improve cyber hygiene