November 2013 Issue of SCMagazine
This month's issue includes features on financial sector, mobile payment options, international cyber security standards, and more.
Most agree, CISOs are at a crossroads now, says Illena Armstrong, VP, editorial, SC Magazine.
This month's news briefs include important advisories issued by RSA and NIST, as well as a critical update released by Microsoft.
Personnel announcements and M&A activity: Ipanema Technologies, Kabel Deutschland, CrowdStrike, Windward IT Solutions, F5 Networks and more.
Threat of the month
This month's threat of the month is the major zero-day vulnerability that affects Internet Explorer versions 6 through 11.
2 minutes on
Recent attacks on a number of major websites were traced back to one source: Melbourne IT, an Australian domain name registrar.
Skills in Demand
Service desk engineers and managers are in high demand.
Me and my job
The time and energy to optimize a service or process is often seen as an unaffordable luxury, says Jesse Bowling senior information security engineer, American ...
In this month's debate, we received a number of responses to our debate topic this month, which covers the NSA's attempts to crack encryption methods.
The first step toward better protecting an organization is to learn how cyber attacks work.
CSOs need to be able to function at the highest levels of an organization while not being tethered to a specific department or operational function.
Using Big Data for security is the "new hotness," says Holly Ridgeway, SVP and CISO enterprise systems at PNC.
Risk is with us, whether physical or online, says Doug Johnson, American Bankers Association. James Hale reports.
A Utah university found a solution to enable secure access to the campus network - while cutting down on help desk calls, reports Greg Masters.
Nation-states are extricating intellectual property from U.S. government entities and private corporations, reports David Cotriss.
Despite testy relations among countries, international cyber security standards offer the promise of cooperation, Alan Earls reports.
While already ubiquitous in much of the world, mobile payment options are gaining traction in the United States, reports Stephen Lawton.
Web applications as front-ends for databases provide the way into an enterprise through simple attacks, such as SQL injection. We have solutions.
Group Test 1
The tool takes advantage of IP reputation, context and categorization to analyze incoming and outgoing IP addresses.
A comprehensive database security management tool that provides vulnerability assessment, auditing and monitoring for database management systems.
The appealing aspect of the SecureSphere X1010 Web Application Firewall X1010 - and other Imperva servers - was the preloaded policies that were already running ...
This solution provides protection against such attacks as SQL injection. It is intended to be used with SecureSphere Web Application Firewall.
McAfee describes the functionality of the tool as providing "the five essentials for database protection: discovery, assessment, monitoring, prevention and compliance."
Group Test 2
CA DataMinder Classification “discovers and classifies sensitive structured and unstructured content stored within file servers, databases, collaboration tools and storage repositories.
Provides email and document classification – when both products are used – for Microsoft platforms.
As part of the Digital Guardian program, provides data classification.
Provides data classification for human-generated files, such as documents and SharePoint files or any human-generated files that reside on file servers.
SaaS-delivered secure collaboration application.
Model 660 is a useful tool that provides protection for web applications.
We don't need to make the same mistakes of the first generation of PCs and servers, says the SANS Institute's John Pescatore.