October 2013 Issue of SCMagazine
This month’s issue includes features on how targeted cyber attacks can compromise medical devices and the growing scourge of the insider threat.
Still more revelations about National Security Agency (NSA) operations and practices that intrude on U.S. citizens' privacy and seemingly make a mockery of Constitutional rights ...
This month's new briefs include insight on the PCI Security Standards Council, DDoS attacks aimed at financial institutions, and more.
This month's company news features new hires at Narus, Zscaler, and the Advanced Cyber Security Center, as well as new funding secured by HyTrust.
Threat of the month
October's threat of the month allows for remote code execution vulnerabilities to affect Java prior to version 7 Update 25.
2 minutes on
As the threat landscape continually evolves, security professionals at SMBs are up to the challenge, but more often than not may be blindly spending when ...
Skills in Demand
As organizations collect increasing amounts of data related to security and IT risk, the demand for security analytics specialists is high.
Me and my job
This month we asked Gregory Gong, managing partner, Wall Street IT Management, about his job.
In this month's debate, experts discuss whether the Computer Fraud and Abuse Act is out of date, and if punishments are disproportionate to offenses.
Targeted malware attacks are growing in number, sophistication and severity in the potential damage they can inflict on victims.
By mining log data and managing it proactively - instead of ignoring it until something goes wrong - organizations can mitigate risk, ensure service availability ...
A major area of concern for security personnel these days is how we are able to achieve and maintain compliance with multiple regulatory governing bodies.
A school district in New Hampshire needed to enable its students and faculty to use mobile devices wirelessly, while retaining security and performance control over ...
Criminals leverage medical devices for targeted attacks, says Dale Nordenberg of the Medical Device Innovation, Safety and Security Consortium. Karen Epper Hoffman reports.
With the barrage of attacks only growing, today's enterprise must face reality with a variety of defenses, reports James Hale.
Every business faces the possibility of external attacks, but another potential threat is on the premises, reports Dan Raywood.
Obstacles still remain before companies can safeguard assets in the cloud, but software advances are helping, reports David Cotriss.
This month we will look into three more. Identity management and network access control (NAC) are fairly obvious, while data leakage prevention (DLP) is, perhaps, ...
Group Test 1
AIMS provides a complete set of identity management (IdM), network access control (NAC) and data leakage prevention (DLP) features.
Network Sentry monitors edge connections to a network and provisions the appropriate level of network access based on role-based security policies.
By leveraging an existing infrastructure enterprise, Centrify Suite 2013.2 Platinum Edition provides central control and securing and auditing of user access through cross-platform systems, mobile ...
TrueDLP is delivered via Code Green Networks’ Content Inspection (CI) Appliances.
The Fischer International Identity solution is a set of high-availability Java applications for SaaS (software-as-a-service) and on-premise, running on open source or commercial off-the-shelf (COTS) ...
ForeScout CounterACT offers an enterprise-class NAC platform that assures network access based on real-time endpoint classification configuration assessment, user and endpoint compliance policy and automated ...
The Hitachi ID Management Suite v8.2.1 contains several identity management components that are well integrated to form a fairly comprehensive suite.
The Enterprise Random Password Manager (ERPM) from Lieberman Software is more than just a random password generator.
Identity Manager from NetIQ provides tools for managing the entire user identity lifecycle – from on-boarding through deletion and everything in-between.
The Pleasant Password Server from Pleasant Solutions provides a way to add central management capabilities to the KeePass Password Safe, a free, open source password ...
Safe Access from StillSecure is a feature-rich network access control appliance that can detect and monitor many types of endpoints throughout the network and ensure ...
The EndaceProbe is a purpose-built enterprise-grade tool.
Cloud providers must be evaluated before moving operations, says the DTCC's Mark Clancy.
Sign up to our newsletters
SC Magazine Articles
- Long list of devices believed to be affected by NetUSB vulnerability
- Scammers target oil companies with sneaky attack
- CareFirst BlueCross BlueShield breached, more than one million individuals notified
- Study: Employees acknowledge risky security behavior, continue to engage in it
- Hack of airplane systems described in FBI docs raises security questions
- Hackers exploit Starbucks auto-reload feature to steal from customers
- Study: Nearly all SAP systems remain unpatched and vulnerable to attacks
- Former Nuclear Regulatory Commission employee arrested for alleged spear phishing campaign
- Millions of WordPress websites vulnerable to XSS bug
- FireEye first cybersecurity firm awarded DHS SAFETY Act certification
- Thousands of Bellevue Hospital Center patients notified of data breach
- Study: 86 percent of websites contain at least one 'serious' vulnerability
- Investigation ongoing in reported multimillion member Adult FriendFinder breach
- Report: $19M breach settlement between MasterCard, Target terminated
- FTC gives thumbs up to companies that cooperate during breach probes