October 2013 Issue of SCMagazine
This month’s issue includes features on how targeted cyber attacks can compromise medical devices and the growing scourge of the insider threat.
Still more revelations about National Security Agency (NSA) operations and practices that intrude on U.S. citizens' privacy and seemingly make a mockery of Constitutional rights ...
This month's new briefs include insight on the PCI Security Standards Council, DDoS attacks aimed at financial institutions, and more.
This month's company news features new hires at Narus, Zscaler, and the Advanced Cyber Security Center, as well as new funding secured by HyTrust.
Threat of the month
October's threat of the month allows for remote code execution vulnerabilities to affect Java prior to version 7 Update 25.
2 minutes on
As the threat landscape continually evolves, security professionals at SMBs are up to the challenge, but more often than not may be blindly spending when ...
Skills in Demand
As organizations collect increasing amounts of data related to security and IT risk, the demand for security analytics specialists is high.
Me and my job
This month we asked Gregory Gong, managing partner, Wall Street IT Management, about his job.
In this month's debate, experts discuss whether the Computer Fraud and Abuse Act is out of date, and if punishments are disproportionate to offenses.
Targeted malware attacks are growing in number, sophistication and severity in the potential damage they can inflict on victims.
By mining log data and managing it proactively - instead of ignoring it until something goes wrong - organizations can mitigate risk, ensure service availability ...
A major area of concern for security personnel these days is how we are able to achieve and maintain compliance with multiple regulatory governing bodies.
A school district in New Hampshire needed to enable its students and faculty to use mobile devices wirelessly, while retaining security and performance control over ...
Criminals leverage medical devices for targeted attacks, says Dale Nordenberg of the Medical Device Innovation, Safety and Security Consortium. Karen Epper Hoffman reports.
With the barrage of attacks only growing, today's enterprise must face reality with a variety of defenses, reports James Hale.
Every business faces the possibility of external attacks, but another potential threat is on the premises, reports Dan Raywood.
Obstacles still remain before companies can safeguard assets in the cloud, but software advances are helping, reports David Cotriss.
This month we will look into three more. Identity management and network access control (NAC) are fairly obvious, while data leakage prevention (DLP) is, perhaps, ...
Group Test 1
AIMS provides a complete set of identity management (IdM), network access control (NAC) and data leakage prevention (DLP) features.
Network Sentry monitors edge connections to a network and provisions the appropriate level of network access based on role-based security policies.
By leveraging an existing infrastructure enterprise, Centrify Suite 2013.2 Platinum Edition provides central control and securing and auditing of user access through cross-platform systems, mobile ...
TrueDLP is delivered via Code Green Networks’ Content Inspection (CI) Appliances.
The Fischer International Identity solution is a set of high-availability Java applications for SaaS (software-as-a-service) and on-premise, running on open source or commercial off-the-shelf (COTS) ...
ForeScout CounterACT offers an enterprise-class NAC platform that assures network access based on real-time endpoint classification configuration assessment, user and endpoint compliance policy and automated ...
The Hitachi ID Management Suite v8.2.1 contains several identity management components that are well integrated to form a fairly comprehensive suite.
The Enterprise Random Password Manager (ERPM) from Lieberman Software is more than just a random password generator.
Identity Manager from NetIQ provides tools for managing the entire user identity lifecycle – from on-boarding through deletion and everything in-between.
The Pleasant Password Server from Pleasant Solutions provides a way to add central management capabilities to the KeePass Password Safe, a free, open source password ...
Safe Access from StillSecure is a feature-rich network access control appliance that can detect and monitor many types of endpoints throughout the network and ensure ...
The EndaceProbe is a purpose-built enterprise-grade tool.
Cloud providers must be evaluated before moving operations, says the DTCC's Mark Clancy.
SC Magazine Articles
- Yahoo breach; State-sponsored actors suspected, at least 500 million accounts affected
- Cybercriminals already able to hack ATM biometric readers
- 185M incidents bypassed perimeter defenses - report
- OVH suffers massive 1.1Tbps DDoS attack
- IoT assault, connected devices increasingly used for DDoS attacks
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- CEO sacked after aircraft company grounded by whaling attack
- DōTERRA breach exposes customer info; including SS, DOB, and addresses
- UPDATE: Petya ransomware leverages Dropbox and overwrites hard drives
- Some U.S. Bancorp workers' W-2 info exposed in ADP data breach
- BIND update fixes high-severity flaw affecting ICS, as CERT releases update to CSET tool
- ISACA programme aims to attract more women into technology professions
- End-of-support devices on networks weakening cyberdefenses, report
- Android.Lockerscreen using pseudorandom passcodes to ensure payouts
- FBI investigating hacked mobile phones of Democratic officials