READER TRUST AWARDS
Best Email Security Solution
Email security addresses the ability to exchange email messages securely, as well as filter email messages based on content, source or other criteria. Solutions should ensure the privacy of sensitive messages, limit the repercussions of email forgery and manage other aspects of email security within the organization. These products are enterprise-centric and should have, but are not required to have, some form of centralized management. They may include spam filters, junk mail filters, malware filters, unauthorized content (sometimes called “extrusion protection” or “data leakage protection”), phishing and other types of undesirable content. However, these are not simply anti-spam filters. These email security products should be evaluated on their effectiveness, manageability, non-intrusiveness, ease of use and other factors that impact the implementation of this type of product in the enterprise environment. They typically provide features such as email encryption, digital signatures, automatic shredding of messages and attachments, and more.
- Barracuda Networks for Barracuda Email Security
- McAfee for McAfee Email Protection
- Proofpoint for Proofpoint Enterprise Protection/Proofpoint Enterprise Privacy
- Symantec for Symantec Messaging Gateway
- Websense for Websense Email Security Gateway Anywhere
Best Managed Security Service
These security offerings provide a turnkey approach to an organization's primary technical security needs. These offerings can be either a co-located device at the client organization facility, or can be a completely outsourced solution where the application to be protected would reside at the vendor's data center.
- Dell SecureWorks for Dell SecureWorks Managed Security Services
- IBM for IBM Managed Security Services
- MANDIANT for MCIRT Managed Defense
- Verizon Business for Managed Security Services - Commercial
- Verisign for Verisign MalDetector Service
Best UTM Security
Solutions should take an “in-depth” defense approach. Entrants should have an integrated, multifunction endpoint/UTM offering – not a single-function product. These products typically aggregate a wide variety of threat data into a single unified tool. Many organizations define those threat categories as anti-virus, content management, IDS/IPS and spam filtering. The minimum functionality, according to IDC, is IDS/IPS, anti-virus and firewall/VPN. Entrants should meet this IDC-minimum functionality, although they may include anti-malware gateway, anti-spam gateway, anti-phishing gateway and more. Products function at the endpoint or the gateway, or are hybrid gateway/endpoint solutions.
- Check Point Software Technologies for Check Point 2200 and 4000 Series Appliances
- Dell SonicWALL for Dell SonicWALL TZ 215
- Fortinet for FortiGate-100D
- Sophos for Sophos UTM 9
- Symantec for Symantec Endpoint Protection
Best Emerging Technology
What cutting-edge technologies are bursting onto the scene with some innovative capabilities to address the newest information security needs facing organizations? This new category welcomes both new vendors and old pros that are looking to provide products and services that look to help shape the future by addressing fast-evolving threats through the creation of these types of offerings. Solutions should have just hit the market in the last six to 12 months and you should have some customers available who can act as references. The company should also have an office in North America and provide ready support and service to customers in this country.
- Black Lotus for Human Behavior Analysis
- CipherCloud for CipherCloud Gateway
- CloudPassage for CloudPassage Halo
- Microsoft for Enhanced Mitigation Experience Toolkit (EMET) 3.0
- Pindrop Security for Fraud Detection System
- Webroot Software for Webroot SecureAnywhere Business - Endpoint Protection
Best Security Team
Contenders should only include end-user teams that have executed and are managing exceptional and strong security programs, which they have built from virtually non-existent ones. The team should have successfully established and implemented an integral and/or innovative/cutting-edge component of their security program, and should have spearheaded various areas of support for its success, such as strong end-user awareness training, good configuration management, and more. Please note: Professionals who work for an IT security vendor, IT reseller or IT consultancies are not eligible for this category.
- godaddy.com for Go Daddy Security Team
- Teleperformance Group for Teleperformance Security Team
- U.S. Department of Homeland Security for ICS-CERT Security Team
CSO of the Year
Contenders should include those who work for end-user companies only. No vendor CSOs will be considered. Nominees are the cream of the crop, having spearheaded a viable IT security program, gained the support of their company's executive leaders, as well as their colleagues, and helped – through their indefatigable efforts – to propel the CISO/CSO position to a footing of influence within their organization and the corporate world as a whole. Specific projects and undertakings, as well as over-arching security programs to propel these various goals, should be noted. Nominees should be prepared to answer further questions during the judging process, offer at least two references, and be open to holding confidential interviews with members of the SC Magazine editorial team, if warranted. Please note: Professionals who work for an IT security vendor, IT reseller or IT consultancies are not eligible for this category.
- Bobby Dominguez, director, IT security & GRC, PSCU Financial Services
- Nikk Gilbert, vice president & chief information security officer, CUNA Mutual Group
- John South, CSO, Heartland Payment Systems
- Bruce Wignall, CISO, Teleperformance Group