July 2012 Issue of SCMagazine

July 2012 Issue of SCMagazine

0712 cover


Preparing for a post-Flame world

The latest evidence of cyber espionage weaponry could be a harbinger of nation-state assaults to come.


DigiCert promotes their COO, LogLogic is acquire, and more company news

Personnel moves, mergers and acquisitions and other developments at security companies.

Me and my job: Samantha Manke

Samantha Manke, security analyst at a leading manufacturing company

Skills in demand: Security-focused product managers

Increased innovation around cloud, Big Data and mobility has created sharp demand for experienced, security-focused product managers.

News briefs: Flame, Stuxnet, breach at LinkedIn and other security news

Flame, Stuxnet, breach at LinkedIn and other security news

Threat of the month

The Flame virus is the "Threat of the Month"

Flame, aka Skywiper, is a sophisticated tool used to locate and steal data accessible from the infected computer. The malware uses multiple exploits to propagate ...

2 minutes on

Flame virus: Too hot to handle?

While the characteristics of the spy virus are important to note, the question is why it went undetected for so long.


Featured Debate: HTML5 is eroding website security

Featured Debate: HTML5 is eroding website security.


Stupid is as stupid does

When it comes to the causes of data breaches in health care, don't forget human goof-ups.

Learning from the military

The biggest problem with corporate information security programs and policies is the lack of standardized processes, uniform control points and comprehensive testing.

CSO's desk

Risk lessons over beer and bratwurst

After some experience with the European EMV "chip-and-PIN" card system while on vacation, the city of New York's CISO learned something about security: Don't take ...


Medicine man: Risk assessment

In 1854, an English physician was one of the first to use an epidemiological method to ID disease risk. Ben Sapiro of the Dominion of ...

Case study: Malware checkout

The hospitality industry remains one of the most targeted by cyber criminals. That's why Thayer Lodging Group, which owns or operates 18 hotels, knew it ...

Advancing firewalls

Firewalls have been an enterprise security mainstay for years. But with a majority of attacks now being launched against the web application layer of the ...

Danger within: Insider threat

Many organizations are focusing their security efforts on deterring the external attack -- often at the expense of catching the insider threat. This could be ...

Guarding the crown jewels: Critical data

The loss of personally identifiable information (PII) by an organization can lead to customer loss, reputational harm, and fines, but before this data can be ...

Product opener

Computer in your pocket

It's not just data that is at risk with a mobile workforce, it's the whole shebang: data, applications, operating environments and, we hope, security.

Group Test 1

Echoworx mobilEncrypt ENDPOINT

MobilEncrypt ENDPOINT from Echoworx provides versatile, on-device email encryption for Apple portable devices, Androids and BlackBerry handhelds.

Fixmo SafeZone

SafeZone from Fixmo can be used to create a protected encrypted container on a user’s device that houses all business applications and email.

M.A.D. Mobile Enterprise Compliance and Security Server

The Mobile Enterprise Compliance and Security Server, or MECS Server, from Mobile Active Defense (M.A.D.) offers a full suite of tools for mobile device security.

Good Technology Good for Enterprise

Good Technology enables consumers and enterprise users to say good riddance to the security problems surrounding today’s multitude of mobile devices.


AirWatch tackles the mobile device management conundrum head on with an integrated approach that keeps devices secure, while protecting enterprise resources from compromise.

Sophos Mobile Control

Security solutions vendor Sophos is one of the newer players in the mobile device management market, yet has successfully created a full-featured offering that combines ...

KoolSpan TrustCall and TrustChip

This is a point solution to a point problem: voice call security from mobile phones. In addition, however, it has optional modules that secure text ...

Group Test 2

Echoworx Security Cloud

Echoworx Security Cloud manages credentialing throughout the enterprise, virtual or physical.

CipherCloud for Salesforce

Today, this product focuses on the Salesforce application, but it is well-positioned to apply to any cloud-based application.

nCircle PureCloud

While it is true that there are a couple of remote scanning services available in the market, this one has some really unique plusses that ...

MetaFlows Security System

This is a killer app. The more we watched this one sort through the data that it was monitoring – over a million events and ...

CloudPassage Halo

Halo is a virtual security command-and-control center that lets one manage such security functions as firewall automation, file integrity monitoring, configuration security, vulnerability scanning and ...

SafeNet ProtectV AWS

With ProtectV everything in the user’s cloud is encrypted.

Last Word

SEC rules: A serious development

Expect a sea change in digital security over the coming years, says Richard Bejtlich.