June 2016 Issue of SCMagazine

June 2016 Issue of SCMagazine

June 2016

Editorial

Embracing the business of security

Taking a methodical approach to security, risk and governance planning must be part of the foundation of every organization these days, says Illena Armstrong, VP ...

Update

Briefs: Company news, June 2016

Briefs: Company news, June 2016

News briefs: June 2016

Some of the latest news from the IT security industry.

Threat of the month

Threat of the month, June 2016: Malvertising

Threat of the month, June 2016: Malvertising

Skills in Demand

Skills in demand: June 2016

Skills in demand: June 2016

Me and my job

Me and my job: Satyam Tyagi, CTO, Certes Networks

Me and my job: Satyam Tyagi CTO, Certes Networks

Debate

Debate: Vendor VPNs: Good Idea?

Debate: Vendor VPNs: Good Idea?

Analysis

Students, veterans address talent gap

These groups possess the skills that can make cybersecurity a rewarding career, says Fortinet's Stephan Tallent.

Opinion

Securing IoT devices

IoT devices can be a game changer, but unfortunately many are designed for convenience and functionality without security in mind.

Exploit kits upping the ante for security defense

For thieves, exploit kits are little efficiency machines, says Dell Security's Dmitriy Ayrapetov.

CSO's desk

New world of IoT, new risks

The IoT isn't just about thermostats and internet-connected refrigerators, says Bruce Forman CISO, UMass Memorial Medical Center.

Features

Sweet validation: Apple versus FBI

CISOs say the Apple-FBI case confirms the need for strong encryption and IT security programs. Steve Zurier reports.

No business like breach business

Repeated exposure of private data is giving rise to a new class of companies promising to clean up the mess - and they don't come ...

Top to bottom assurance

When chief executives flout security rules, the losses can be higher than usual. What should organizations do to help their leaders stay on track with ...

Reeling in workers: Social engineering

Successfully defending against socially engineered phishing campaigns means addressing both technological and human vulnerabilities. Doug Olenick reports.

Case studies

Options surety: Case study

The MIAX Options Exchange needed more than a way to appease regulators, it also required security assurance. Greg Masters reports.

Product opener

The pen test is mightier: Vulnerability management

This month we take up vulnerability management tools.

Group Test 1

Beyond Trust Retina CS Enterprise Vulnerability Management

This is a full-featured vulnerability management platform with all of the bells and whistles you need to deal with vulnerabilities on your enterprise.

Core Insight

Insight automates much of the vulnerability management workflow beginning with asset discovery.

Idappcom Traffic IQ Professional

Traffic IQ Professional may be just what the doctor ordered.

LOGICnow MAX Risk Intelligence

MAX Risk Intelligence requires almost no interaction with the user and it can be set to remind the user to scan automatically.

SAINT Security Suite

SAINT is one of the pioneers in mixing vulnerability assessment and penetration testing in the same tool.

Skybox Security Security Suite

Many of Security Suite's modules interact in such a manner that the overall management of vulnerabilities – particularly analytics – is enhanced significantly.

Tenable Nessus Manager/Cloud

This has next-generation capabilities.

Tripwire IP360

Tripwire IP360 is a feature-rich vulnerability management system with a pure-play vulnerability assessment personality.

First Look

First Look: Versa Networks FlexVNF

Versa FlexVNF focuses on large, hard to manage and secure virtual environments.

Last Word

Compliance at risk

A federal data breach notification law would provide much needed uniformity, says David R. Singh.