May 2014 Issue of SCMagazine

May 2014 Issue of SCMagazine

Our May issue features in-depth articles on cyber insurance, the latest on Bitcoins, and nation-state threats, as well as other industry insights and contributed articles by experts.


Heart of darkness

Just how vulnerable are we to an assault by the NSA, asks Illena Armstrong, SC's VP, editorial.


News briefs: The latest on the Target breach, a flaw in WinRAR and more

Target breach, flaw in WinRAR, SMS message attacks and other current news affecting the security industry.

Company news: Blackstone acquires Accuvant, Yahoo's new hit and more

This month's company news includes a big acquisition by Blackstone, Alex Stamos joining Yahoo as VP of information security, and yet another big move within ...

Debate: Cyber insurance should be mandatory for companies.

In this month's debate, experts discuss whether or not companies should be obligated to sign up for cyber insurance.

Threat of the month: Drive-by download

The pervasiveness of drive-by downloads has made it our threat of the month for May.

Cyber extortion: To pay or not to pay?

Extortion isn't new when it comes to the threat landscape, but as of late, it seems as though it's the flavor of the times for ...

Skills in Demand

Skills in demand: Cyber security contract specialists

There's a high demand for the assistance of cyber security contract specialists.

Me and my job

Me and my job: Sean Doherty, head of R&D, SpamTitan Technologies

Challenges exist in areas of technology partner selection, managing employees and corporate role identity.


The DDNS dagger

It turns out that using a DDNS service is the easiest and most pervasive method for creating sustainable command-and-control domains.

Build in visibility with trust

Having actionable insight into the goings on of your network is tantamount to managing operational variables.

CSO's desk

Adopt a framework, lower risk

You can't run an effective security program without the basics, says Patricia Titus, CISO, Freddie Mac.


The value of Bitcoın

It has soared in popularity, but is the leader in cryptocurrency viable enough for continued acceptance? Adam Greenberg investigates.

Cyber security insurance: Insuring success

Following recent breaches, more organizations are investing in cyber insurance, says Mesa, Ariz.'s tech manager Alex Deshuk. Karen Epper Hoffman reports.

Case study: Mine games

A website attack prompted an Australia-based mining company to shore up its security implementation, reports Greg Masters.

Cyber spies in disguise: Nation-state

Espionage has been a fact of life for centuries, but with increased capabilities online, it's spread beyond a narrow core, reports James Hale.

The unlocked door: End-of-support for Windows XP

With the end-of-support deadline for Windows XP just passed, firms large and small are at risk of attack, reports Kate O'Flaherty.

Product opener

Digging deep with forensic tools

Gathered here are some of the most comprehensive digital forensic tools available.

Group Test 1

AccessData Tool Suite

We are reviewing this suite of forensic tools as a package the same way we did last year because the elements work well together and ...

Cellebrite UFED Series of Tools

Cellebrite is, arguably, the number one mobile device forensic tool suite available.

CRU Ditto Forensic FieldStation

Everything that one needs is in the case, including cables, adapters, a power brick and a space for extra disks.

EnCase Forensic v7.09.02

EnCase Forensic v7.09.02 is the latest incarnation of the EnCase computer forensic tradition.

Lima Digital Forensic Case Management Standard

The only pure digital forensic case management tool of which we are aware.


This is a general purpose network forensic tool with a solid history.

ADF Triage-G2, Responder, Examiner

These three products are approximately the same type of tool, but with different functionalities depending on the market in which they are used.

First Look

AhnLab's MDS: A comprehensive approach to malware management

AhnLab refers to its product - MDS - as a malware defense system. I, however, think of it more as a malware management system.

Last Word

Target is not alone: Risk indicators

Exec buy-in and new tech can help fight cyber threats, says BitSight's Stephen Boyer.