September 2012 Issue of SCMagazine

September 2012 Issue of SCMagazine

Sept. 2012


Big egos block important cyber bill

President Obama now is considering an executive order to breathe some life back into the Cyber Security Act of 2012 with the goal in mind ...


Company News: Lancope's new director of security research and more hires

Lancope has appointed Tom Cross as director of security research, Wells Fargo & Co. has named Rich Baich CISO, and other personnel announcements and corporate ...

News briefs: Breaking security news from the Cybersecurity Act to Gauss

The Cybersecurity Act of 2012 was defeated in the Senate, FinFisher spyware analyzed, nation-state-created espionage malware Gauss, and other breaking security news

Threat of the month

Threat of the month: Data disclosure via paste sites

Unauthorized information disclosure via "paste" sites has been a common occurrence as a part of recent high-profile information security breaches.

2 minutes on

Spies recruiting hackers: Gen. Keith Alexander at DefCon

The head of the NSA, the entity many consider to be the prime culprit in the "surveillance state," sought to persuade the crowd at the ...

Skills in Demand

Skills in demand: Sales engineers

There's a high demand for sales engineers who can provide the technical expertise to align solutions with clients.


Debate: In light of recent breaches, passwords remain a useful

Debate: In light of recent breaches, passwords remain a useful method for authentication.


Me and my job: Adel Danesh, manager of enterprise systems

A Q&A with Adel Danesh, manager, enterprise systems at The Hospital for Sick Children in Toronto.

Digital signature blame game

Trojans can propagate further - without detection by anti-virus applications - when they are digitally signed.

The weakest link of all

If our greatest vulnerability is the human factor, then why is it neglected?

CSO's desk

Policy creation shouldn't come easy

Policies form the cornerstone of the information security program and are instrumental for enforcing global consistency, driving change and launching enterprise programs.


Technology to strategy: Today's CISO

With breaches grabbing headlines and cash funneling toward infosec budgets, the role of the security executive is shifting from tech and compliance wonk to savvy ...

Cyber cold war: Espionage and warfare

When the history of the cyber arms race is written, the first chapter surely will be devoted to Stuxnet. But now that these sophisticated strikes ...

Prime pickings: Application security

Applications provide the path to an organization's coveted assets. And even if they're not public-facing, they still can be a ripe target. We talk to ...

Why can't we be friends? A look at convergence

The ability to marry physical and logical security controls is maturing, which means companies can find efficiency wins, while in the process lowering their risk ...

Product opener

It's a wicked (internet) world

We need to consider all of the traditional facets of information security when we consider protecting information on the internet.

Group Test 1

Axway MailGate SC

The Axway MailGate SC offers a full set of features for both email content management and security.

Barracuda Spam & Virus Firewall

Using this appliance, administrators can protect their enterprise from both inbound and outbound threats, such as spam, viruses, phishing, spyware and email address spoofing.

Cisco Email Security Appliance

With this email security and content management tool in place, administrators can protect their environment from spam, viruses and other mail-based malware while managing email ...

Clearswift SECURE Email Gateway

The SECURE Email Gateway from Clearswift offers up strong features and functions for email security and content management.

DataMotion SecureMail Gateway

The SecureMail Gateway from DataMotion provides the ability to easily integrate full email encryption into an existing enterprise environment.

Echoworx Encrypted Mail Gateway

The Encrypted Mail Gateway from Echoworx offers a full cloud-based platform for seamless email encryption throughout the enterprise.

Fortinet FortiMail-400C

The FortiMail-400C, while complicated to set up, offers an incredible feature set at an affordable price.

Halon Security Virtual Spam Prevention (VSP)

The Halon Virtual Security Appliance from Halon Security is a quick and robust email gateway, but administrators should be prepared to learn a new scripting ...

McAfee Email Protection

This email security and content filtering tool does everything we would expect, with a combination of flexibility and ease of use seldom seen.

TITUS Message Classification

TITUS Message Classification is a tool with which to classify messages, yes, but email security is not its primary focus.

Trend Micro InterScan Messaging Security

Combining on-premise software with an optional cloud-based pre-filter, the tool provides a flexible approach to email security.

WatchGuard Technologies XCS 570

Providing content filtering and encryption, the XCS 570 from WatchGuard Technologies allows administrators to easily combat data leakage.

Group Test 2

TeleSign Verify & PhoneID Standard

If one could get the cost, ease of use and provisioning into a practical range, one could offer multifactor authentication to all users. That is ...

Wombat Security Technologies Security Training Platform

Wombat Security Technologies is in the business of threat filtering and user training. For this month, we looked at their training.

EastNets en.SafeWatch Anti-Fraud

EastNets offers a sophisticated suite of filtering products that, taken together, give financial institutions what they need to combat fraud and money laundering.

NICE Actimize Remote Banking Fraud

NICE Actimize covers most of the online fraud bases, including money laundering, case management, brokerage compliance and overall security. It is a truly high volume ...

Easy Solutions Detect Monitoring Service, Detect Safe Browsing, DetectID, DetectTA

This is a suite of products that covers fraud detection (heavily phishing-oriented), browsing protection, multifactor authentication and transaction anomaly detection.

Last Word

Flame is lame? Not so much.

Flame's cryptofunctionality silenced all the haters, says F-Secure's Mikko Hyppönen.