The winners of the 2018 SC Awards Honored in the U.S.

For a complete overview of SC Awards 2018 please click on the Book of the Night link above.

Trust Award
Best Authentication Technology


Picture this: A clever fraudster prints out an enlarged copy of a stolen driver's license, hoping to fool a company's facial recognition security system. Even though the image looks just like the person whose identity is being stolen, the authentication engine still flags the action as fraudulent activity because it knows the image is a duplicate.

That's the genius behind Jumio and its Netverify solution suite, which helps companies conduct secure real-time web and mobile transactions by confirming the authenticity of customers' faces, documents and ID credentials from over 200 countries mere seconds after they are placed in front of a webcam or smartphone.

Processing more than 200,000 verifications every day, Netverify combines computer vision technology, machine learning, and biometrics with human verification experts to catch criminals in the act. According to the company, Netverify flags more than 95 percent of detectable fraudulent transactions while allowing over 99.9 percent of valid customers to complete their transaction.

With a dataset of 80 million total verifications, and a massive database of fraudulent IDs and identities, Jumio's Trusted Identity as a Service platform and authentication technologies are helping reduce fraud across industry sectors where verification of customers' identities is essential – including financial services, sharing economy services, retail, travel and online gaming.

In addition to hindering fraud, Netverify also decreases customer churn, lowers transaction times, improves renewal rates, and increases app usage and customer conversions.

Finalists 2018

Duo Security

Duo Mobile



Ping Identity



RSA SecurID Access


SecureAuth IdP

Trust Award
Best Cloud Computing Security Solution


There are three states of data: data in motion, data at rest, and data in use. Each has its own security challenges. But from a cloud computing point of view, data in use has been especially difficult to secure, historically forcing users to employ inefficient workarounds, obfuscate their intentions, implement perimeter defenses or isolate their computing environments.

Convinced there's a better way, Enveil helps cloud users protect their sensitive information by using homomorphic encryption to ensure data in the cloud always remains encrypted even when it's being actively used to perform operations such as searches and analyses.

Consequently, authorized employees can actively utilize their data without having to worry about the content or results of their inquiries being revealed in the cloud, on-premise or anywhere in between.

Without this “Never Decrypt” approach, a search could create points of exposure, allowing unauthorized parties to view bits of data that collectively reveal valuable or damaging intelligence about a company. For example, searches pertaining to a rival company might suggest that a business is looking to complete a merger or acquisition.

Developed by mathematics experts from the U.S. intel community, Enveil's GDPR-friendly technology opens up new opportunities for previously reluctant businesses to leverage the cloud and monetize their data without fearing privacy, liability or compliance repercussions.

Finalists 2018

Akamai Technologies

Enterprise Application Access


Cisco Umbrella


The Enterprise Immune System



Juniper Networks

Sky Advanced Threat Protection (Sky ATP)


SendSafely Dropzone

STASH America

STASH Data Security

Trust Award
Best Computer Forensic Solution

Guidance Software (Now OpenText) for EnCase Forensic, EnCase Endpoint Investigator and EnCase Mobile Investigator

After taking SC Media's top honors in 2017, Guidance Software has once again been awarded Best Computer Forensic Solution for its EnCase products. This past year, however, the company added a new Mobile Investigator solution to complement its EnCase Forensic and Endpoint Investigator software programs.

The new mobile tool allows users to intuitively view, analyze and report on critical mobile evidence, further enhancing Guidance's Software's groundbreaking digital forensics software offerings.

Collectively, the EnCase product line not only benefits government agencies and law enforcement officers in their criminal probes, but also helps corporate investigators looking into HR issues, compliance violations, regulatory inquiries and IP theft.

Indeed, EnCase Forensic allows investigators to efficiently conduct digital analysis on any operating system and parse virtually any file type, while EnCase Endpoint Investigator provides investigators with seamless and discreet remote access to laptops, desktops and servers, without disturbing day-to-day end users. The result is an increase in productivity fueled by process automation and speedy, yet accurate, evidence collection.

Guidance Software customers also save money because EnCase's remote capabilities eliminate the need for investigators to travel and ship equipment to distant locations. Moreover, EnCase eliminates costly outsourcing or staffing fees, as the solutions give corporate investigation teams the ability to handle complex investigations internally with the staff they already have on hand.

Finalists 2018


Forensic ToolKit (FTK)

D3 Security

D3 Digital Forensics Case Management System

Guidance Software (Now OpenText)

Guidance Software (Now OpenText) for EnCase® Forensic and EnCase Endpoint Investigator


PacketSled Platform


The ProtectWise Grid

Trust Award
Best Data Leakage Prevention (DLP) Solution

Symantec for Symantec Data Loss Prevention

The proliferation of cloud applications, mobile/BYOD devices, and third-party services increases organizations' susceptibility to data leaks, account hijackings and data breaches – a troublesome reality that is only exacerbated by a lack of infosec resources.

Symantec Data Loss Prevention addresses these concerns by defending an ever-expanding threat surface area, adding visibility, protection and remediation, all within a single solution and console. It guards sensitive data in both managed and unmanaged environments – whether controlled internally or via third party – and ensures this information is not leaked through shadow applications.

Symantec's solution takes a novel, streamlined approach, allowing customers to create a single policy for email, storage, network, endpoints and cloud applications, as well as manage remediation through a single workflow. Users stand to benefit by ensuring industry and regulatory compliance (including GDPR), accelerating threat response times, conserving resources, and preventing financial and customer loss caused by breaches and other security incidents.

To further help users optimize the solution, Symantec also provides training, on-demand cybersecurity experts, security operations centers via Symantec Cyber Security Services, and outsourcing services.

With Symantec DLP, 90 percent of data loss incidents can be detected, responded to and remediated automatically without intervention from the user company's security staff. And as an organization continues to refine its data loss policies, it takes as little as one full-time employee to maintain a DLP system that monitors up to 25,000 users.

Over time, as data loss policies are refined, as few as 1 FTE can be used to maintain a DLP system that monitors up to 25,000 users.

Finalists 2018


Bitglass DLP


Code42 Security Center

CoSoSys S.R.L.

Endpoint Protector

Digital Guardian

The Digital Guardian Data Protection Platform


Symantec Data Loss Prevention (DLP)

Trust Awards
Best Database Security

Protegrity for Protegrity Database Protector

The Protegrity Database Protector has all the bases covered when it comes to safeguarding stored data from spying eyes.

It covers most major databases – Oracle, DB2, MySQL, MongoDB, Cassandra, Teradata, Exadata and Netezza among them – and is compatible with all leading standard Linux, UNIX, Windows and IBM iSeries and zSeries environments.

Size is also no concern here, as the solution is capable of protecting every node in giant Massively Parallel Processing (MPP) database clusters. And it is certified to run on cloud and virtual environments such as VMware, Xen and Hyper-V.

Offering encryption, tokenization or masking functionality in databases and storage and backup systems, Protegrity Database Protector delivers high transparency to applications using the database, while offering policy-based access controls, monitoring and auditing.

Protegrity operates across all five data silos – database, file storage, Big Data, Software-as-a-Service and Infrastructure-as-a-Service – while offering solutions that provide simple monitoring and alerting; integration of policies across silos; data classification; integrated data discovery; application user access control; and data protection policy enforcement.

Companies who use Protegrity stand to benefit from not only improved data security, but also budgetary savings as a result of more efficient regulatory compliance, reduced manpower needs, and a smaller audit scope.

Protegrity Database Protector provides centralized control of data security policies, while fully supporting separation of duties, which prevents unauthorized employees from accessing sensitive data in the clear. It also integrates with Protegrity's other Data Protector products.

Finalists 2018


Imperva Database Security (SecureSphere Database Firewall and CounterBreach)



Netwrix Corporation

Netwrix Auditor


Protegrity Database Protector

Thales eSecurity

Vormetric Live Data Transformation (LDT)

Trust Awards
Best Deception Technology

Illusive Networks for Core Solution

Like a bank that invites robbers inside, only to hand out fake money bags filled with GPS trackers, companies that employ Illusive Networks' Core Solution are daring cybercriminals to breach their systems, only to lure them into a stealthy trap.

Users of this deception technology already assume malicious hackers are going to get inside the network. The key, however, is to keep attackers away from the organization's crown jewels by sidetracking them with convincing decoys that, once meddled with, trigger an “incident detection” alert and an active forensic collection.

Built to be endpoint-based, rather than an extension of a centralized honeypot architecture, the machine learning-based solution is lightweight, agentless, and highly scalable, serving large environments with as many as 300,000 nodes.

Illusive Networks automatically designs, deploys, updates and manages tailored deceptions based its own interpretation of the business environment it's protecting, including how endpoints are used and any vulnerable attack vectors it foresees. Quick on its feet, it can readily take into account newly introduced assets and other sudden system and server changes, and alter its deceptions accordingly.

Additionally, it offers a risk dashboard that Illusive claims is the first-ever means to quantify the degree of APT risk that an organization faces.

In addition to confirmed intrusion incidents, the Core Solution can also proactively identify and prioritize connection anomalies, policy violations or other suspicious indicators that can degrade a company's hygiene.

Finalists 2018



Attivo Networks

ThreatDefend™ Deception and Response Platform


GuardiCore Centra Security Platform

Illusive Networks

Illusive Networks Core Solution


Symantec Endpoint Protection with Deception

Trust Award
Best Email Security Solution

Agari for Email Trust Platform

Email-based threat behavior is often unpredictable. Genuine business behavior, however, usually isn't.

Bearing that philosophy in mind, Agari's Email Trust Platform protects companies from email threats such as spear phishing, business email compromise scams and ransomware not by anticipating potential attacks from any number of possible vectors, but by recognizing and defending predictably authentic patterns of communication that are deemed to be safe.

This email security tactic also reduces an organization's reliance on employees –who like all people are inherently flawed – to identify cyberattacks that deliberately prey on human perception and identity deception such as display name fraud, domain name fraud and lookalike domain fraud.

Rather than relying on known bad threat behavior to flag email communications – after all, threats constantly evolve – Agari's AI-based solution combines a client's email data sets to develop a model for what legitimate communications look like. From there, it flags any emails that deviate from this model.

Agari's cloud-based solution also stops digital deception tactics that affect outbound email communications, such as phishing and spam campaigns that hijack a company's brand and can damage its reputation. And it streamlines the deployment and implementation of the DMARC (Domain-based Message Authentication, Reporting and Conformance) email authentication standard.

Agari currently protects more than 400 government domains and is used by some of the world's top banks and social media networks. According to Agari, one organization saved more than $1.4 million in call center support over three years by reducing the number of malicious emails its consumers would receive, thereby lowering the number of support calls by 92 percent.

Finalists 2018


Agari Email Trust Platform


FireEye Email Security (EX)


Mimecast Advanced Security


Proofpoint Email Protection



Trust Award
Best Identity Management Solution

Saviynt for Saviynt Identity Governance-as-a-Service

Managing the access rights of thousands of employees can be challenging enough when there's just one single corporate-wide system to log in to. But often in business, the reality is far more complicated, especially when each department's workflow is managed via separate on-premise or cloud-based applications.

And yet, to guard against any unauthorized entry from malicious outsiders or insider threats, access rights and identity management procedures must remain consistent across a company's cloud-based or hybrid environment. That's where Saviynt's Identity Governance-as-a-Service solutions come into play.

Leveraging big data to perform real-time automated risk analysis, Saviynt provides companies with single-pane-of-glass visibility as users attempt to access their applications, data and infrastructure. This helps businesses predict and prevent system compromises, while maintaining proper corporate governance and compliance and managing each employee's privileges on an individual level.

Ordinarily, this might take months of man hours to properly manage. But Saviynt's set of solutions allow for quick and nimble access policy management – not to mention, they are quick to deploy, enabling out-of-the-box management for enterprise applications, cloud environments or data storage platforms.

Additionally, users benefit from Saviynt's ability to natively integrate with cloud services such as AWS in order to analyze security vulnerabilities and misconfigurations. It also provides access to ample cloud data such as usage, raw data, fine-grained entitlements and configuration data.




Privileged Access Management Solution (PAM)


CyberArk Privileged Account Security Solution


Okta Identity Cloud


Saviynt Identity Governance-as-a-Service

Trust Award
Best Managed Security Service

Comodo Group for Comodo ONE

What makes Comodo ONE, Comodo Group's scalable IT management platform for MSPs, SC Media's pick for best-managed security service?

Well, if the ability to access remote monitoring and management, ticketing, and patch management tools all from one single console isn't enough justification, perhaps the cost is what seals the deal…

It's all free.

Which means: MSPs who leverage this platform can allocate the money they are saving on third-party licensing fees toward other investments that can help grow their business. In fact, MSPs can even outsource their out-of-hours client support to Comodo for free.

“The money we're saving on licensing fees and other service costs through Comodo ONE allows us to hire more people and better compete for business,” said Matt Helliwell, company director at Canadian MSP company XL Pro PC.

Which is not to say Comodo hasn't found a way to monetize its centralized platform solution. Indeed, for a discounted licensing fee, Comodo ONE's MSP clients can download numerous add-on applications – some, but not all of which are developed by Comodo – that they, in turn, can offer to their customers.

These apps are managed via Comodo's platform, which helps MSPs reduce operating costs and improve quality of service by automating existing processes, offering a real-time look at customers' data and alerts, and providing advanced endpoint security, web security, data backup and network monitoring and protection.

Comodo also offers its MSP clients year-round 24/7 customer support, and is constantly revising and upgrading its platform to include new functionality and enhancements, based on feedback it receives from its tight-knit user community.

As of the submission date of Comodo's nomination, the company has amassed more than 140,000 managed MSP endpoints.

Finalists 2018

Barracuda Networks

Barracuda NexGen Firewall - MSP (Virtual and Public Cloud)


Comodo ONE


Netsurion Managed Security for Distributed, Multi-Location Businesses


SonicWall Cloud Global Management System (GMS)


SecureAnywhere Business Endpoint Protection

Trust Award
Best Mobile Security Solution

Sophos for Sophos One

The research department at IT security firm Sophos was on pace to track 10 million suspicious Android apps by the end of 2017, 3.2 million of which were malicious in nature.

These eye-opening numbers demonstrate the dire need for Enterprise Mobility Management solutions like Sophos Mobile, which gives companies the tools to manage devices within a comprehensive, integrated endpoint strategy that also includes more traditional endpoints as well as IoT products.

Like its predecessors, the most recent version of the solution, Sophos Mobile 7.1, comes with myriad benefits that reduce total cost of ownership. For starters, it facilitates the remote configuring of BYOD and corporate-owned devices, as well as the installation, removal and managing of the apps running on them. And its intuitive admin workflow and flexible self-service portal reduce the need for time-consuming help desk calls.

To bolster security and guard against device misuse, Sophos offers anti-phishing, web protection and web filtering technologies, and enables containerization of sensitive business email and documents, keeping them separate from personal apps and files.

Sophos Mobile takes just minutes to install, and it can scale on a single on-premises server to accommodate up to 20,000 users. Sophos enforces a one license per user policy, regardless of how many devices any one user owns, which keeps costs down even as device inventory grows.

And by deploying Sophos mobile with the hosted and web-based integrated management platform Sophos Central, companies can manage their mobile devices side by side – with endpoint, network, and server security all accessible via one unified admin interface.

Finalists 2018


Asavie Moda


IBM MaaS360 with Watson






Sophos Mobile

Trust Award
Best NAC Solution

Cisco Systems for Cisco Identity Services Engine

It's designed to centralize and automate the enforcement of role-based network access policies. But perhaps the most important thing that Cisco's Identity Services Engine grants access to is savings.

A recent composite study of four enterprises using ISE to monitor and control access to network resources and applications found that, collectively, the organizations saved 80 percent on IT operational costs and generated a return on investment of 140 percent. Much of this windfall was attributed to avoiding costs associated with perimeter-based solutions, diminishing IT operations costs, lowering the IT operational headcount, and improving network resilience.

A repeat Winner from 2017, Cisco ISE simplifies access control by offering deep and detailed visibility into all users and devices across wired, wireless and VPN connections – combining authentication, authorization, accounting, posture, profiling, device administration and guest management features into a single unified appliance.

The NAC solution shares key contextual details with over 100 integrated technology partners, and in turn these partners send security intel back to ISE, which uses threat and vulnerability feeds to execute rapid threat containment with the assistance of integrated detection solutions.

Additionally, ISE feeds into Cisco's TrustSec solution to help organizations dynamically manage network segmentation policies that limit unnecessary exposure to sensitive data.

Other benefits include faster time-to-market for project roll-out, simplified and automated firewall rule management, and improved regulatory compliance.

Finalists 2018

Aruba, a Hewlett Packard Company

Aruba ClearPass

Bradford Networks

Network Sentry


Cisco Identity Services Engine (ISE)

F5 Networks

BIG-IP Access Policy Manager


Portnox CLEAR

Trust Award
Best Risk/Policy Management Solution

Skybox Security for Skybox Security Suite

In its 2018 Vulnerability and Threat Trends Report, Skybox Security noted that last year saw an average 60 percent increase in exploit samples published online for would-be hackers to adopt. And while not everything in the document was doom and gloom – exploit kit activity was markedly down in 2017, for instance – such numbers still give security professionals plenty of reason to be mindful how vulnerable their organizations are to emerging threats.

With that in mind, Skybox offers its customers the Skybox Security Suite – a collection of integrated security management solutions, accessible via one single platform, that allow users to visualize, control and reduce their attack surface, while centralizing risk and policy management.

Skybox integrates with over 120 networking and security technologies, normalizing and leveraging their vulnerability and threat intelligence data to provide comprehensive and automated risk analysis, measurement and reporting capabilities across physical IT, virtual, multi–cloud and industrial networks.

Its abstracted attack surface models highlight the issues most likely to be targeted by exploits and attacks – perhaps a change to firewall settings, for example – so that remediation efforts can be prioritized.

Meanwhile, same-day audits to determine if companies are meeting both regulatory compliance standards and internal policies can reduce costs by up to 90 percent. Indeed, companies with a 150–firewall deployment can save an estimated $500,000 simply by replacing their biweekly manual firewall audits.

And with a low total cost of ownership starting at $7,170, businesses need not work that their risk management solution is a risk to their coffers.

Finalists 2018


The AlgoSec Security Policy Management Solution

Bay Dynamics

Risk Fabric


Cavirin Automated Risk and Policy Management for the Hybrid Cloud


RiskSense Platform

Skybox Security

Skybox Security Suite

Trust Award
Best SIEM Solution

Securonix for Securonix Next Gen SIEM

Infosec professionals understand that there really can be too much of a good thing. Too much data. Too many tools. Too many threat alerts, too many of which are false positives.

Securonix and its Next Gen SIEM product relieves the burden of “too much,” offering customers a single enterprise solution that churns through high volumes of data, using signature-less, behavior-based analyses to detect and prioritize the true threats to an organization. In so doing, Securonix reduces the number of security alerts by up to 95 percent, which saves time and resources because infosec professionals can respond to the highest risk events, not false alarms.

Leveraging the SIEM solution's comprehensive set of threat models, advanced analytics, and use of both supervised and unsupervised machine learning, customers can glean continuous, real-time security intelligence on internal users, systems and applications through context-based monitoring and up-to-date risk scorecards.

While the solution is often deployed as enterprise software, Securonix also offers its capabilities via MSSP partners and its cloud-based SaaS-only behavior analytics service – two options that make deployment more scalable.

Meanwhile, the cost remains reasonable because the price is contingent on the number of users, rather than volume of data logs, and also because it is deployed on commodity hardware. Indeed, customers typically see up to 70 percent savings when deploying the solution.

Other benefits that contribute to ROI include a reduction in the number of digital assets leaked or shared, better-educated employees, and time savings due to automation.

Finalists 2018


Exabeam Security Intelligence Platform




Securonix Next Gen SIEM


Splunk Enterprise Security

Zoho Corporation Private Limited

ManageEngine Log360

Trust Award
Best Threat Detection Technology

Aruba, a Hewlett Packard Enterprise company, for Aruba IntroSpect

Like a digital Sherlock Holmes, Aruba's eagle-eyed user and entity behavior analytics (UEBA) solution, IntroSpect, notices tiny anomalies and deviations in network activity that more conventional technologies might miss.

IntroSpect uses machine learning-based analytics to automate the detection of attacks, exploits and breaches by keying in on suspicious behavior that strays from established normal baselines – even if the malicious actions are subtle or take place in incremental steps.

The solution leverages over 100 AI-based models to continuously assess risks associated with each user/guest, system and device, as well as identify and remediate threats including phishing, ransomware, lateral movement, data exfiltration, command-and-control communication, account takeovers, privilege escalation and more.

Aruba estimates that customers save roughly $45,000 per month and nearly 30 hours per incident by cutting down on investigations. Indeed, customers say they have been able to resolve single incidents in only 10 minutes, compared to 30 hours using traditional methods.

Moreover, in 2017, Aruba introduced IntroSpect Standing, a new “fast-start” version of the UEBA solution that requires only three data sources.

Cadence Design Systems, an electronic design automation software and engineering services company, uses IntroSpect in conjunction with Aruba's Network Access Control solution, ClearPass. “By adding Aruba IntroSpect UEBA analytics and threat detection capabilities, we will be able to better protect our source code by automating anomaly detection and prioritizing security incidents for faster resolution,” said Faramarz Mahdavi, senior group director of IT operations at Cadence.

ClearPass and IntroSpect also fit into a larger set of integrated solutions that make up Aruba's “360 Secure Fabric.”

Finalists 2018

Aruba, a Hewlett Packard company

Aruba IntroSpect

Barracuda Networks

Barracuda Advanced Threat Protection


Cybereason's Anti-Ransomware and PowerShell Protection


FireEye Network Security Platform (NX)




RSA NetWitness® Suite



Trust Award
Best Threat Intelligence Technology

InfoArmor for VigilanteATITM

Legendary Chinese military strategic Sun Tzu said, “If you know the enemy and know yourself you need not fear the results of a hundred battles.” InforArmor puts this lesson to good use with its VigilanteATITM Advanced Threat Intelligence platform.

This pure human intelligence solution delivers context- and client-specific alerts to clients, warning them of potentially imminent attacks, based on a thorough network security analysis, as well as the latest threat data gathered from myriad dark web and cybercriminal sources.

First, know your enemy: VigilanteATITM security agents search a wealth of sources – including hacker dump sites, underground markets, hacktivist forums, file-sharing portals, threat actor libraries, botnet exfiltrations, data leaks, malware logs, lists of compromised credentials, and various IOCs – to uncover critical information that InfoArmor customers can use to configure their defenses against the highest priority threats, without impacting business continuity.

But organizations also must know themselves better as well. To that end, VigilanteATITM identifies compromised or exploitable external network hosts, and delivers timely alerts that reveal undetected network- and application-level vulnerabilities. It even scans third-party partner and vendor sites and networks for flaws as well.

InfoArmor uses a myriad of techniques to gain valuable insights into a company's vulnerabilities, including a proprietary scan of the IPv4 network, honeypotting, malware analysis, and more.

“VigilanteATI intel is precise, actionable [and] extremely specific,” said one unnamed InfoArmor customer. “Add the operational efficiency we gain from not fighting fires, controlling loss, and the faster remediation time we would have in the event that a ‘fire' should occur, and VigilanteATI surpasses budget expectations.”

Finalists 2018


Open Threat Exchange (OTX)




Cloudera's cybersecurity solution



Recorded Future

Recorded Future

Trust Award
Best UTM Security Solution

Sophos for Sophos XG Firewall

The Sophos XG Firewall United Threat Management solution provides a veritable phalanx of security defenses, all united into a single all-inclusive appliance.

Its feature-rich offering includes anti-virus and anti-malware protection; an intrusion prevention system; web content and URL filtering; application control; email anti-spam, data loss prevention and encryption; a web application firewall with reverse proxy; a secure wireless and hotspot controller; sandboxing; and built-in reporting capabilities.

To simplify control of these myriad functions, Sophos offers customers a centralized real-time dashboard, an intuitive user interface, easily configurable firewall rules, modular capabilities, and plug-and-play Remote Ethernet Devices (REDs) for deployment of secure networking to branch offices. Additionally, the solution benefits from threat intelligence generated by Sophos' SophosLabs division.

In total, Sophos offers 17 different models of its XG Firewall to address the needs of businesses big, small and everything in between. Moreover, the UTM solution integrates with Sophos' endpoint defense solutions, creating a “Synchronized Security” environment in which endpoints and the firewall can share health status, threat intelligence and other telemetry. This allows companies to identify and isolate the source of a potential compromise, infection or breach before it can cause significant harm.

Other unique features include tailored solutions for Infrastructure-as-a-Service (IaaS) public cloud deployments, as well as cloud-based sandboxing. And through Sophos Firewall Manager, organizations can also decrease costs by consolidating the management and reporting of multiple firewalls using one centralized system.

Finalists 2018




SonicWall NSA 2650 Firewall


Sophos XG Firewall

WatchGuard Technologies

WatchGuard Firebox M Series

Trust Award
Best Vulnerability Management Solution

Rapid7 for InsightVM

It may not be possible to eliminate every vulnerability residing in your company's network, but you can reduce the odds of a serious incident by prioritizing the ones causing the greatest risk.

That's why Rapid7's vulnerability management solution, InsightVM, takes an impact-focused approach to remediation. Rather than listing every vulnerability that must be addressed, it instead helps identify the remedial actions that will reduce the most risk in one fell swoop – for instance, applying a specific patch that can fix multiple security issues.

To provide this actionable remediation advice, the solution collects live data from endpoints, servers, cloud environments, containers and virtual devices – including newly discovered devices joining the network – and combines that information with contextual threat intelligence from threat feeds and the Metasploit Project. It also takes into account CVSS scores, exposure to exploits and malware, and user-driven tagging of critical assets.

Data can be accessed and remediation projects can be tracked via live, fully customizable dashboards that can be queried by users ranging from local system admins to corporate-level CISOs. Using InsightVM, organizations can reduce remediation time, increase security team efficiency and reduce total cost of ownership.

Also, by directly orchestrating remediation workflow through an IT ticketing process, the solution helps a company's security and IT teams collaborate more successfully with each other.

InsightVM also saves companies money because it's priced by the number of active assets a customer is looking to scan, meaning there are no additional costs for the use of agents and virtual appliances.

Finalists 2018

Digital Defense

Frontline Vulnerability Manager™




RiskSense Platform

Skybox Security

Skybox Security Suite

Tenable Network Security

Trust Award
Best Web Application Solution

F5 Networks for BIG-IP Application Security Manager and Silverline Web Application Firewall

F5 Networks might be named after the most powerful tornado on the Fujita Scale, but its web application firewall (WAF) offerings help companies calm any impending cyber storms that threaten their web applications and APIs.

The BIG-IP Application Security Manager protects against and mitigates threats such as bots, code injections, denial of service attacks and credential attacks, using a combination of DDoS defenses, advanced detection and mitigation techniques, deep threat analysis, dynamic learning, virtual patching and granular attack visibility.

Meanwhile, its cloud-based Silverline WAF-as-a-service solution allows organizations to leverage these security services and create their own policies without having to invest in any infrastructure of their own. It's available as a fully managed, comprehensive service, or as an express self-service for rapid deployment.

F5's WAF products rely on cutting-edge techniques to quell today's most pressing threats: For instance, they perform fingerprinting and machine learning-based behavior analysis to prevent web scraping and DDoS attacks – automatically routing attempted network- and application-layer DDoS attacks to cloud scrubbing for mitigation. And they provide app-level encryption to defend against credential harvesting attacks.

The WAF solutions can also integrate with vulnerability assessment solutions

In order to provide accurate bug detection and rapid patching. Moreover, the F5 customer portal offers users attack logging, reporting and analytic insights of SOC designed policies, while specialized SOC security experts also make themselves available to Silverline customers on a 24-7 basis.

F5 Networks

F5 Networks Advanced WAF solutions


The Fastly Web Application Firewall (WAF)


SecureSphere Web Application Firewall


Web Application Firewall


NGINX Web Application Firewall (WAF)

Excellence Award
Best Customer Service

CyberScout for LifeStages

According to Javelin Strategy & Research, there were 16.7 million victims of identity fraud in 2017 – a record number that shows consumers still desperately need to be educated about how to best protect their personally identifiable data.

To that end, CyberScout's Identity Management Services offering, LifeStages, helps organizations provide their clients or employees with proactive education, risk-reduction strategies, ID theft protection, privacy management and unlimited 24/7 resolution support. Such services come in the form of direct one-to-one phone and email support from fraud specialists, as well as written materials, online assessment tools, and an online Knowledge Center containing helpful content, news, best practices, tip sheets, videos and more.

In addition, individuals can use CyberScout's ID Risk Compass tool to assess how well they are protecting their PII, simply by answering a few questions.

Consumers typically gain access to these benefits via their insurance company, financial services provider or employer. Indeed, 16 of the top 20 U.S. property and casualty insurance carriers make LifeStages available to their customers.

“During this year our office was a victim of a ransomware attack,” said an anonymous medical professional who was introduced to CyberScout through her practice's insurance company. “The staff at CyberScout has assisted me through the grueling process of notifying the patients and determining what services to offer. Their advice helped us stay within our budget.”

Customers who contact CyberScout's Resolution Center for help with such issues as credit alerts, Social Security fraud and court inquiries will be relieved to hear that 98 percent of calls are answered within 60 seconds, with an average wait time of just eight seconds.

The average CyberScout employee boasts 11 years of experience in the financial and fraud industry – which probably explains why the average customer survey score over the last four years is a near-perfect 99 percent.

Finalists 2018

Barracuda Networks

Barracuda Customer Service




Proofpoint Customer Service


ReliaQuest's Co-Managed Approach to Customer Service


Varonis Data Security Platform

Excellence Award
Best Emerging Technology

Prevoty for Autonomous Application Protection

The DevOps movement continues to put immense pressure on application developers, accelerating deployment cycles and therefore increasing the odds that critical security vulnerabilities may be overlooked. If exploited, these flaws open the door wide open for adversaries to successfully circumvent the defenses of organizations using these apps.

To combat this threat, Prevoty has developed an autonomous runtime application self-protection (RASP) solution that enables applications to monitor themselves and neutralize attacks in real time, at runtime. Autonomous Application Protection ensures that applications remain secure from malicious payloads, despite the presence of bugs that either already exists in the software or are introduced with new or updated versions.

Built to scale with DevOps, the service can be deployed in the cloud or on-premises, and is highly scalable, easily allowing users to processes upwards of 50,000 requests per second. No behavioral learning period is required, and maintenance is minimal.

Prevoty user David Nolan, director of information security at Atlanta-based furniture retailer Aaron's Inc., said that while a web application firewall “requires two full-time staff members dedicated to deployment and support,” Prevoty simply “requires two hours a week from one staff member, and it delivers better protection.”

“Prevoty… has enabled us to move fast and scale while providing enhanced visibility and security as we embed core DevSecOps principles in our organization,” added Almir Hadzialjevic, Aaron's VP of enterprise risk and security.

Finalists 2018

Carbon Black

Cb Defense


Federation - The Only Real-time Automated Phishing Intelligence Sharing

OPAQ Networks

The OPAQ 360 Platform


Prevoty's Autonomous Application Protection

Security Compass

SD Elements


Vectra Cognito


Versive Security Engine

Excellence Award
Best Enterprise Security Solution

CrowdStrike for CrowdStrike Falcon

Talk about your mind-boggling numbers: Every single day, the CrowdStrike Falcon platform analyzes more than 30 billion endpoint events collected from millions of sensors across 176 countries.

Designed to hunt down breaches and other endpoint threats, Falcon delivers real-time protection and visibility to users across the globe, as opposed to mere snapshots in time. It pinpoints not only known signatures and malware, but also fileless, malware-free intrusions – even when hosts are off the network.

Among Falcon's newest innovations are a vulnerability management feature and Falcon Discover, an IT hygiene solution that monitors and inventories systems, application usage and user account activity in real time to help identify any unauthorized actions. The company also recently launched an online tech center with tools, templates and support for customers – an addition that nicely complements its 24/7/365 customer support center.

Moreover, CrowdStrike in 2017 upgraded its artificial intelligence capabilities, introducing enhancing endpoint machine learning to improve its behavior-based threat prevention capabilities. And the company continues to develop its CrowdStrike Falcon Search Engine as well.

CrowdStrike's user base is primarily comprised of mid-sized organizations and large enterprises across a wide spectrum of industries, including three of the 10 largest global companies by revenue. As of Q2 2017, the company says it has seen a 476 percent year-over-year increase in new endpoint protection platform subscriptions.

In 2017, Falcon took home top prize for Best Behavior Analytics/Enterprise Threat Detection.

Finalists 2018

Attivo Networks

ThreatDefend™ Deception and Response Platform


CrowdStrike Falcon


CyberArk Privileged Account Security Solution


The Enterprise Immune System

Dome9 Security

Dome9 Arc platform


Splunk Enterprise Security


Varonis Data Security Platform

Excellence Award
Best Regulatory Compliance Solution

RSA for RSA Archer

As companies race to meet the looming deadline for Europe's sweeping GDPR standards, the stakes to ensure compliance have never seemed so high. And the advantage of RSA's government regulatory compliance (GRC) platform, RSA Archer, has never been so apparent.

Comprised of seven solutions that introduce automation, collaboration and cross-organizational visibility through purpose-built tools (RSA calls them “use cases”), Archer offers expertise in audit management, business resiliency, third-party governance, IT/security risk management, regulatory/corporate compliance management, operational risk management and public sector/federal agency management.

Archer's latest release, version 6.3, introduced two new compliance management use cases that specifically help organizations manage data privacy programs in direct support of GDPR. Now more than ever, companies will benefit from the ability to consolidate multiple regulatory body requirements and develop a sustainable compliance program, while reducing the risk of fines, penalties and reputation damage. Indeed, a recent IDC found that organizations using RSA Archer achieve an average five-year ROI of 496%.

“Implementing RSA Archer was the first step to ISO 22301 [business continuity management] certification at DZBANK. This enables us to meet compliance standards and significantly reduce audit activities each year,” said Thorsten Scheibel, global head of business continuity and crisis management at DZ Bank, in an RSA case study. “Without RSA Archer it would have required more expenditure to reach the certification level.”

Introduced in 2016, RSA's use case pricing and packaging model has helped companies decide which uses cases are best suited for their regulatory needs while staying within budget. Meanwhile, RSA's customer advocacy program dedicates 25 of its support professionals to providing RSA Archer GRC platform support across more than 1,400 worldwide deployments.

Onspring Technologies

Controls & Compliance


Proofpoint Information Protection, Archive, and Compliance


RSA Archer


Data Privacy Management Platform (comprised of the Assessment Manager, Data Flow Manager, Cookie Consent Manager and Website Monitoring Manager modules)


Varonis Data Security Platform

Excellence Award
Best Security Company


The 2017 WannaCry and NotPetya malware attacks disrupted hundreds of organizations and reportedly cost companies like FedEx and Maersk hundreds of millions of dollars. But for organizations shielded by CrowdStrike's comprehensive endpoint protection solution, these incidents were mere blips on the radar screen.

The successful defense against two of last year's biggest threats serve to exemplify the prowess of the highly modular CrowdStrike Falcon Platform, which unifies next-generation anti-virus, endpoint detection and response, security hygiene and threat intelligence. In its quest to prevent data breaches and infections, Falcon identifies not only known signatures and malware, but also malware-free intrusions.

Complementing Falcon's AI engine is OverWatch, an elite force of cyber intrusion detection analysts, investigators and first responders, who act as a managed threat hunting team.

Named SC Media's Best Security Company for the second consecutive year, CrowdStrike has what it describes as an unmatched threat telemetry, with more than 70 billion security events per day. This data feeds into the company's new Falcon Search Engine, which speeds up threat queries, adds accuracy and reduces false positives, while providing a more complete data set. It also comes with Falcon MalQuery, a cloud-based malware research tool that helps info pros efficiently search a massive collection of malware samples.

“CrowdStrike solves our prevention, detection and visibility challenges by unifying next-generation AV and endpoint detection and response (EDR) via a cloud-delivered model,” said David Giambruno, CIO at stock photo company Shutterstock. “Their solution provides us an advanced level of threat protection and visibility into what is happening in our environment via a single agent.”

Falcon's cloud-based architecture allows the solution to be deployed in mere minutes to thousands of endpoints – in one recent case to 77,000 endpoints with no reboots in mere hours.

“In my career, the deployment of CrowdStrike Falcon was perhaps the easiest global security technology rollout I've seen,” said Roland Cloutier, chief security officer at HR management software provider ADP. By leveraging the technology's cloud architecture and CrowdStrike's expertise, we were able to deploy with incredible speed and efficacy. We realized the value immediately.”

CrowdStrike significantly extended its global reach significantly in 2017, expanding operations in Southern Europe, Latin America, and the APAC region, and observing a year-over-year 476 percent increase in new endpoint protection platform subscriptions (or 382 percent when counting only Fortune 500 companies).

According to its official nomination form, CrowdStrike's vision is to “revolutionize the speed, efficacy, and effectiveness of breach prevention in a similar way that Google simplified life and access to information.”

Finalists 2018

Carbon Black







Excellence Award
Best SME Security Solution

Arctic Wolf for AWN CyberSOC

Just because a business is small doesn't mean its security risks aren't huge. Impeded by limited staff, expertise and resources, many small- and medium-sized business crave an all-inclusive Security Operations Center (SOC) that's affordable and fits their needs.

Arctic Wolf's AWN CyberSOC solution supplements SMEs with a combination of machine intelligence and human expertise. The human component comes in the form of a dedicated Concierge Security Engineer (CSE) who for all intents and purposes acts as a direct extension of that company's IT team.

CSEs closely familiarize themselves with their customers' environments and deliver a highly personalized experience, helping organizations with threat hunting, log management, remote forensic analysis, incident response and remediation, and other critical tasks. Customers are not forced to escalate their security concerns through a call center; rather, they phone or email their CSEs, who are further supported by additional specialized Arctic Wolf security personnel.

The CSEs also aid their customers with the implementation of Arctic's managed detection and response (MDR) toolset, which includes Arctic Wolf's Hybrid AI threat detection solution. The cloud-based tool takes just minutes to install and is eminently scalable, keeping costs low. Arctic Wolf's service also includes threat intel subscriptions and CSE assistance with regulatory compliance efforts, including audits required for certifications such as PCI and HIPAA.

To build the equivalent of the service internally I would have had to hire a team of people, and it would have taken 6-12 months to get everything up and running,” said AWN CyberSOC user Chris Rogers, CIO of data processing and preparation company EE Micronix, in a customer testimonial. “Arctic Wolf was up and running in less than a week.”

Finalists 2018

Arctic Wolf



Bitdefender GravityZone


eSentire Managed Detection and Response


Untangle NG Firewall

VIPRE Security

VIPRE Endpoint Security — Cloud Edition

Excellence Award
Rookie Security Company of the Year

XM Cyber

XM Cyber may be a newcomer to the network security space, but its founders are seasoned veterans from the Israeli intelligence community, who used their vast experience to create an AI-based attack simulation platform that thinks and acts like an APT actor.

The automated platform, HaXM, combines critical red team and blue team functionality to create a virtual “purple team” that simulates real hackers' behaviors, identifies hidden attack vectors in real time, and prioritizes the remediation of discovered vulnerabilities before they can be exploited for real.

To enhance the realism and accuracy of HaXM's simulated attack scenarios, XM Cyber's behind-the-scenes research team is constantly analyzing available intelligence to create models of the most common in-the-wild TTPs of active hacking groups. These models take into consideration factors that can increase an organization's risk, including user behavior and accumulated knowledge of the network.

Although it officially launched in March 2018, the platform already counts several large financial institutions among its early customer base, including ING.

As an additional benefit, XM offers an array of customer services, provided by personnel with expertise in not only the platform itself, but also networking and cybersecurity. Whether utilized in large-scale deployments or proof-of-concept tests, HaXM in its short lifespan has already demonstrated its value to companies after successfully uncovering vectors likely to be targeted in future attacks, including unauthorized software products and versions, reused credentials and more.

Finalists 2018

Aqua Security




XM Cyber

Professional  Award
Best Cybersecurity Higher Education Program

University of Maryland University College

Home to the world-champion hacking team the Cyber Padawans, the University of Maryland University College didn't have to pull a Jedi mind trick to convince the SC Award judges that it also lays claim to the best cybersecurity higher education program.

Boasting over 12,000 students and over 400 faculty members, UMUC's cybersecurity education program is the largest in the world. Not only is the university certified as a Center of Academic Excellence in IA Education by the NSA and DHS, but its Digital Forensics program is the first of its kind to be certified by these same two government agencies.

Having recently overhauled its Master of Science cybersecurity degree programs, UMUC places a heavy emphasis on real-world experience and field work over tests and quickly outdated textbooks. (In fact, by eliminating textbooks, the school saves its pupils roughly $14 million annually.)

To pass the program, students are expected to complete projects and develop marketable skills, understand digital strategy and risk, and develop executive presentations and strong writing skills. Classes are offered either online or in hybrid online-offline formats, aided by virtual labs that are accessible to all students – allowing full-time working professionals to partake in the programs during evening hours and earn a 36-credit Masters Degree in a mere 18 months, for under $25,000.

Since the program was revitalized, the number of students who successfully complete the programs has doubled, and the number of pupils earning “A” grades has also increased dramatically. Additionally, education costs have decreased by about $400 per student, per term.

“As a working adult and father of two, the thought of returning to school was extremely daunting. [But] the flexible assignment deadlines offered by the program proved to be a lifesaver,” said graduate student Matthew Nicklin. “Even though I have worked in the information technology career field for over 15 years, I have found the courses at UMUC to be both challenging and engaging… In addition, the technical knowledge I have acquired has increased my confidence level, and I now feel better prepared to take both the CEH exam and CISSP exam.”

Finalists 2018

Champlain College

Iowa State University

Regent University

TCAT Shelbyville

University of Maryland University College

Professional Award
Cybersecurity Student of the Year

Erin Kuffel, Texas A&M University

Erin Kuffel may not have graduated from Texas A&M University just yet, but the undergraduate student is already envisioning her own future in cybersecurity, as well as the futures of those who follow her lead.

“I keep hearing that there's a gap in the cybersecurity field, that there's a void that's not going to be easily filled. But I want to be that person to teach others, to inspire them, and to motivate them to learn and do and follow their passions in cybersecurity,” Kuffel wrote in her self-nomination. “I want to pass my knowledge and experience to those who would one day take my place in the industry so that my mark may be made and this field can continue to protect and defend.

According to Kuffel, she initially pursued cybersecurity because “I figured, as a programmer, I shouldn't be ignorant of the vulnerabilities I could create.” She is now set to graduate this year with a B.S. in computer science and a minor in business administration, cybersecurity, and mathematics.

While she expects to eventually pursue a master's or doctoral program, Kuffel plans to first accrue some valuable hands-on technical experience by working full-time. For her first gig, she has accepted a volunteer position to work at the Department of Defense's U.S. Cyber Command, participating in the NSA's Information Assurance Scholarship Program.

As president of the TAMU Cybersecurity Club, Kuffel oversees general meetings, the club's competition team and its new Cyber Operations Special Unit. Additionally, she spearheaded the creation of a new process to help club members obtain professional training and certifications.

Kuffel also is a security analyst for the TAMU Systems Security Operations Center, helping monitor university member networks for malicious activity, while training and managing fellow analysts. “She now works with true AI-based tools to monitor over 17 different networks,” said Daniel Basile, executive director of the Texas A&M University System, adding that Kuffel recently “took the opportunity to help develop new practices for tier-one triaging of events. These practices decreased the mean time to resolution for security events drastically.”

“I personally expect Erin will continue to be a leader in the cybersecurity industry for the foreseeable future.”

Finalists 2018

Erin Kuffel

Ray Cotton

Professional Award
Best IT Security-related Training Program

Wombat Security Technologies for Wombat Continuous Training Methodology

Cyberthreats never stop, so why should user training? After all, the threats your employees trained for today may evolve by tomorrow.

Wombat Security Technologies certainly doesn't buy into the conventional one-and-done approach. Its Continuous Training Methodology takes a cyclical, multi-faceted approach to teaching best practices, all while emphasizing four points – Assess, Educate, Reinforce and Measure.

The results speak for themselves: Customers who have applied this methodology have reduced the number of successful external phishing attacks and malware infections by as much as 90 percent, with many witnessing a marked improvement in two months or less.

Thanks to Wombat's program, one U.S. utility company experienced a 67 percent reduction in phishing susceptibility, an international manufacturing company saw a 46 percent drop in malware infections, and a northeastern U.S. college observed a 90 percent reduction in successful phishing attacks.

Wombat's research-driven approach leverages Learning Science Principles that help adults better absorb security concepts that they can apply toward their jobs. Users are also privy to a comprehensive library of training resources, including modules that address spear phishing, mobile phishing and ransomware.

Content is typically fun and engaging and helps promote year-round awareness and reinforcement of proper security hygiene. Resources are available in more than 30 languages, and they are kept up to date to reflect the latest market developments such as GDPR.

Additionally, the training program offers advanced reporting features that allow companies to analyze how well the workforce is following recommended security practices.

“We have been using Wombat for over two years now, and one of the reasons we chose to go with them was not just because we felt the product offered more than their competitors technically, but also because the user education experience had the edge with tone, pace and multinational options,” said Lesley Marjoribanks, customer and colleague security awareness manager at the Royal Bank of Scotland. “The product itself is constantly evolving, and there's always something new to offer our colleagues by way of education.”

Wombat currently services more than 2,000 customers across a variety of industry sectors, including finance, manufacturing and professional services.

Finalists 2018

Circadence® Corporation

Idaho National Laboratory



Wombat Security Technologies

Professional Awards
Best Professional Certification Program

ISACA for CISM certification

It goes without saying that information security managers are expected to demonstrate a strong expertise in security technology and processes. But if their initiatives are to win corporate buy-in from the CEO and the boardroom, it's also imperative that these professionals comprehend and communicate exactly how their security projects are going to support overall business objectives.

So when the Information Systems Audit and Control Association – better known as ISACA – developed the only management-level certification program for infosec professionals, it took the unique step of measuring candidates' ability to develop and manage a security program that not only protects a company's valuable assets, but also honors its corporate strategy.

Professionals who earn the global IT association's official designation of Certified Information Security Manager are therefore more likely to convince prospective employers that they can align their security recommendations with the directives of top management.

Such skills apparently pay off: Global Knowledge's 2017 IT Skills and Salary Report listed ISACA's CISM as the second highest paying IT certification, with certificate holders earning an average salary of $122,448.

Founded in 2002, ISACA's CISM program has awarded more than 34,000 certifications to professionals who meet its stringent requirements, which include a minimum of five years of work experience and three years of information security management in several job practice analysis areas. The program requires continuing education to maintain certification, and is frequently updated to reflect shifting job roles and responsibilities within the IT department.

Approaching its 50th anniversary in 2019, ISACA runs more than 215 chapters that provide professionals around the world with local training, professional networking, certification review courses, and opportunities to share best practices.

Last year, ISACA won the same SC Award for its Certified Information Systems Auditor (CISA) certification program.

Finalists 2018

(ISC)² for CISSP

Cloud Security Alliance



Professional Award
Best Security Team

Bank of America for its Global Information Security team

Always innovating, the Global Information Security (GIS) team at Bank of America is striving to set the gold standard in cybersecurity.

In 2017, resourceful GIS staffers filed patents for 48 new technology or processes, and in Q1 alone of that same year, they were awarded 10 such patents. Such advancements are encouraged at the highest levels of the company, with the understanding that they ultimately contribute to corporate business goals and help BoA meet best practices and standards (e.g. NIST).

Over the last few years, GIS team members have compiled a veritable highlight reel of projects, including a new IAM (Identity and Access Management) Program that successfully consolidated 27 separate review systems into just one, and 20 individual request systems into just one.

And in another ambitious initiative, they created a Governance & Policy Ecosystem that gives control owners access to the information they need to respond to auditor and regulator inquiries.

When BoA creates any new product or program, the GIS team is sure to support its development and subsequent rollout. For instance, team members onboarded BoA's web-based document management and storage system SharePoint into the central security database, to enhance controls and reduce the odds of unauthorized access.

They also introduced Zelle, a new person-to-person transfer service that helps customers transfer money safely within minutes, as well as a new cardless ATM machine that reduces card fraud by letting banking customers use the Bank of America mobile app instead. That same BoA app also allows customers to self-lock or unlock their debit cards in real time, in the event of a lost or stolen card.

This past year, GIS also rolled out new anti-phishing tech that ensures every email sent from or on behalf of the bank is authenticated before delivery, and that any emails from a fraudulent source are quarantined or blocked.

But not every innovation is a new technology. The team has also introduced various initiatives to help spread organizational cybersecurity awareness, including a “Connections Rally” where GIS staffers can share their work with fellow employees, data security training for vendors, the development of crisis response playbooks, and spear phishing simulations.

Additionally, BoA and its GIS team have developed diversity programs and talent recruitment partnerships with multiple higher education institutions, the Society of Women in Engineering, NCWIT, Girls Who Code, the Grace Hopper Celebration of Women in Computing, the Executive Women's Forum, and the Houston Military Support and Assistance Group.

Finalists 2018

Bank of America


Idaho National Laboratory


Professional Award
CSO of the Year

Tim McKnight, CSO of Thomson Reuters

Normally, Thomson Reuters employees just get to write the headlines. But the publishing powerhouse's Chief Information Security Officer Tim McKnight made some headlines of its own at the 2018 SC Media Awards when he was named CSO of the Year.

After joining the Toronto-based mass media giant in October 2016, McKnight built a state-of-the-art cybersecurity program in just 12 months, dramatically transforming the organization's security posture from top to bottom by espousing a key enterprise-wide mantra: Don't say “No.” Say “How?”

In other words: find a way.

Under McKnight's leadership, TR launched its first-ever Cyber Fusion Center in just over eight weeks, while doubling the size of the company's security program in fewer than six months. To meet with growing demands, McKnight recruited a diverse and talented workforce, filling key positions in defensive automation, cloud security and cyber intelligence, while improving corporate training regimens. And to further enrich the talent pool, he began sponsoring programs at historically black colleges and universities to develop cyber curriculums and talent pipelines.

Current projects include an effort to embed measurement into the business development process, improve TR's secure development lifecycle in the product space, and ensure regulatory compliance.

But none of this would be possible without first securing buy-in from executives and everyday workers across the $11.2 billion organization – a challenge McKnight achieved by proving himself to be an approachable and inspirational mentor, leader and communicator.

Indeed, TR CEO Jim Smith himself recently told the company that “Cybersecurity is job one” for all employees, while another senior leader asserted that cybersecurity had to be seen as a growth enabler for TR's products and platforms.

Meanwhile, McKnight incentivizes employees to adopt a responsible security mindset through the company's Security Ambassador program and its Security Awareness program – the latter of which was recently enhanced with humorous videos, live web chats, social media content and a new mobile app that communicates real-time intelligence and threat updates.

“Tim has transformed our ISRM group well beyond my expectations. He has moved critical initiatives faster, introduced new ones to protect us and significantly upgraded our team,” said Rick King, EVP and CIO at TR.

McKnight previously served as global CIO and product security officer at General Electric, following stints at Fidelity Investments, Northrop Grumman, BAE Systems and Cisco Systems. He began his career at the FBI, spearheading high-tech crime, corporate espionage and foreign counterintelligence investigations for the agency's National Infrastructure Protection Center.

“Over my 40-plus years of government and private sector experience, I have had the opportunity to work with many talented chief security officers. In my opinion, there are none better than Tim, said General (Ret.) Keith Alexander, former U.S. NSA director. “I have always found him to be hardworking, a great team leader, [and a] thoughtful listener, and he brings great depth of experience to any challenge.”

Finalists 2018

Bank of America

Craig Froelich, CISO, Bank of America

Lower Colorado River Authority

Tim Virtue, Chief Security and Risk Officer, Lower Colorado River Authority

State of Missouri

Mike Roling, CISO, Office of Administration, State of Missouri

Thomson Reuters

Tim McKnight, CISO, Thomson Reuters


Pritesh Parekh, Vice President, Chief

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.