Acting as a barometer of how the fastest growing IT-related industry has evolved over the years, the SC Magazine Global Awards is the only program of its kind. Now in its ninth year, the event has grown into an international undertaking that concludes with our tributes to industry players directly involved in safeguarding leading enterprises.
The efforts undertaken by our U.S. panel of judges, which saw the participation of 15 leading IT security experts, were immense. This year alone, the SC Magazine Awards U.S. program attracted more product and service nominations than ever before. Winners were chosen across nine main product and service categories comprised of 40 sub-categories as part of our Reader Trust and Excellence Awards, as well as from a list of leading IT security professionals working in the trenches daily as part of our Professional Awards.
Come April 25, during the SC Magazine Awards U.K. Gala, the Best Global Security Company and Best New Security Solution will be announced – a decision in which co-chairs from both the U.S. and U.K. will participate. Indeed, as numbers of categories and nominations in the SC Awards have increased over the years, so too has the judging process become more complex and rigorous.
To be sure, this year's various SC Awards festivities are the culmination of concerted efforts to acknowledge the commitment, time and effort required of our industry's leading information security developers and corporate professionals to keep that momentum going.
So hats off to all of our 2006 SC Magazine Award U.S. winners!
--Illena Armstrong, Editor-in-Chief, SC Magazine
Words from the co-chairs
What a year to be an information security professional! This past year continued to see an escalation in the importance of protecting sensitive information. After a number of very public breaches of trust, corporations, governments and other large organizations are devoting more time to understanding and prioritizing the methods and technologies used to protect their key information assets. New and expanded regulations are creating an increased scrutiny of the controls and processes that are used to manage and monitor the confidentiality, integrity and availability of data, both in and outside the organizational boundaries.
As organizations continue to struggle with these new and unanticipated threats, they are looking to the information security professional to help them manage these risks. The information security community has responded with innovative solutions to help organizations better prepare and respond to this new landscape of risks and regulations. Many of these solutions and leaders in the information security community are being recognized in the SC Magazine Awards for 2006.
So, it is with pride that I'm able to serve as one of the co-chairs of the SC Magazine Awards U.S. for the second year. I have had the opportunity, graciously provided by our hosts and editors at SC Magazine, to serve on the judging panel with some of the most distinguished and experienced information security professionals from the business, government and research fields. We have all enjoyed the pleasure of working with some of the finest organizations in the security community as we have reviewed their solutions and the professionals using them throughout the awards process.
The process has not been easy. Nominations have jumped tremendously as the number of products nominated has increased from 1,000 in 2005 to over 1,300 in 2006. Similarly, the number of companies submitting nominations has increased to over 330 from 300 in 2005.
Yet, most importantly this year, the variety of categories represents a very illustrative cross-section of the needs of today's world.
--Greg Bell, partner, KPMG
As an analyst, I'm often asked to quantify how much time and money companies devote to information security. The problem is, though, that it's getting harder and harder to define exactly what security is these days, never mind work out how much companies spend on it. It used to be that security was security -- easily distinguishable from everything else we did -- but that's no longer the case.
We manage security patches along with every other bugfix. Personal firewalls and anti-spyware are part of the desktop OS. Routers and switches incorporate firewall and intrusion prevention capabilities. Security is now often just one of a laundry list of things an IT professional needs to consider on a daily basis. To me, that's a sign of the maturity of our industry -- security's central to our thinking when we look at IT, not an add-on luxury as in days gone by.
We're doing a lot better at articulating the business value of security too. Nowadays, security pros are much better at identifying the critical risks to their business, working out how to manage them effectively, and articulating where security technology fits into the picture. The vendor community has had to shape up too. Security vendors used to be the ambulance-chasers and undertakers of the IT world. In the clearing smoky aftermath of a virulent worm attack or data compromise, out would step the security salesperson -- business card in hand, trying to mask their glee at the customer's misfortune and their upcoming bonus. But these days, vendors must be able to incontrovertibly show how they enhance the customer's business before they even get a foot in the door.
Not that we haven't got a long way to go, though. In 2006, more business functions will be digitized, and more partners and customers will need access to corporate systems and data. At the same time, however, attacks will get more complex and more nefarious, and purse strings will be tight unless we can effectively demonstrate the benefit of security investments.
As a result, companies demand more intelligent, more usable and more interoperable solutions that can thwart these new attacks while easing the management burden on IT staff. They need to keep up with the ever-increasing demands to share corporate and customer information while making sure it stays in the right hands. They need solutions to real business problems and the ability to provide demonstrable business value of their security program to upper management.
The challenge to the security community is to deliver all of the above, but keep it simple enough for people to understand and implement without needing a Ph.D. With the best and brightest in the IT industry at our disposal, we're surely up to the job.
--Paul Stamp, analyst, Forrester Research