March 1, 2016 • San Francisco
#scawards
2016 SC Awards U.S.
Keepers of the flame Every one of us playing a role in the information security industry would probably agree that this space is on fire. And, most assuredly, it shows no signs of dimming. In fact, as more and more technological advances are made, it’s likely to continue to burn bright. Yet, so too will cybercriminal activity thrive. There’s no light without dark. And it’s because of how prosperous these criminals have become that there are many pundits who would say information security isn’t going to show any marked improvements this year. What’s more in line with today’s trends, say many experts, is that we’re woefully behind in creating strong security technologies. We’re still failing to embrace the concept of building security into our systems from the ground up. We’re continuing to face a lack of support or understanding for appropriate security budget from C-level execs – whose business operations are threatened daily. It’s a dark vision in a hot marketplace. And while there is some truth to inroads made in security being too few this year and, maybe, not happening that much at all, we see a flipside in all the efforts undertaken and achievements being made by an army of skilled information security leaders like you. Sure, information security has a long road ahead. It’s going to continue to be a bumpy trip, but along the way will be moments of blissful victory by people and organizations forging countless strategies and taking well-thought-out actions to reach them. Those moments of triumph and the inventive, tireless professionals and their organizations helping to realize them are the prime targets for tribute year after year through our SC Awards program. By acknowledging the efforts of IT security practitioners, as well as the rookie and long-standing product and service providers that support them, we strive to play our part in fighting back the sometimes wearisome and difficult happenings the industry faces and always will have to confront. In June, we’ll be doing more of the same at our SC Awards U.K. gala that pays homage to IT security leaders in Great Britain and Europe. For some 20 years now, we’ve made this small contribution, and we think that this year’s SC Awards fete in San Francisco, along with our upcoming U.K. event, reveal to your colleagues, bosses, everyday consumers and still others that IT security pros like you play vital roles in keeping virtually every internet-connected activity and business blazing bright. You’re the keepers of a fundamental flame central to today’s global economy. We salute you.
– Illena Armstrong, VP, editorial, SC Magazine
Contents
Judges.................................................................................... 2-3 Sponsors.................................................................................... 4 Welcome from the co-chairman............................................... 5 Trust Awards Best Advanced Persistent Threat (APT) Protection................ 5 Best Behavior Analytics/Enterprise Threat Detection............ 6 Best Cloud Computing Security Solution................................ 6 Best Computer Forensic Solution............................................. 7 Best Data Leakage Prevention (DLP) Solution........................ 7 Best Database Security Solution.............................................. 8 Best Email Security Solution..................................................... 8 Best Fraud Prevention Solution................................................ 9 Best Identity Management Solution......................................... 9 Best Managed Security Service.............................................. 10 Best Mobile Security Solution................................................. 10 Best Multifactor Solution.......................................................... 11 Best NAC Solution.................................................................... 11 Best Risk/Policy Management Solution................................. 12 Best SIEM Solution.................................................................. 12 Best UTM Security Solution.................................................... 13 Best Vulnerability Management Solution............................... 13 Best Web Application Solution................................................. 14 Excellence Awards Best Customer Service............................................................. 14 Best Emerging Technology...................................................... 15 Best Enterprise Security Solution........................................... 15 Best Regulatory Compliance Solution.................................... 16 Best Security Company........................................................... 16 Best SME Security Solution..................................................... 17 Rookie Security Company of the Year..................................... 17 Professional Awards Best Professional Certification Program................................ 18 Best IT-Security-related Training Program............................. 18 Best Security Team.................................................................. 19 CSO of the Year........................................................................ 19 Editor’s Choice......................................................................... 20
EDITORIAL VP, EDITORIAL Illena Armstrong
SC AWARDS 2016
DESIGN AND PRODUCTION
U.S. SALES
ART DIRECTOR Michael Strong
ASSOCIATE EDITOR Teri Robinson
EVENTS DIRECTOR Adele Durham EVENTS MANAGER Maggie Keller
PRODUCTION MANAGER Brian Wask
VP, SALES David Steifman (646) 638-6008
MANAGING EDITOR Greg Masters ONLINE EDITOR Doug Olenick SENIOR REPORTER Bradley Barth SENIOR REPORTER Jeremy Seth Davis CONTENT COORDINATOR Robert Abel
VIRTUAL EVENTS MANAGER Jourdan Davis EVENTS COORDINATOR Anna Naumoski
MANAGEMENT CEO, HAYMARKET MEDIA Lee Maniscalco CFO Donna Santarpia COO John Crewe
EAST COAST SALES DIRECTOR Mike Shemesh (646) 638-6016 WEST COAST SALES DIRECTOR Matthew Allington (415) 346-6460 EVENT SALES DIRECTOR Mike Alessie (646) 638-6002 MARKETING DIRECTOR Karen Koza (646) 638-6169
SC AWARDS 2016 1
SC Awards 2016
The Judges
CO-CHAIR Illena Armstrong VP, editorial, SC Magazine
CO-CHAIR Larry Whiteside Jr. VP, office of the CISO, Optiv
Philip Agcaoili SVP/CISO, Elavon
Roota Almeida head of information security, Delta Dental of NJ
Fernando Angell associate CIO, Los Angeles County Chief Information Office
Scott Angelo CIO, K&L Gates
Becky Bace chief strategist, University of South Alabama; president/ CEO, Infidel
Ron Baklarz CISO, Amtrak
Jennifer Bayuk managing drector, enterprise risk management, Citi
Todd Bell CISO/CIO, GlobalDataLock.com
Bruce Bonsall executive faculty, IANS; independent security consultant
Dennis Brixius VP, risk management and CSO, McGraw Hill Financial
Jeffrey Brown head of information security, risk & compliance, AIG
Miki Calero CSO, state of Ohio
Chris Camacho SVP, Bank of America; CEO and co-founder, NinjaJobs
Jaime Chanaga president, The CSO Board
Yang Chen senior IT security specialist, Ryerson University
Michael Cole enterprise security architect, First Financial Bank
Thomas Dunbar head of information risk management, XL Catlin
Brandon Dunlap global CISO, Black & Veatch
Patricia Edfors VP, information security and compliance, Sirius XM Radio
Cris Ewell CISO, Seattle Children’s
Michael Fabrico principal systems security specialist, NASDAQ
Pamela Fusco CISO, Apollo Group; founding partner, Gid Grid
Clifford Gronauer director, information technology services, MFA Incorporated
Zouhair Guelzim VP and CISO Americas, L’Oréal
John Hellickson president/CISO, InfoSec Advisor
John Johnson global security architect for a Fortune 500 company
SC AWARDS 2016 2
SC Awards 2016
The Judges
Ricardo Lafosse CISO, Cook County Government
Mark Leary VP and CISO, Xerox
Cedric Leighton chairman, Cedric Leighton Associates
Michael Maguire management consultant, M. F. Maguire & Associates
Bob Maley global inspections manager, PayPal
Jim Maloney VP, information security, Vantiv
Randy Marchany CISO, Virginia Tech
Richard Marshall CEO, X-SES Consultants
Pritesh Parekh VP & CSO, Zuora
Mitchell Parker CISO, Temple Health
Daniel Polly director, enterprise information security, First Financial Bank
Jim Reavis CEO, Cloud Security Alliance; president, Reavis Consulting Group
Todd Redfoot CISO, GoDaddy
Jamie Rees senior cybersecurity architect, electrical utility
Randolph Sanovic owner, RNS Consulting
Steve Santorelli director of analysis and outreach and fellow, Team Cymru
Sandra V. Sargent senior operations officer, World Bank
John Shaffer CIO, Greenhill & Co
Daniel Srebnick owner, Technical Merits LLC
Richard Starnes CISO, Kentucky Health Cooperative
Dennis Thibodeaux technical instructor, New Horizons
Hilary M. Wandall associate VP, compliance and chief privacy officer, Merck & Co.
Mark Weatherford SVP, vArmour
Dov Yoran senior director, security business group, Cisco Systems
SC AWARDS 2016 3
SC Awards 2016
The Sponsors SC Magazine thanks all sponsors for their generous support of the SC Awards 2016. Their involvement has made possible this event, which helps raise professional standards in the information security industry worldwide. Barracuda
Network Box
barracuda.com Barracuda simplifies IT with cloud-enabled solutions that empower customers to protect their networks, applications, and data, regardless of where they reside.
networkboxusa.com Network Box USA is a leading managed security services provider (MSSP) in the domestic market.
Digital Guardian
Netwrix
digitalguardian.com Digital Guardian is a next-generation data protection platform purpose built to stop data theft.
netwrix.com Netwrix provides IT auditing software that delivers complete visibility into IT infrastructure changes and data access.
Easy Solutions
Onapsis
easysol.net Easy Solutions is a security provider focused on the comprehensive detection and prevention of electronic fraud across all devices, channels and clouds.
onapsis.com Onapsis provides comprehensive solutions for securing business-critical applications.
eSentire
SecureAuth
esentire.com eSentire deliverers an advanced service tailored to mid-sized enterprise that protects high-risk assets from advanced cyber threats, 24/7.
secureauth.com SecureAuth is a leader in adaptive access control solutions, empowering organizations to determine identities with confidence.
LogRhythm
SentinelOne
logrhythm.com LogRhythm, a leader in security intelligence and analytics, empowers organizations to rapidly detect, respond to and neutralize damaging cyber threats.
sentinelone.com SentinelOne’s next-generation endpoint protection platform stops known and unknown threats using sophisticated machine learning and intelligent automation.
Mix PR
Splunk
mixpublicrelations.com MIX PR is a technology-focused boutique agency that approaches each initiative with a fresh and creative plan of action.
splunk.com Splunk produces software for searching, monitoring and analyzing machine-generated Big Data via a web-style interface
MSLGROUP
Vormetric
mslgroup.com MSLGROUP is a public relations network of companies with specialists in strategic communications and engagement.
vormetric.com Vormetric’s comprehensive highperformance data security platform helps companies protect data wherever it resides.
Netsurion netsurion.com Netsurion provides remotely managed network and data security services for multi-location businesses.
SC AWARDS 2016 4
SC AWARDS 2016
Welcome from the co-chairman In 2005, we saw threats continue to grow at an unprecedented rate. The adversaries we face are getting smarter and more crafty and keeping pace with them is more difficult than ever. It is causing us to rethink the way we do business and forcing information security to be a board level conversation. This year, we saw major financial institutions lose millions of records, high-level government organizations put the public at risk due to the loss of private personal information, health care entities have their data stolen putting lives at risk, and threats to critical infrastructure grow at an alarming rate. We watched the nation make cybersecurity a top national initiative in an effort to stem the tide of intellectual property and private information from being syphoned out of the country. Cybersecurity is slowly grabbing headlines and forcing organizations to discuss it at board meetings, integrate it into an organizational strategy, and market it as a differentiator in an organization’s business and the services they provide. We also saw the release of new technologies and the creation of new capabilities in the cybersecurity market. There is innovation that is changing the way we identify, protect, detect, respond and recover from cyber attacks. Cybersecurity technology companies have had to become outside-the-box thinkers. They have had to find innovative ways to use and integrate capabilities into their products previously not seen in an effort to get ahead of the ever-evolving threat landscape. This year has forced the cybersecurity executive to be more business minded than ever before and to integrate the risk associated with cybersecurity into the overall lexicon of business risk. These same executives have had to learn to be agile in their decision making to fit the business, while also understanding the technical implications that come from the implementation of new technologies. The SC Awards 2016 are here to celebrate the difference makers, the innovators, and those who are leading change in the field of cybersecurity through there individual and team efforts. They represent the very best of of the best. I’m proud to co-host the SC Awards 2016 and to help select and honor all the incredibly innovative nominees and those who are putting their best foot forward. Thank you all for your continued efforts to make the technology, processes and people associated with cybersecurity better everyday. All of your efforts are critical to the continued success of our field as we move forward.
Larry Whiteside
VP, executive advisory services, health care and critical infrastructure, office of the CISO, Optiv
Trust Award
BEST ADVANCED PERSISTENT THREAT (APT) PROTECTION
WINNER FireEye for FireEye Threat Prevention Platform and Services Advanced persistent threats (APTs) require a behavioral approach to detecting malware. Instead of trying to detect malware based on what it is (signature-based), behavioral malware detection relies on what the malware does. The FireEye platform is designed to stop advanced persistent threats. The FireEye Threat Prevention Platform and Dynamic Threat Intelligence (DTI) provides multi-faceted, coordinated defense capabilities to guard against zero-day attacks, unknown malware and APT attacks. The core of the FireEye platform is the patented Multi-Vector Virtual Execution (MVX) engine, which provides dynamic, signature-less and virtualized analysis of today’s advanced cyber attacks. The FireEye DTI enables cyber-
security teams to identify, block, analyze and respond to advanced cyber attacks by giving them the context required to identify threat actors and the indicators of compromise. With the combined technology of MVX and DTI, FireEye provides a comprehensive view of multivector attacks to boost threat protection against known and unknown attacks. FireEye is the only vendor to offer the breadth and depth of signatureless protection across the range of zero-day APT attacks and attack methods. The FireEye Multi-Vector Virtual Execution engine is the only technology that extends to multiple threat vectors to address web, email, mobile and content-based attacks. This enables FireEye to correlate across attack vectors (e.g., spearphising: targeted emails with embedded URLs and/or malicious documents). In February, Gartner released a “Market Guide to Network Sandboxing,” and FireEye is portrayed as the market leader.
Finalists 2016 • Check Point Software Technologies for SandBlast • eSentire for Active Threat Protection • FireEye for FireEye Threat Prevention Platform and Services • Invincea for Invincea Advanced Endpoint Protection • RSA, The Security Division of EMC for RSA Security Analytics
SC AWARDS 2016 5
SC AWARDS 2016
Trust Award
Trust Award
BEST BEHAVIOR ANALYTICS/ENTERPRISE THREAT DETECTION
BEST CLOUD COMPUTING SECURITY SOLUTION
WINNER
WINNER
Gurucul Overwhelmed with security data, analysts are experiencing data fatigue while significant data breaches continue in headlines. Using identity-centric behavioral analytics and access intelligence, Gurucul Risk Analytics (GRA) detects insider threats, cyber fraud and external intruders, plus reduces the attack surface area for access, identities and entitlements. On the second day of using GRA, a manufacturing firm detected two hijacked research accounts. For a financial firm, GRA reduced accounts and entitlements by 83 percent, reducing the surface area often targeted by phishing attacks. Gartner analysts note a 5-to-1 return on investment for UBA tools like GRA. Gurucul pioneered ‘dynamic peer groups’ in GRA using behavioral algorithms. This improves clustering and out-
lier analysis for more accurate behavior patterns resulting in lower false positives (versus static peer groups). GRA also uniquely uses time-based norms within predictive algorithms to recognize newly accepted workflows and operational changes to improve accuracy. Gurucul combines identity access intelligence (IAI) with user behavior analytics (UBA) for additional account and entitlement analytics providing critical context to detect and deter insider threats, account compromise and cyber fraud that competitors miss. GRA uniquely monitors behaviors across users, accounts, applications, access and devices both on-premise and in the cloud. An industry-first, Gurucul’s self-audit capability empowers users to monitor their activity like credit card statements. Gurucul is the only UBA company partnered with CMU CERT for research on insider threats leveraging 10+ years of collected incident data.
Zscaler Firewalls have traditionally been delivered as centralized hardware appliances or software-based solutions. This approach to security made sense years ago, when 90 percent of employees were centrally located and most software applications ran in centralized corporate data centers. But today, users and applications are everywhere. Centralized, hardware-based security appliances no longer provide complete coverage for a distributed, internet, cloud and mobile-first world. On the other hand, Zscaler’s cloud-based next-generation firewall secures the distributed enterprise outside of the corporate data center with ease – where it’s normally too expensive and cumbersome to manage traditional appliancebased next-generation firewalls. It enables protection for all employees, devices and internetconnected things – regardless of their location – while granting
organizations visibility, control and protection for their entire extended enterprise. Firewalls have traditionally been delivered as appliance-based solutions, which are expensive and difficult to deploy and manage. But in today’s cloud-centric world, hardware is no longer relevant. Security must move to the cloud. Zscaler is the only true integrated cloud security platform. It delivers carrier-grade internet security, advanced persistent threat (APT) protection, data loss prevention, SSL decryption, traffic shaping, policy management and threat intelligence – all without the need for on-premise hardware, appliances or software. Zscaler’s cloud-based Next Generation Firewall fills the security whitespace, allowing for better visibility, control and protection for the entire extended enterprise, with a total cost of ownership up to 90 percent lower than hardwarebased protections.
Finalists 2016
Finalists 2016
• Gurucul for Gurucul GRA
• Dell for Dell Cloud Access Manager 8.1
• Masergy Communications for Unified Enterprise Security (UES)
• Illumio for Illumio Adaptive Security Platform
• Rapid7 for UserInsight
• Netskope for Netskope Active Platform
• Splunk for Splunk UBA
• Skyhigh Networks for Skyhigh Cloud Security manager
• Vectra Networks for Vectra Automated Threat Management solution
• Zscaler for Zscaler Next Generation Firewall
SC AWARDS 2016 6
SC AWARDS 2016
Trust Award
Trust Award
BEST COMPUTER FORENSIC SOLUTION
BEST DATA LEAKAGE PREVENTION (DLP) SOLUTION
WINNER
WINNER
Guidance Software Guidance Software’s EnCase software solution is a powerful, judicially accepted, platform that provides the foundation for corporations, government agencies and law enforcement to conduct thorough and effective digital investigations of any kind, whether related to intellectual property theft, incident response, compliance auditing, or responding to e-discovery requests – all while maintaining the forensic integrity of the data. It includes the EnCase Enterprise software platform, which can support the EnCase Endpoint Security and EnCase eDiscovery applications. The product line also includes EnCase Forensic and EnCase Portable. EnCase helps internal investigators conduct more complete investigations than with competitive products thanks to integration with a cloud-based e-discovery review platform, as well as widely adopted security information and event
management (SIEM) tools for automated incident response. The EnCase platform and applications address the requirements of an extremely broad range of users, including security specialists, investigators, computer incident-response teams and litigation specialists. It delivers everything needed to immediately and thoroughly search, collect, preserve and analyze data from servers, workstations, mobile devices and cloud-based data sources. With EnCase, users can be confident in their ability to complete a comprehensive analysis of whatever evidence they may encounter for virtually any business purpose. Moreover, users of the EnCase solution have the ability to customize how it works to more closely match their workflow, adding capabilities to the product to meet specific needs, an ability that no other solution in the market currently offers. For example, EnCase App Central offers over 126 EnScripts and apps that allow users to add functionality and increase productivity.
Secure Islands Data-centric security approaches hold great appeal but have been problematic to deploy and maintain. DLP in particular held promise, but in production revealed two major weaknesses. First, DLP solutions were not particularly adept at data classification, resulting in too many false negatives/positives, which eroded trust in DLP technology. Second, too much data would fall through the cracks, causing damage that couldn’t be undone – further calling the value of DLP into question. Secure Islands’ solution, IQProtector. overcomes these challenges by delivering two key innovations. First, it classifies data on creation (on “save,” “send,” “upload/download,” etc.) at or close to the source. Second, it automatically embeds encryption and usage rights into sensitive data (based on organizational policy) that persist for the life of the data. These two innovations enable data-centric security to be deployed at scale,
Finalists 2016
Finalists 2016
• AccessData for Forensic Toolkit (FTK)
• AirWatch for AirWatch by VMware Enterprise Mobility Management
• Blue Coat Systems for Blue Coat Security Analytics Platform
• Clearswift for Adaptive Redaction
• FireEye for Network Forensics Platform and Investigation Analysis Platform
• Digital Guardian for The Digital Guardian (DG) Data Protection Platform
• Guidance Software for EnCase
• Secure Islands for IQProtector
without breaking the budget and/or network, and without interfering with existing IT or business processes. DLP systems classify data, look for ways it can leave the network and then block those exit points; in essence, securing the data “container.” Secure Islands looks at the data itself – and embeds protection into it. Like DLP systems, Secure Islands automatically classifies data, but in real time, on creation. Instead of restricting the movement of the data, it applies policy-based protection that persists for the life of the data. Competitors either focus on data-centric protection (encryption, masking, tokenization, etc.) but provide no intelligence (i.e., usage rights or classification), or provide intelligence (i.e., classification, albeit highly manual and with limited set of file types), but no protection. Secure Islands applies both intelligence and protection to any file format – and automates both processes, making them much more manageable, auditable and scalable.
• Dell for Dell Data Protection | Encryption
• LogRhythm for Network Monitor
Yuval Eldar, president, Secure Islands
SC AWARDS 2016 7
2015 SC AWARDS SC AWARDS 2016EUROPE
Trust Award
Trust Award
BEST DATABASE SECURITY SOLUTION
BEST EMAIL SECURITY SOLUTION
WINNER
WINNER
Protegrity Organizations face an extraordinary challenge protecting sensitive data according to compliance mandates while also retaining accessibility and high performance. The Protegrity Database Protector is a comprehensive security solution for most major databases, including Oracle, Teradata, DB2, SQL Server and more. It enables column/field level data encryption, tokenization, or masking in databases, storage and backup systems. It also delivers high transparency to applications that use the protected database(s), requiring very few or no modifications. It also employs strong, policy-based access and usage controls, along with monitoring and auditing tools. Protegrity also provides database protectors with additional functionality to deliver protection on every node of a massively parallel processing (MPP) database cluster. This includes the ability to pull policy to the nodes (instead of pushing
from ESA), and collecting and aggregating a massive number of audit logs from every node. MPP databases supported include Teradata, Aster, Pivotal Greenplum Database, and more. Protegrity provides patented Protegrity vaultless tokenization, masking, strong encryption, data-type preserving encryption, and monitoring technologies to allow users to select a protection method that meets the particular needs of the sensitive data, database, and use case for maximum flexibility and transparency. The tool takes full advantage of the processing power offered by the database server and keeps machine cycles to a minimum, thus optimizing performance. Database Protector versions are available to protect data in databases and operating systems. It is compatible with all leading standard Linux, UNIX or Windows environments, as well as IBM iSeries and zSeries environments. Co-engineered, optimized Database Protectors are also available for Teradata Database or Oracle Exadata.
Proofpoint Throughout 2015, high profile data breaches, commonly starting with a credential phishing email, have been in the headlines of newspapers and websites all over the planet. This level of awareness has driven demand for solutions that can not only block malware entering an organization via email, but also accurately prevent credential phishing attacks as an initial incursion to a data breach. Proofpoint Enterprise Protection solution integrates inbound email security with outbound filtering and encryption, secure file share and email continuity. Delivered as a cloud-based SaaS offering, dedicated/virtual appliance, software or hybrid, Proofpoint Enterprise Protection delivers consistent functionality and performance regardless of deployment choice. Proofpoint now protects over half the Fortune 100, and has again been recognized in 2015 by
Gartner as a leader for secure email gateways, almost a decade leading the market. Proofpoint Enterprise Protection integrates seamlessly with Proofpoint Targeted Attack Protection to extend security capabilities to include advanced and highly targeted threats. Granular classification of email into five separate email quarantines (spam, adult, bulk, phishing and suspect) enables end-users to manage their own messages without having access to quarantines that contain messages that could be dangerous (phishing, suspect, etc.). Transparent encryption combined with DLP policy ensures that all sensitive data is either encrypted or prevented from leaving the organization as defined by policy. Data pushed via Secure Share is scanned by policy and encrypted during transmission and at rest with specified expiration dates preventing data residing unmonitored in the cloud.
Finalists 2016
Finalists 2016
• Netwrix for Netwrix Auditor
• Cisco for Cisco’s Email Security Appliance (ESA)
• PHEMI Systems for PHEMI Central Big Data Warehouse
• FireEye for FireEye EX series
• Protegrity for Protegrity Database Protector
• HP Data Security for HP SecureMail
• Trustwave for Trustwave DbProtect
• Proofpoint for Proofpoint Enterprise Protection Solution
• Vormetric for Vormetric Data Security Platform
• ForcePoint for ForcePoint TRITON AP-EMAIL
SC AWARDS 2016 8
SC AWARDS 2016
Trust Award
Trust Award
BEST FRAUD PREVENTION SOLUTION
BEST IDENTITY MANAGEMENT SOLUTION
WINNER
WINNER
Splunk As more business moves online, the patterns of fraud, theft and abuse are often found in an organization’s machine data or log files, just as the patterns of an advanced cybersecurity threat are often revealed in machine data. Authentication systems, firewalls, databases, billing systems and other systems all generate machine data, which likely contain the subtle patterns of fraud when and where fraud exists. Splunk, used by more than 10,000 global customers, is a Big Data platform that can index any type of machine or log data, without up-front normalization, and at massive scale. This data can then be searched, correlated, alerted and reported on in real-time for a wide range of anti-fraud use cases, including fraud investigations, detection, prevention and reporting. Because Splunk is a highly flexible platform, anti-fraud teams can use it to quickly adapt to changing fraud
techniques and to address a wide range of team needs. Splunk differs from traditional anti-fraud tools in several ways: Splunk can index any type of machine data or log files from any source and retain all the original data for searching and reporting. Splunk also leverages a flexible search language that enables a wide range of searches and visualizations, including the detection of outliers and anomalies that might be fraud. Splunk uses a distributed architecture with a flat file data store and no centralized database that could slow performance. It uses distributed search technology for fast searching. It can index 100TB+ of data a day and return search results in seconds. Splunk is a unified solution with a single platform, user interface and data store. The installation is fast and the user interface is intuitive. Thus, time to value is quick and minimal resources are needed to deploy and use Splunk.
Ping Identity Mobility is exploding. Workers expect to work anywhere, any time, from any device. Everyone who touches the enterprise – employees, customers and partners – needs to access business critical apps in this borderless environment quickly, easily and securely. Ping Identity enables organizations to provide better security and seamless access to applications with continuous evaluation of authentication and authorization factors. Ping also provides solutions for a variety of use cases that apply to the workforce, consumers and enterprise partners throughout the supply chain, turning identity into the steel thread that powers access and security for the modern borderless enterprise. Ping Identity secures more than 1.3B identities through multifactor and contextual authentication, single-sign on, federated identity administration and access management.
Ping is the only IAM provider to solve identity challenges for enterprises in all stages of cloud adoption whether they’re 100 percent in the cloud or hybrid so they can keep legacy investments while adopting new technologies. As the enterprise becomes truly borderless due to mobility and the cloud, a new generation of enterprise infrastructure is disrupting the old guard. Security solutions that focus on protecting singular elements of the modern enterprise – such as endpoints, cloud apps, networks or email – are not fully equipped to manage data created by the growing array of devices, systems and workflows. Identity has emerged as the lynchpin that CIOs can incorporate into their security strategies to keep their corporate data safe by making it accessible to the right people at the right time. By focusing on authenticating user identity versus protecting the endpoint, enterprises can be more agile and provide secure access to anything, anywhere.
Finalists 2016 • CyberArk for CyberArk Privileged Account Security Solution • Dell for Dell One Identity Manager 7.0 • Identity Automation for RapidIdentity
Finalists 2016 • Easy Solutions for Total Fraud Protection • Equifax for FraudIQ Manager
• Identiv for Identiv Connected Physical Access Manager (ICPAM) • Ping Identity for Identity Defined Security platform
• RiskIQ for RiskIQ • Sift Science for Sift Science Fraud Prevention
Andre Durand, CEO, Ping Identity
• Splunk for Splunk Enterprise
SC AWARDS 2016 9
2015 SC AWARDS SC AWARDS 2016EUROPE
Trust Award
Trust Award
BEST MANAGED SECURITY SERVICE
BEST MOBILE SECURITY SOLUTION
WINNER
WINNER
Radware Organizations are challenged by an evolving threat landscape resulting in reduced revenues, higher expenses and damaged reputations. As cyberattacks reach a tipping point in terms of quantity, length, complexity and targets, even organizations with by-the-book security programs can be caught offguard. Today’s standard defense technologies are often provided in point solutions. These systems are almost never integrated and require dedicated resources consisting of IT managers and security experts to maintain and synchronize. Radware’s hybrid Attack Mitigation Service combines the requisite technologies for making your business resilient to cyberattacks with on-premise systems and the ability to scale on-demand with a cloudbased scrubbing center. It is a hybrid attack mitigation service that integrates on-premise detection and mitigation with cloud-based volumetric attack
scrubbing. Customers receive always-on DDoS protection with attack mitigation service. DefensePro, Radware’s onpremise defense component, ensures that the datacenter is constantly protected by providing accurate real-time detection and mitigation of multi-vector DDoS attacks, which is not possible using only a cloudbased DDoS solution. In cases of volumetric attacks, it is not possible to use a cloud-based DDoS solution. Attack Mitigation Service enables a smooth transition between mitigation options and assures immediate protection with no disruption gaps and without the addition of the scrubbing center latency. According to Radware’s Emergency Response Team (ERT), it is only in 15 percent of attacks that the pipe is at risk of being saturated. These hybrid protection capabilities ensure that traffic is not diverted unless it is absolutely necessary. As a result, the organization is always fully protected and time to mitigation is measured in seconds.
Finalists 2016
AirWatch by VMware Enterprise Mobility Management With the growing number of mobile devices used for work, accessing corporate resources on-the-go can introduce a significant threat to enterprise security. AirWatch by VMware Enterprise Mobility Management enables businesses to address challenges associated with mobility by providing a simplified, efficient way to view, manage and secure all enterprise devices. With AirWatch, organizations can manage a diverse fleet of devices, regardless of platform, device type or ownership. AirWatch ensures mobility deployments are secure and corporate information is protected with end-toend security for users, devices, applications, content, data, email, networks and more. AirWatch provides real-time device details and continuous compliance monitoring to ensure information is safe. Administrators can access
device information – including feature restrictions, compliance status and encryption status – within a centralized, web-based console. Organizations can also enable advanced encryption on all major devices and platforms, as well as deploy containerized solutions for content, applications and email. AirWatch stands out from its competition because it has the broadest and most flexible mobile ecosystem of any solution on the market. With a fully integrated enterprise mobility management (EMM) suite – including MAM, MDM and MCM – AirWatch offers the most robust feature set to its customers. Cross-platform support is provided for all major mobile and laptop platforms. AirWatch is designed to integrate with existing corporate infrastructure to streamline the deployment and management of devices. AirWatch solutions have been fully developed internally without relying on third-party products.
Attack Mitigation Service Fully Managed Hybrid (Premise & Cloud) Cyber-Attack Mitigation Solution - Whitepaper
• Alert Logic for Alert Logic Cloud Defender • Digital Guardian for The Digital Guardian Managed Security Program • Netsurion for Netsurion remotelymanaged network and data security services • Radware for Attack Mitigation Service • Radware for Hybrid Cloud WAF Service
SHARE THIS WHITEPAPER
Finalists 2016 • AirWatch for AirWatch by VMware Enterprise Mobility Management • INSIDE Secure for Matrix SSE • Proofpoint for Proofpoint Targeted Attacked Protection (TAP) Mobile Defense • Skycure for Skycure Mobile Threat Defense • Wandera for Secure Mobile Gateway SC AWARDS 2016 10
SC AWARDS 2016
Trust Award
Trust Award
BEST MULTIFACTOR SOLUTION
BEST NAC SOLUTION
WINNER
WINNER
RSA, The Security Division of EMC In the data security industry today, the market needs are constantly evolving in response to the changes in technology and also to the IT threat landscape. With the increasing number of data breaches, expanding threat surfaces, an increasing number of devices (Internet of Things) and users that are accessing data, it is a crucial time for organizations to ensure they are properly protecting users – beginning with identity and access management. The RSA SecurID solution protects user identities, devices and applications by using a unique symmetric key combined with a proven algorithm to generate one-time passwords that change every 60 seconds. RSA SecurID supports traditional use cases – such as securing VPN access and network operating systems – and also extends to BYOD, cloud and mobile security use
cases that are increasing in popularity within the enterprise. RSA SecurID offers a wide range of authenticator options, including hardware tokens (key fob and card style), software tokens with QR provisioning capability to support leading mobile platforms (iOS, Android, Windows Phone, BlackBerry, etc.), on-demand (SMS), and risk-based (determined by user behavior). RSA SecurID doesn’t limit a customer to a particular type of authentication method. RSA offers 400-plus fully supported technology integrations with a wide range of applications. The technology integrations are jointly tested by both organizations and are documented to ensure a positive customer experience and rapid deployment. RSA tokens are tested to withstand extreme temperatures, altitudes, humidity levels, etc. RSA authenticators leverage the AES-128 algorithm and are time synchronous – closing after 60 seconds.
Cisco Employees today demand access to work resources from more devices and through more non-enterprise networks than ever before. As the network expands, the complexity of marshaling resources, managing disparate security solutions and controlling risk grows as well. The potential impact of failing to identify and remediate security threats grows exponentially. Cisco ISE gets ahead of secure access violations and breaches with superior visibility and dynamic controls – visibility into the users and devices accessing your network and the control to help ensure that only the right people from the right devices get the right access to the enterprise services they need. The market-leading security policy management platform, Cisco ISE unifies and automates access control to proactively enforce role-based access to enterprise networks and resources, regardless of how a user chooses to connect – by wired or wire-
less networks or VPN. ISE is the market-leading security policy management platform that unifies and automates secure access control for role-based access. Only ISE uses separate security policies from individual network components for central management for streamlined segmentation manageability and access control. ISE delivers superior user and device visibility to enable simplified enterprise mobility, sharing vital contextual data with integrated ecosystem partner solutions using Cisco Platform Exchange Grid technology to accelerate identification, mitigation and remediation of threats. ISE provides accurate identification of every user and device; easy device on-boarding and provisioning; centralized, context-aware policy management; and deeper contextual data about connected users and devices to rapidly identify, mitigate and remediate threats. Superior device profiling and a device profile feed service help to reduce the number of unknown endpoints.
Finalists 2016
Finalists 2016
• MicroStrategy Usher for Usher Mobile Identity Platform
• Cisco for Cisco’s Identity Services Engine (ISE)
• Nok Nok Labs for Nok Nok Labs S3 Suite
• Cryptzone for AppGate
• RSA, The Security Division of EMC, for RSA SecurID
• ForeScout Technologies for ForeScout CounterACT
• SecureAuth for SecureAuth IdP
• Pulse Secure for Pulse Policy Secure
• Yubico for YubiKey NEO
• Trustwave for Trustwave Network Access Control
SC AWARDS 2016 11
2015 SC AWARDS SC AWARDS 2016EUROPE
Trust Award
Trust Award
BEST RISK/POLICY MANAGEMENT SOLUTION
BEST SIEM SOLUTION
WINNER
WINNER
SolarWinds Managing, monitoring and auditing configuration policies on network devices are the top three reasons why IT pros select and use SolarWinds Network Configuration Manager. SolarWinds NCM enforces enterprise configuration policies for network devices including firewalls, routers and switches across heterogeneous networks in the following ways: The product includes out-ofthe box compliance reporting for DSS-PCI, HIPAA, NISTFISMA, SOX and best practices for Cisco and Juniper devices. In addition, customers can also create their own compliance assessment reports. It uses standardized change templates and change control workflows to ensure configuration changes are reviewed, approved and uniformly applied. Further, it actively monitors device configurations in real-time for any changes and either automatically remediate changes or issue alerts. Too, it protects
baseline device configurations using automatic backup and restore capabilities. SolarWinds NCM offers the following unique capabilities: A cross-platform solution for managing configuration changes and compliance reporting for routers, switches, firewalls and wireless controllers from a number of vendors; an affordable licensing, maintenance and an easy-to-use design. Prospects can download, install and be using the product in about 60 minutes. The tool is a part of the SolarWinds IT management suite and fully integrates with other IT management tools, including SolarWinds Network Performance Monitor (NPM), SolarWinds Server and Application Monitor (SAM), SolarWinds Network Traffic Analyzer (NTA), SolarWinds Log and Event Monitor (LEM) and more. This suite offers a unified view of the network and a common framework for proactively identifying and resolving network and systems problems.
Splunk Splunk is a next-generation security intelligence platform used by thousands of security customers for a range of needs, including log management, continuous monitoring, incident investigation and response, security and compliance reporting, fraud detection and real-time correlation and detection of both known and unknown threats. Splunk can index any type of machine or log data without up-front normalization, at massive scale, so all data can be quickly indexed, searched, correlated, analyzed, enriched, alerted, triaged, reported and tracked for security use cases. The Splunk Enterprise Security facilitates SIEM use cases by providing prepackaged dashboards and reports, real-time alerts, incident classification and workflow, risk scoring, analytics and correlation searches, STIX/ TAXII and OpenIOC integrations, app content sharing and a threat intelligence framework. It also offers out-of-the-box sup-
port for common security data sources, including network security, endpoint solutions, malware and payload analysis, network and wire data, and identity and asset management systems. Splunk differs from traditional SIEMS. Splunk is softwareonly and installs on commodity hardware, making it easier to install, upgrade and show value. Business advantages include compliance with governance mandates and quick detection of advanced threats and malicious user activity using threat intelligence. Other advantages include lowering costs of breach response with fast investigation, conviction and cleanup of threats and malware infestation. Splunk rapidly identifies threats and alerts in real time, enabling the security team to contain and remove threats before they spread. Customers gain fast time-to-value because Splunk is a software-only, intuitive-to-use solution, and Splunk Enterprise Security contains pre-built functionality. Users can receive value from Splunk within just hours.
Finalists 2016 • Bay Dynamics for Risk Fabric • SolarWinds for SolarWinds Network Configuration Manager • TraceSecurity for TraceCSO • Trustwave for Trustwave TrustKeeper Compliance Manager • Venafi for Trust Protection Platform
Finalists 2016 • AlienVault for AlienVault Unified Security Management (USM) platform • Hewlett-Packard for HP ArcSight ESM (Enterprise Security Manager) • LogRhythm for Security Intelligence Platform • NTT Com Security US for Advanced Security Operations Center (ASOC) • Splunk for Splunk Enterprise Security 4.0
SC AWARDS 2016 12
SC AWARDS 2016
Trust Award
Trust Award
BEST UTM SECURITY SOLUTION
BEST VULNERABILITY MANAGEMENT SOLUTION
WINNER
WINNER
Sophos Sophos SG Series UTM provides a one-box approach to network, web, email, wireless, web server and endpoint protection, allowing customers to consolidate multiple solutions into a single security gateway. Backed by the intelligence provided by Sophos’ global network of labs, plus numerous other threat data sources, Sophos SG Series UTM offers advanced security features, which are easy to setup and use. Using a single management console, customers can select which security features they want to activate and add further ones at any time. As a fully-featured web security gateway, email gateway, network firewall and wireless management console, Sophos SG Series UTM has enabled our diverse customer base to reduce the number of solutions they need to manage whilst providing enhanced features, such as Advanced Persistent Threat Protection, which even the smallest company can easily deploy.
There is a clear difference in the level of built-in functionality provided with unique features no other vendor offers: Dual anti-virus: Option to scan with both Sophos and Avira engines, unlike competitors where only one engine is available; Mobile access control: Links the UTM directly to Sophos Mobile Control ensuring only trusted mobile devices can access network resources; Web application firewall: With integrated two-factor authentication, making it a perfect replacement for Microsoft TMG; Free central management: Manages multiple UTMs in a distributed environment, other vendors charge for this functionality; Complete email protection: Anti-spam, anti-virus, data leak prevention and built-in email encryption; Over 1,000 built-in reports: Other vendors require separate reporting appliances. Unlike other UTMs, every model size provides the same features, and the UTM can be deployed as hardware, software, virtual, or in the cloud without forfeiting functionality.
Core Security Vulnerability scanners often produce reports the size of phone books, so, overwhelmed by an enormous number of supposedly “high priority” threats, security teams don’t know where to focus remediation efforts. Insight solves that problem by eliminating vulnerability data overload. It consolidates vulnerabilities from across the network, eliminates false positives and prioritizes the rest based on the threat each poses to critical business assets. This list gives teams a clear plan of action that maximizes the efficiency of efforts, ensuring the most critical vulnerabilities are identified and addressed immediately, while time isn’t wasted on those that don’t pose a true threat. Insight leverages attack path technology, determining the most likely attack paths of an adversary and prioritizing an organization’s most critical vulnerabilities accordingly. Users also have the ability to validate vulnerabilities using Core Impact Pro, the most
advanced penetration testing software on the market. SC Magazine’s 2015 review of Core Insight found that: “Its standout features – annual pen-tests, suggested attack paths analysis of pivots, as well as putting pivots in the tested computers themselves – really separates Insight from other products in this category.” Insight puts vulnerability data into business context. Every organization is different – prioritizing vulnerabilities based on the threat they pose to an organization’s critical business assets is essential to ensuring that remediation efforts protect the business. Through its automated testing features and its ability to reduce the scope of vulnerabilities by 90-plus percent, Core Insight creates opportunities for headcount reallocation. In cases where a team of five security experts was once necessary to handle patching, Core Insight can make it possible for one individual to handle this task, and the rest can be moved to other projects.
Finalists 2016
Finalists 2016
• Barracuda for Barracuda NextGen Firewall
• BeyondTrust for Retina CS Enterprise Vulnerability Management
• EdgeWave for EPIC Next Generation Firewall
• Core Security for Core Insight
• Network Box USA for Network Box USA UTM Security Solution
• NopSec for Unified VRM
• RedShift Networks for UCTM Appliances
• Rapid7 for Nexpose
• Sophos for Sophos SG Series UTM
• Tenable Network Security for Nessus Cloud
SC AWARDS 2016 13
2015 SC AWARDS SC AWARDS 2016EUROPE
Trust Award
Excellence Award
BEST WEB APPLICATION SOLUTION
BEST CUSTOMER SERVICE
WINNER
WINNER
F5 Networks BIG-IP Application Security Manager (ASM) is the most agile, scalable web application firewall available, securing web applications in traditional and cloud environments as an appliance, SW or F5 Silverline WAF managed service. ASM addresses emerging threats at the application level. It detects and mitigates application attacks, including DDoS, brute force, XSS and more. It delivers comprehensive protection from web security threats, including SQL injection attacks, JSON payload vulnerabilities, web scraping, and more. BIG-IP ASM secures data center and cloud applications against OWASP top 10 threats and zero-days attacks and also stops automated attacks with proactive defenses that identifies threats on first attempt. With leading Layer 7 DDoS defenses, proactive bot defense and granular attack visibility, ASM identifies sophisticated cyberthreats and stops
attacks before reaching servers. Organizations move application workloads to clouds where ASM virtual solution and F5 Silverline WAF managed service running ASM enables complete app protections with Hybrid WAF. ASM offers unparalleled protection against automated attacks with proactive bot defense distinguishing non-human traffic before it reaches servers and commences attack. Its proactive defense combined with reactive automated attack defenses provides comprehensive protection against unauthorized bot traffic including brute force and web scraping. ASM leads in DAST integration, automatically notifying DAST services when app changes occur, and providing more automated vulnerability patches than any vendor. ASM enables protection that most out-of-band solutions cannot. The tool accurately profiles devices, defends against headless bots that execute JS, protects against CSRF, identifies files containing viruses, and mitigates Layer 7 DoS.
Barracuda Barracuda offers multiple hard copy and online tools to make setup and installation quick and easy for our customers. This includes quick-start guides and installation manuals, as well as more detailed administration guides. This documentation outlines step-by-step processes to get up and running quickly and efficiently, as well as tips and best practices to make the company’s products manuals and/or any supplemental documentation needed for customers to implement and manage the product/service successfully. Barracuda provides documentation that is easy to understand and is effective. In fact, SC Magazine conducted a review of Barracuda Spam Firewall 400 in September 2014 and cited, “The appliance we tested came out of the box with a quick-start sheet. We had the unit up in minutes. One has built-in online help with a decent search function. The
web-based user interface was intuitive. We were able to do everything we needed without the documentation.” Barracuda strives to provide fanatical and awesome customer service with live people always on the receiving end to help trouble shoot – there are no phone trees and no automated service. Barracuda offers 24/7 phone-based technical support as part of the purchase price. Customers also can purchase additional options as part of an annual subscription starting at just under $2,000. Additional tiers include enhanced and premium. With enhanced assistance, customers calling in are placed at the front of the queue. At the premium level, Barracuda will actively monitor the system and alert customers if something goes wrong. Barracuda prides itself on a 99 percent customer renewal rate, which is driven by its exceptional service. It maintains a feedback loop using in-person seminars, user groups, customer feedback forums, and customer surveys.
Finalists 2016 • Alert Logic for Alert Logic Web Security Manager
Finalists 2016
• Barracuda for Barracuda Web Application Firewall
• Barracuda
• F5 Networks for F5 BIG-IP Application Security Manager (ASM) and F5 Silverline Web Application Firewall (WAF) service
• Biscom
• iboss Cybersecurity for iboss Secure Web Gateway
• Protegrity
• Palo Alto Networks for PA-7080
• Rapid7
• CipherCloud
SC AWARDS 2016 14
SC AWARDS 2016
Excellence Award
Excellence Award
BEST EMERGING TECHNOLOGY
BEST ENTERPRISE SECURITY SOLUTION
WINNER
WINNER
SentinelOne SentinelOne Endpoint Protection Platform (EPP) enables enterprises for the first time to deploy next-generation endpoint security and replace anti-virus while ensuring that industry and government regulatory requirements are met. SentinelOne EPP is the only next-generation platform to be certified by AV-TEST to meet regulatory requirements for anti-virus protection. Unlike signature-based security techniques and sandbox technologies that emulate endpoint devices, SentinelOne dynamically tracks each newly-created process on a machine through its lifecycle to prevent malware from evading detection. This breakthrough defends against zero-day malware, advanced exploits, and government-grade malware that uses polymorphic evasion techniques which can bypass traditional security methods. SentinelOne EPP integrates prevention, detection, mitiga-
tion, remediation and forensics for desktops, laptops, tablets, smartphones, VDI, physical and virtual servers, embedded systems like PoS, and critical infrastructure like SCADA. Advanced malware can evade signature-based solutions and detect the presence of emulation-based sandbox technologies. Current approaches to endpoint security leave organizations exposed. SentinelOne is the only next-generation endpoint security solution that is certified to replace anti-virus, while also detecting advanced malware, including zero-day variants. SentinelOne proved this in a recent SC Magazine product test where the banking trojan Zbot was altered, rendering it undetectable to other solutions; SentinelOne not only caught it, but then protected all devices against this new strain, providing autoimmune protection against zero-day threats. Further, SentinelOne’s dynamic exploit protection detects and prevents application and memorybased exploits without relying on static measures.
Cyphort Since exiting the stealth mode in February 2014, Cyphort has seen tremendous quarter over quarter growth, beating expectations each quarter. Since February 2014 the company has grown 300 percent in size, and has won awards and accolades from publications including SC Magazine’s Rookie Security Company of the year 2015. The company is committed to providing customers with an excellent experience and ensuring their long-term success. Its dedicated support team boasts impressive security and networking expertise, gained through hands-on interaction with large-scale security operations in diverse environments. Cyphort is constantly researching current threats and monitoring how they are evolving so that they can provide the most comprehensive protection available. The roadmap entails broadening the ability to detect threats from external sources,
to include internal sources and provide a combined threat detection platform that encompasses multiple components within a single pain of glass. Additional development is underway to optimize flexibility of deployments, allowing customers to use not only virtualized compute environments, but cloud environments, ensuring scalability is available without the need to provision on-premise hardware for customers that are embracing the elasticity capabilities of cloud providers. Cyphort differentiates itself in various ways providing the best possible security solution, giving customers overall advantages in leveraging the investment they have already made in their existing security infrastructure (firewalls, web proxies, IPS/IDS etc). By integrating both internet-threat defense with lateral spread detection, ease of deployment and threat prioritization, customers receive the highest level of protection and return on investment while maximizing traditional security investments.
Finalists 2016
Finalists 2016
• Bay Dynamic for Risk Fabric
• Cisco for Cisco’s AMP Threat Grid
• CipherCloud for CipherCloud Platform
• Cyphort for Cyphort Advanced Threat Defense Platform 3.3
• SentinelOne for SentinelOne Endpoint Protection Platform
• Digital Shadows for Digital Shadows SearchLight
• Soltra for Soltra Edge
• Palo Alto Networks for Palo Alto Networks Next-Generation Security Platform
• Twistlock for Container Security
• Skyhigh Networks for Skyhigh Cloud Security Manager SC AWARDS 2016 15
2015 SC AWARDS SC AWARDS 2016EUROPE
Excellence Award
Excellence Award
BEST REGULATORY COMPLIANCE SOLUTION
BEST SECURITY COMPANY
WINNER
WINNER
RSA, The Security Division of EMC RSA is one of the largest GRC vendors in the market today and RSA Archer has a customer base of more than 1,300 customers. RSA has extensive visibility into the current challenges facing our customers. The company partners with customers to bring relevant, integrated solutions to the market based on frontline experience and best practices. Through working groups, an Executive Forum and a Customer Advisory Council, along with an extensive online community, RSA has engaged customers to help shape the GRC industry for the last decade. The RSA Archer Community has accumulated more than 13,000 members across 43 countries, represented by more than 30 industries. The Community offers more than 9,000 pieces of GRC content for its members. RSA Customer Support consists of 160 staff members across four support centers in the U.S., U.K., India and Australia, and provides sup-
port 24/7/365. Approximately 25 support professionals are dedicated to RSA Archer. The RSA Archer GRC Platform is included in the base price when a customer purchases any of these modules, which are available on a perpetual or subscription basis. Additionally, standard and extended support is available. Major and minor platform releases, as well as the modules, are included within the support agreement. And additional services such as educational training and professional services are available as needed. In addition, the RSA Archer GRC Platform follows a formal release process to address bug fixes. RSA views GRC as a vehicle for an organization to be confident in managing risk to explore new business opportunities. This message resonates with the varied buyer personas as all risk and compliance functions are being driven toward more business-centric efforts with an emphasis on building confidence in the organization’s ability to manage risk.
Cisco Cisco enjoys a leadership position in terms of the strength of its customer base. According to IDC, Cisco is the overall security appliance market leader with 17.6 percent share in vendor revenue. Cisco’s focus on threat-centric security has delivered strong, continued growth. Growing at 8.8 percent year over year, Cisco gained 0.2 share points year over year and 1.0 point compared to the previous quarter. More broadly, more than 87 percent of Fortune 500 companies and over 100,000 companies worldwide are Cisco customers. Cisco is a market leader in software as a service (SaaS), collaboration, unified workspace, security, video, telepresence and more. Cisco delivers the industry’s most comprehensive portfolio of solutions and services for advanced threat protection. Cisco’s threat-centric approach reduces complexity, provides visibility and control
Finalists 2016
Finalists 2016
• Agiliance for RiskVision 7.5
• Cisco
• Netwrix for Netwrix Auditor
• CrowdStrike
• RSA, The Security Division of EMC for RSA Archer GRC
• FireEye
• Tenable Network Security for SecurityCenter
• Palo Alto Networks
• Trustwave for Trustwave TrustKeeper
• Zscaler
and advanced threat protection across the attack continuum – before, during, and after an attack. Cisco is the only security company to offer leading security products for each phase of the attack continuum. Many of Cisco’s security products are individual leaders in their respective categories a For 30 years, Cisco has been focused on helping to change the way the world works, lives, plays and learns. The company solves customers’ most important business challenges by delivering intelligent networks and technology architectures built on integrated products, services, and software platforms. Cisco demonstrates its commitment to providing threat-centric security through continued, significant investment in the development and advancement of its security products, solutions, and services. Cisco has invested billions in security. In the past two years, Cisco has closed the acquisitions of Sourcefire, ThreatGRID, Neohapsis and OpenDNS.
SC AWARDS 2016 16
SC AWARDS 2016
Excellence Award
Excellence Award
BEST SME SECURITY SOLUTION
ROOKIE SECURITY COMPANY OF THE YEAR
WINNER
WINNER
Barracuda Barracuda NextGen Firewalls are already deployed at over 30,000 sustomers protecting and connecting more than 100,000 customer locations across the world. Every year more than 5,000 new next-gen firewalls are deployed with more than 20 percent growth in the Americas. Barracuda strives to provide fanatical and awesome customer service with live people always on the receiving end to help trouble shoot – there are no phone trees or automated service. Barracuda offers 24/7 phonebased technical support as part of the purchase price. Customers can purchase additional options as part of an annual subscription starting at just under $2,000. Additional tiers include enhanced and premium. With enhanced Barracuda support, customers calling in are placed at the front of the queue. At the premium level, Barracuda actively monitors the system and alerts
the customer if something goes wrong. All customers also can access a large support area via the website that includes a knowledge base, user forum, product documentation and other helpful resources. With all-inclusive pricing, organizations can plan their budgets with confidence that there will be no hidden or surprise costs down the line. With Barracuda NextGen Control Center, the company offers one of the most advanced central management solutions available on the market today designed to easily manage thousands of remote locations including configuration and lifecycle management. Barracuda Energize Updates as well as virus signature pattern and IPS pattern updates are sent out hourly, or more frequently if needed, to ensure customers always have the latest and most comprehensive protection. Barracuda NextGen Firewalls receive at least quarterly minor updates providing improvements for usability and stability.
Cybereason Cybereason has a strong customer base, with production deployments in all key verticals – defense, retail, pharma, finance, etc. Growth YoY is about 400 percent. About 40 percent of its customers are Fortune 500 companies, and average deal size is $150,000. The company’s pproach to Endpoint Detection and Response (EDR) has received tremendous validation. In 2015 it was named “Best Emerging Technology” by SC Magazine UK, shortlisted as one of the 10 Most Innovative Companies at RSAC 2015, named one of the “10 Coolest Security Startups of 2015” and an “Emerging Vendor” by CRN; and is one of “12 Hot Security Startups You Need to Know” by Network World. In 2014, Gartner named the company a Cool Vendor. Accolades aside, its strength stems from the fact that it builds products for the people using them. Security teams are way overburdened and understaffed,
and new team members may be smart but are not yet experts. Cybereason products provide smaller security teams with the ability to proactively hunt for attacks at the level of a Lockheed Martin, because it provides the visibility, computational power, context and agility required to execute quickly and accurately. All its support options – email, phone, chat and (when needed) in person, are free. Support calls are not so much about having trouble using the product as much as how to leverage the data to suit needs (i.e., remediation strategies), validating zero days, or helping to analyze data found in Cybereason – not how to use the platform. Finally, its strategic go-to-market partners not only help the company sell, they are intimately familiar with the solution, and use that knowledge to support their customers’ use of Cybereason. Cybereason employs an industry leading R&D team composed of experts in data analytics, frontend and backend developers, user experience and security researchers.
Finalists 2016 • Cybereason • HackerOne • Onapsis • ProtectWise
Finalists 2016 • Barracuda for Barracuda NextGen Firewall • Network Box USA for Network Box USA SME Security Solution
Lior Div, CEO
• Netwrix for Netwrix Auditor
& co-founder,
• TraceSecurity for TraceCSO
Cybereason
• Untangle for NG Firewall
SC AWARDS 2016 17
2015 SC AWARDS SC AWARDS 2016EUROPE
Professional Award
Professional Award
BEST PROFESSIONAL CERTIFICATION PROGRAM
BEST IT SECURITY-RELATED TRAINING PROGRAM
WINNER
WINNER
ISACA A global nonprofit association of 140,000 professionals in 180 countries, ISACA provides leadingedge cybersecurity guidance and research that is shared globally with members and nonmembers through conferences (in-person and virtual), webinars, a bimonthly journal, training courses, social media groups, blogs and research publications. Additionally, ISACA offers a chapter network of more than 200 chapters worldwide, offering IT security professionals local training, professional networking, certification review courses, and opportunities for the exchange of ideas and information. Members are also provided opportunities to take on leadership roles, participate in the development of research publications, and speak at conferences. ISACA created Cybersecurity Nexus (CSX) to help address the global need for skilled cybersecurity professionals. CSX provides
cybersecurity guidance, career development, education, research, credentials and training for professionals at every stage of their careers. Launched this year, CSXP is the first-ever vendor-neutral, performance-based cybersecurity certification. CSXP candidates must demonstrate the ability to be a first responder to cyber incidents. The CSXP exam is conducted in a live virtual lab environment and indicates firewall, patching and anti-virus experience, as well as the ability to implement common security controls and perform vulnerability scans and analysis. To meet continuing professional education requirements, CSXPs must demonstrate skills in a lab or other skills-based environment on an annual basis and retest every three years at the highest level of CSX certification they have achieved. CSXP was developed by a working group of cybersecurity experts and went through a rigorous review by more than 100 experts from around the world.
PhishMe Phishing attacks are commonly used by cybercriminals to gain access into corporate networks. In fact, 91 percent of cyber attacks start with spear phishing. Typical attack scenarios include threat actors sending fraudulent emails via mass deployments or aimed at specific targets through social engineering. These emails appear to be from legitimate sources such as banks, educational strengthen the knowledge of the IT security professional and/or corporate end-user institutions, payment providers and internal employees. They often contain URL links and malicious attachments, disguised as innocent files that when opened can install malware that infects entire systems. AV and email security technologies are no longer sufficient for defense, education and training is becoming a critical component since the threat actors are targeting humans, not systems.
Finalists 2016
Finalists 2016
• International Association of Privacy Professionals for Certified Information Privacy Professional
• Cybrary
• ISACA for CISA • ISACA for CISM
The PhishMe Simulator solution has provided antiphishing training to more than nine million employees in more than 500 enterprises which resulted in end-users and security professionals working together to reduce phishing attack susceptibility. PhishMe provides the only enterprise-focused training of its kind, delivering end-users and security professionals in many of the largest multinational corporations in the world with training that measurably changes user behavior and reduces susceptibility. Users become an active detection layer identifying email-based threats that are evading existing security controls. Using PhishMe are 35 of the Fortune 100 and seven of the top 10 U.S. banks. PhishMe pioneered antiphishing training based on the idea that simulating a real-life phishing attack was the only way to actually set about mitigating the threat of these attacks, and building resilience in an organization’s workforce.
• Global Learning Systems • PhishMe • Security Mentor • Wombat Security Technologies
• ISACA for CSXP • (ISC)² for Certified Information Systems Security Professional (CISSP)
SC AWARDS 2016 18
SC AWARDS 2016
Professional Award
Professional Award
BEST SECURITY TEAM
CSO OF THE YEAR
WINNER Zuora Zuora stores millions of cardholder and PII information and process millions of payment transactions. Zuora Security Office is responsible for all aspects of security, compliance, privacy and risk management. Its security team partners with entire organization to execute on its strategy. It has five functional areas/teams: Infrastructure Security – Responsible for security, integrity and confidentiality of customer information; Product Security – Responsible for security of the product/ services. Also responsible to integrate security as part of SDLC process; Compliance, Privacy and Risk Management – Responsible for all regulatory and industry requirements like PCI, SOC1/2, HIPAA, ISO 27001, and other certification/ attestations; Corp/Internal IT – Responsible for security of endpoints, physical security, corporate systems and application. It offers security awareness for the entire organization;
Field Security – To work with prospects, customers, sales and legal team as part of sales cycle to close security issues for enterprise customer deals. All functions (engineering, technical operations, sales, legal, product, finance, HR and others) integrate with security as part of their routine process, and provide a clear vision, mission and strategy to the entire broader organization. The CEO and the executive team are part of the Security Oversight Committee to manage and address top risks to Zuora and to understand its business impact. The company built an innovative technology solution to solve security problems. Its security team rolled out a threefactor authentication project for accessing Zuora systems and services maintaining security and usability. It gained buy-in and adoption across the organization. Security team has made Security Awareness Program as one of the top priorities for the company. For employee and partners, security awareness is a continuous education process at Zuora.
WINNER Bruce Wignall, CISO, TelePerformance Bruce Wignall became the first CISO of Teleperformance in 2005. The goal as defined by the then CEO and chairman was to become the industry preferred secure partner offering security at least if not more secure than that of its clients. This was a challenging task when one considers the IT security industry presents a unique set of challenges, in particular ensuring the security of hundreds of mostly Fortune 500 clients from across a wide range of industries, including but not limited to, finance, health care, retail, telecommunications and IT. To complicate the challenge, the primary risk is internal, including 175,000 employees with access to highly confidential data and access capabilities within the company’s customer base systems. Bruce built a team of more than 100 security professionals today in 62 countries. The security team includes many roles enabling multiple
professional security career opportunities from junior to specialized skilled set roles. Bruce uses multiple communication channels to improve the security culture. Examples include an entire section on the company intranet dedicated to the Global Essential Security Policies, a new eLearning Security Awareness course and quiz, collateral materials, security awareness video that plays non stop on TVs throughout facilities worldwide, regular announcements from the CISO via email, a channel for Q&A and multi-casts to share instructions throughout the global organization. And, Bruce made a five-minute video of the company’s COO sharing the importance of security at Teleperformance. By creating the Teleperformance Global Security Council with members of the board and other top executives Bruce has raised awareness and forced actions and decisions at this executive level. Security topics are discussed for two hours every two weeks.
Finalists 2016 • Goodwill • Voya Financial • Zuora
Finalists 2016 • Bruce Wignall, CISO, TelePerformance • Michael Echols, CISO, Maricopa County • Michael Roling, CISO, state of Missouri, Office of Administration • Pritesh Parekh, VP, CSO, Zuora SC AWARDS 2016 19
SC AWARDS 2016
Professional Award
EDITOR’S CHOICE
WINNER lnternet Security Alliance We’re delighted to honor the multi-sector trade association cent to $19 billion, Clinton was there to offer a nuanced response Internet Security Alliance (ISA) as our selection for this year’s that praised the moves as steps in the right direction, but urged Editor’s Choice Award. accountability in the manner in which the government invests The ISA was established in 2000 and has since attracted money. big-name members – such as Verizon, Lockheed Martin and “There needs to be better management of the money we are Northrup Grumman, as well as other public companies operating investing in cybersecurity,” Clinton said. “Programs ought to be in aviation, defense, education, subjected to systematic costfinancial services, health care benefit analysis so that we can and manufacturing. document where they are, and The Virginia-based think are not, succeeding.” tank advises White House and For the Winter 2015 ediCongress officials on cybersetion of the Journal of Strategic curity – including the U.S. CySecurity, Clinton penned an ber Security Framework – and extensive article, “Best Pracdoes this via an assortment of tices for Operating Governface-to-face meetings, thought ment-Industry Partnerships leadership white papers and in Cyber Security,” in which public policy. he chastises what he considLarry Clinton, the ISA’s ers the federal government’s president and CEO, has “dysfunctional” initiatives published widely on a number to secure national systems to of cybersecurity topics and further industry-government testifies regularly before Conpartnerships. Surveying and gress and other government assessing past processes, he agencies. offered solutions to strengthen For example, in January, “ambiguous strategy” and expert witnesses from the segenerated a consensus list of curity industry gathered before best practices for successfully a joint hearing held by two operating such partnership subcommittees of the House programs in cybersecurity. Science, Space and Technology But, in a world more interCommittee to discuss ways connected than ever before, in which the federal governadvocacy on this level is not ment – in the wake of several Larry Clinton, president and CEO, Internet Security Alliance (ISA) just an American concern. devastating data breaches, “The Internet Security Alparticularly that of the Office liance is just one example of Personnel Management – could learn about cybersecurity of industry coming together to influence policy on issues of from the private sector. Clinton advocated for more investment in cross-industry importance such as taxes and regulation,” Richard cybersecurity and urged the administration to step up its actions Knowlton, former Vodafone group corporate security direcregarding the nation’s IT security. tor, said when discussions were underway in 2014 to establish a “We believe that the government needs to follow the private spinoff of the ISA in Europe, the Internet Security Alliance for sector’s lead,” Clinton said. “They need to become more educatEurope (ISAFE). ed, more sophisticated and more innovative, and act with greater Knowlton, now chief executive of ISAFE, told SC at the time urgency and commitment with respect to cybersecurity.” that he was instantly in favor of the idea and added that the Further, just earlier this month, when President Obama angroup’s great differentiator is the lack of industry bias. “My first nounced the creation of a federal CISO post and issued proposals thought was ‘this is brilliant, there is nothing like it in Europe,” to strengthen the nation’s IT security while increasing governhe told SC. “Lots of [public body] organizations are more or less ment spending on cybersecurity in the next fiscal year by 35 pergood, but most are not cross-sector or multinational.” SC AWARDS 2016 20
Haymarket Media 114 West 26th Street, 4th Floor New York, N.Y. 10001 Email:
[email protected] Telephone: 646-638-6008 Fax: 646-638-6150 Web: www.scmagazine.com
#scawards
