Embed Size (px)
Citation preview
April 17, 2018 • San Francisco
#scawards
SC AWARDS 2016 2
2018 SC Awards
EDITORIALVP, EDITORIAL Illena Armstrong
EXECUTIVE EDITOR Teri Robinson
ONLINE EDITOR Doug Olenick
SENIOR REPORTER Bradley Barth
CONTENT COORDINATOR Robert Abel
SC AWARDS 2018
EVENTS DIRECTOR Adele Durham
EVENTS MANAGER Anna Naumoski
VIRTUAL EVENTS MANAGER Jourdan Davis
DESIGN AND PRODUCTION
ART DIRECTOR Michael Strong
PRODUCTION MANAGER Brian Wask
MANAGEMENTCEO, HAYMARKET MEDIALee ManiscalcoCFO Donna Santarpia COO John CreweCRO Michael Medwig
U.S. SALESVP, GROUP PUBLISHER David Steifman (646) 638-6008
VP, SALESMatthew Allington (707) 651-9367
SENIOR ACCOUNT EXECUTIVEIfe Banner (646) 638-6021
SENIOR ACCOUNT EXECUTIVE Jessica Andreozzi (646) 638-6174
DIRECTOR, STRATEGIC ACCOUNTSRoz Burke (774) 208-3652
DIRECTOR, STRATEGIC ACOUNTS Michael Greenhut (845)-499-9774
BRAND & MARKETING MANAGER Kelsey Schoepfer (646) 638-6137
DIRECTOR OF LEAD GENERATION AND DATA STRATEGY Danielle Azzara
CUSTOM PROJECTS COORDINATOR Samantha Lubey (646) 638-6094
ContentsJudges ................................................................................... 4-6Sponsors ................................................................................... 8Welcome from the co-chair .................................................... 10
Trust AwardsBest Authentication Technology ............................................ 10Best Cloud Computing Security Solution .............................. 11Best Computer Forensic Solution ........................................... 11Best Data Leakage Prevention (DLP) Solution ..................... 12Best Database Security .......................................................... 12Best Deception Technology ..................................................... 13Best Email Security Solution .................................................. 13Best Identity Management Solution ....................................... 14Best Managed Security Service .............................................. 14Best Mobile Security Solution ................................................ 15Best NAC Solution .................................................................. 15Best Risk/Policy Management Solution ................................ 16Best SIEM Solution ................................................................. 16Best Threat Detection Technology .......................................... 17Best Threat Intelligence Technology ....................................... 17Best UTM Security Solution ................................................... 18Best Vulnerability Management Solution .............................. 18Best Web Application Solution ................................................ 19
Excellence AwardsBest Customer Service ........................................................... 19Best Emerging Technology ..................................................... 20Best Enterprise Security Solution .......................................... 20Best Regulatory Compliance Solution ................................... 21Best Security Company .......................................................... 21Best SME Security Solution ................................................... 22Rookie Security Company of the Year.................................... 22
Professional AwardsBest Cybersecurity Higher Education Program .................... 24Cybersecurity Student of the Year ......................................... 24Best IT Security-related Training Program ............................ 25Best Professional Certification Program ............................... 25Best Security Team ................................................................. 26CSO of the Year ....................................................................... 26Editor’s Choice Award ............................................................ 28
Celebrating security’s bestWe’re experiencing some invigorating,
intimidating and perhaps impactful times in the cybersecurity industry.
Right now, given the expanded discourse, one might assume that many companies are not giving short shrift to the priorities of keeping critical data and systems safe. That assumption likely is correct in many cases.
But, ask any CISO at a leading organization or a consultant in the throes of year-long negotiations to support a critical infrastruc-ture company’s apparently existing but superficial security plan, and you’ll learn of some pretty scary scenarios. There just are still too many CEOs and other C-level executives unwilling to give the support, budget and resources necessary to truly protect critical data assets. Yes, there are companies with legions of staff, dollars and tech at their disposal to safeguard their companies. They’re cybersecurity resilience, business continuity and disaster recovery plans are strong and practiced. Others, well, not so much.
I stated last year around this time that we’re at a tipping point of sorts. I think we still are. Yes, our industry is still young and going through some sustained growing pains, but the knowledge of the need to build and continually support robust programs and plans has sprouted and is being nurtured by many, as well.
No doubt that cybersecurity is a pressing, foundational area of need that already is or should be getting embraced by organiza-tions large and small. It is a business enabler, a way for companies to showcase how much they care about their customers and clients.
Our SC Awards Program, here and in the U.K., honors those who champion this fact and show everyday their support and pro-motion of security principals in their own organizations, as well as within their own business markets. It calls out the leading vendors and service providers actually bringing some clarity to a sometimes convoluted market. It showcases the up-and-comers and seasoned players who promote cybersecurity needs in an intricate and grow-ingly internet-enabled global economy.
We congratulate and celebrate them all for our SC Awards program this year and look forward to doing it again next year as we celebrate SC Media’s 30th year in the industry.
– Illena Armstrong, VP, editorial, SC Media
AlienVault® USM Anywhere™ is a unified security monitoring platform for early threat detection, rapid incident response, and simplified compliance management across cloud and on-premises environments.
According to a recent commissioned study by Forrester Consulting, USM Anywhere can help IT security teams improve threat detection and response times by 80% and save 2,000 hours per audit, delivering a 6x ROI over 3 years.
Discover why 7000+ organizations worldwide trust AlienVault USM for their security and compliance needs.
AlienVault.com/RSA2018
80% Faster Threat Detection and Response!
SC Awards 2018The Judges
CO-CHAIRIllena ArmstrongVP, editorial, SC Media
CO-CHAIRTony SagerSVP and chief evangelist, CIS
Roota Almeida head of information security, Delta Dental of NJ and CT
Peter Anderson CIO, executive director of IT, Greater Cleveland Regional Transit Authority
Vikas Bhatia CEO, JustProtect
John Bruggeman CTO, Hebrew Union College
Bill Burke SVP/CIO, Starkey Mortgage
Derrick A. Butts CIO, Truth Initiative
Miki Calero founder, Urbis Global
Benjamin Caudill CEO, Rhino Security Labs
Randy Cress CIO, Rowan County
Laszlo Dellei CSO, Uniqua Insurance
Rick Doten chief, cyber and information security, Crumpton Group
Karen Evans national director, US Cyber Challenge
Russ Finney advisory partner and researcher, itmWEB Group
Oliver Fischer-Samano ICT senior manager, Coesia North America
Jane Frankland managing director, Cyber Security Capital
Ajit Gaddam senior director / chief security architect, Visa
Terry Gold chief analyst & founder, D6 Research
Tyrone Grandison CIO, Institute for Health Metrics and Evalu-ation - University of Washington
Renee Guttman-Stark CISO, Royal Caribbean Limited
Stacey Halota VP, information security, GHCO
Vincent S. Hamm president, Aim High!
Mansur Hasib program chair, cyber-security technology, The Graduate School, University of Maryland University College (UMUC)
Kelly Haydu senior director, Security, Brightcove
Erin Jacobs partner, Urbane Security
John Johnson CEO/founder, Aligned Security
Aaron Kirby SVP, enterprise security solutions, Mastercard
SC AWARDS 2018 4
Elevate Your Vulnerability Management Results with Frontline.Cloud
Industry Recognized
Trust the Original Cloud Security Provider
Unparalleled Expertise and Service• Highly Credentialed Security Operations Team• Dedicated Vulnerability Research Team • Superior Support
Diverse and Easy to Implement Solutions• Vulnerability Scanning• Web Application Scanning• Penetration Testing• Enterprise Risk Assessments• Environmental Assessments• Security Awareness Education
888-273-1412 DigitalDefense.com
Born in the Cloud.Built for the Cloud.
SC Awards 2018The Judges
Erwin Lopez deputy CISO, SLAC National Ac-celerator Laboratory
James MaloneyCISO, AvidXchange
Cecilia Milanezi Neves CISO, region Latin America, Siemens
Zachery Mitcham chief information se-curity and compliance officer, North Carolina Central University
Travis Paaki director, Portland Public Schools
Diana Pan CTO, The Museum of Modern Art
Mitchell Parker executive director, IS, Indiana University Health
Todd Redfoot CISO, GoDaddy
Sandi Roddy sr. cyber analyst, JHU APL
Marcus Sachs SVP and CSO, North American Electric Reliability Corporation
Bob Salomon president, CIO Systems
Randolph Sanovic owner, RNS Consulting
Steve Santorelli director of analysis and outreach, Team Cymru
Daniel Srebnick owner, Technical Merits
Rohini Sulatycki director of security assessments, Dun & Bradstreet
Jamie T Rees senior cybersecurity strategist, NB Power
Priscilla Tate founder & executive director, TechForum
Richard Timbol ISSM / CISO, Davis Polk
John Trest VP of content development, Inspired eLearning
Bart Waress VP, IT, Discovery Natural Resources
Jonas Kriks CIO, ATEL
Christian Kutscherauer director, cybersecurity, MBAF
Chris Lambrou CIO, Metro MLS
Brian Lawhorn corporate VP, CISO, Kroger
Cedric Leighton colonel, USAF (Ret); chairman, Cedric Leighton Associates; CNN Military Analyst
Daniel Lieber president, Innovative Ideas Unlimited
Gary Long regional ISO, Golder Associates
SC AWARDS 2018 6
IS NOW
Cofense™ combines best-in-class incident response
with employee-sourced attack intel. Stop attacks in
progress to stay ahead of breaches. Discover a new
paradigm of cohesion and cooperation. With Cofense,
you’ll experience the power of the collective.
VISIT COFENSE AT RSA CONFERENCE:South Hall Booth #1209North Hall Booth #4601
COFENSE.COM
SC AWARDS 2018 8
SC Awards 2018The Sponsors
SC Media thanks all sponsors for their generous support of the SC Awards 2018. Their involvement has made possible this event, which helps raise professional standards in the information security industry worldwide.
Acalvio Acalvio provides Advanced Threat Defense (ATD) solutions to detect, engage and respond to malicious activity inside the perimeter. The solutions are anchored on patented innovations in Deception and Data Science. This enables a DevOps approach to ATD, enabling ease of deployment, monitoring and management. Acalvio enriches its threat in-telligence by data obtained from internal and partner ecosystems, enabling customers to benefit from defense in depth, reduce false positives, and derive actionable intelligence for remediation.
AlienVault AlienVault® has simplified the way organizations detect and respond to today’s ever evolving threat landscape. Our unique and award winning approach combines our all-in-one platform, AlienVault Unified Security Management®, with the power of AlienVault’s Open Threat Exchange®, making effective and affordable threat detection attainable for resource constrained IT teams.
Arctic WolfArctic Wolf answers the question, “Am I Safe?”, with our turnkey SOC-as-a-service. AWN’s Concierge Security En-gineers improve threat detection by up to 10X, leveraging our hybrid AI, custom rules engine and security optimized data architecture. These innovations provide a superior threat detection and response platform for proactively hunting threats, performing remote forensics analysis of incidents, and delivering actionable remediation recommendations.
Barracuda Barracuda simplifies IT with cloud-enabled solutions that empower customers to protect their networks, applications and data, regardless of where they reside. These powerful, easy-to-use and affordable solutions are trusted by more than 150,000 organizations worldwide and are delivered in appliance, virtual appliance, cloud and hybrid deployment configurations. Barracuda’s customer-centric business model focuses on delivering high-value, subscription-based IT solutions that provide end-to-end network and data protection. For additional information, please visit barracuda.com.
Cofense Cofense™, formerly PhishMe®, is the leading provider of human-driven phishing defense solutions world-wide. Cofense delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. Our collective defense suite combines timely attack intelligence sourced from employees with best-in-class incident response technologies to stop attacks faster and stay ahead of breaches. Cofense customers include Global 1000 organizations in defense, energy, financial services, healthcare and manufacturing sectors that understand how changing user behavior will improve security, aid incident response and reduce the risk of compromise.
Digital Defense Digital Defense, Inc., an industry recognized security risk assessment solutions provider, helps organizations defend data and protect brands. The company’s Frontline. Cloud suite of vulnerability and web application security solutions are underpinned by innovative, patented technology and complemented with unparalleled service and support.
Splunk Splunk’s suite of security solutions, including Splunk® Enterprise Security and Splunk® User Behavior Analytics, sits at the heart of the Security Operations Centers (SOC), to provide security analysts with insight into machine data generated from security technologies such as network, endpoint, access, malware, vulnerability and identity informa-tion. This analytics-driven approach to security helps analysts drive better, faster security decisions, enabling improved threat detection, improved time to resolution and reduced security costs. For more information on Splunk’s SIEM platform, visit the Splunk website.
Thomson Reuters Thomson Reuters is the world’s leading source of news and information for professional markets. Our customers rely on us to deliver the intelligence, technology and expertise they need to find trusted answers. The business has operated in more than 100 countries for more than 100 years. Thomson Reuters shares are listed on the Toronto and New York Stock Exchanges (symbol: TRI). For more information, visit www.thomsonreuters.com.
© 2018 Splunk Inc.
SPOT HIDDEN THREATS FAST.Splunk® solutions give you the power of advanced detection to fi nd threats quickly and turn suspicious activity into zero activity. What can you do with Splunk? Find out at splunk.com/notmagic
AD-Splunk-SIEM(User)-7.75x10.5-101.indd 1 3/20/18 10:10 AM
SC AWARDS 2018 10
SC AWARDS 2018
Trust Award
WINNER Jumio
Picture this: A clever fraud-ster prints out an enlarged copy of a stolen driver’s license, hoping to fool a company’s facial recognition security system. Even though the im-age looks just like the person whose identity is being stolen, the authentication engine still flags the action as fraudulent activity because it knows the image is a duplicate.
That’s the genius behind Ju-mio and its Netverify solution suite, which helps companies conduct secure real-time web and mobile transactions by confirming the authenticity of customers’ faces, documents and ID credentials from over 200 countries mere seconds after they are placed in front of a webcam or smartphone.
Processing more than 200,000 verifications every day, Netverify combines computer vision technology, machine learning, and biometrics with human verification experts
to catch criminals in the act. According to the company, Netverify flags more than 95 percent of detectable fraudu-lent transactions while allowing over 99.9 percent of valid customers to complete their transaction.
With a dataset of 80 million total verifications, and a mas-sive database of fraudulent IDs and identities, Jumio’s Trusted Identity as a Service platform and authentication technolo-gies are helping reduce fraud across industry sectors where verification of customers’ identities is essential – includ-ing financial services, sharing economy services, retail, travel and online gaming.
In addition to hindering fraud, Netverify also decreases customer churn, lowers trans-action times, improves renewal rates, and increases app usage and customer conversions.
BEST AUTHENTICATION TECHNOLOGY Welcome from the co-chairman
From massive government R&D Projects to startups, I have seen a lot of amazing ideas and products in my 42 years in the business we now call cybersecurity. But I think we’re about to enter a new era – the needs and challenges are growing rapidly, but also the opportunity for innovation and massive improvement.
To make significant progress, we need to occasionally stand back from the day-to-day rush-and-repetition of business to find and celebrate breakthrough new products and services. This is what I have always appreciated about the SC Annual Awards Program. It professionally and credibly looks across the entire scope of the industry and helps us all focus in on the things that matter, and that represent new thinking. In this year’s Finalists we see many key features and attributes that we all need in our defenses: better understanding of adversaries and attacks; a tighter “loop” from threat information to defensive action; more integration among tools and services; new defensive tactics; much greater scale and automation for defense; and more emphasis on putting cyber information into a risk decision-making context.
Just as importantly as technology, this event gives us a chance to celebrate the people who create and make great solutions available. While we all spend our professional days steeped in leading edge technology, I’ve been in this business long enough to know that almost anything worthwhile that happens is because the right people got together at the right time: talented, open-minded, sharing ideas, and drawn together to solve both technical and social challenges. My personal connection to this was in 2007, when the group I led at the National Security Agency was named as Editor’s Choice in the SC Annual Awards Program. This brought great attention and sup-port for our work internally at NSA, and also opened up many new professional partnerships with industry. And at the SC Awards gala event that year I made several new professional friendships that continue to this day. I can also tell you that I have worked with great people at many of the companies on the list of Finalists and can’t wait to make some new friends at new companies this year!
– Tony Sagersenior vice-president & chief evangelist
Center for Internet Security
Finalists 2018• Duo Security, Duo Mobile
• Jumio, Jumio
• Ping Identity, PingID
• RSA, RSA SecurID Access
• SecureAuth, SecureAuth IdP
SC AWARDS 2018 11
Trust Award
Finalists 2018• Akamai Technologies, Enterprise Application Access
• Cisco, Cisco Umbrella
• Darktrace, The Enterprise Immune System
• Enveil, Enveil
• Juniper Networks, Sky Advanced Threat Protection (Sky ATP)
• SendSafely, SendSafely Dropzone
• STASH America, STASH Data Security
WINNEREnveil
There are three states of data: data in motion, data at rest, and data in use. Each has its own security challenges. But from a cloud computing point of view, data in use has been especially difficult to secure, historically forcing users to employ inefficient workarounds, obfuscate their intentions, implement perim-eter defenses or isolate their computing environments.
Convinced there’s a better way, Enveil helps cloud users protect their sensitive informa-tion by using homomorphic encryption to ensure data in the cloud always remains encrypted even when it’s be-ing actively used to perform operations such as searches and analyses.
Consequently, authorized employees can actively utilize their data without having to worry about the content or results of their inquiries
being revealed in the cloud, on premise or anywhere in between.
Without this “Never Decrypt” approach, a search could create points of expo-sure, allowing unauthorized parties to view bits of data that collectively reveal valuable or damaging intelligence about a company. For example, searches pertaining to a rival company might suggest that a business is looking to complete a merger or acquisition.
Developed by mathematics experts from the U.S. intel community, Enveil’s GDPR-friendly technology opens up new opportunities for previously reluctant businesses to leverage the cloud and mon-etize their data without fearing privacy, liability or compliance repercussions.
BEST CLOUD COMPUTING SECURITY SOLUTION
Trust Award
WINNERGuidance Software (Now OpenText) for EnCase Forensic, EnCase Endpoint Investigator and EnCase Mobile Investigator
After taking SC Media’s top honors in 2017, Guidance Software has once again been awarded Best Computer Fo-rensic Solution for its EnCase products. This past year, how-ever, the company added a new Mobile Investigator solution to complement its EnCase Foren-sic and Endpoint Investigator software programs.
The new mobile tool al-lows users to intuitively view, analyze and report on critical mobile evidence, further en-hancing Guidance’s Software’s groundbreaking digital foren-sics software offerings.
Collectively, the EnCase product line not only benefits government agencies and law enforcement officers in their criminal probes, but also helps corporate investigators looking
into HR issues, compliance violations, regulatory inquiries and IP theft.
Indeed, EnCase Forensic al-lows investigators to efficiently conduct digital analysis on any operating system and parse virtually any file type, while EnCase Endpoint Investigator provides investigators with seamless and discreet remote access to laptops, desktops and servers, without disturb-ing day-to-day end users. The result is an increase in productivity fueled by process automation and speedy, yet ac-curate, evidence collection.
Guidance Software custom-ers also save money because EnCase’s remote capabili-ties eliminate the need for investigators to travel and ship equipment to distant locations. Moreover, EnCase eliminates costly outsourcing or staffing fees, as the solutions give cor-porate investigation teams the ability to handle complex cases internally with the staff they already have on hand.
BEST COMPUTER FORENSIC SOLUTION
SC AWARDS 2018
Finalists 2018• AccessData, Forensic ToolKit (FTK)
• D3 Security, D3 Digital Forensics Case Management System
• Guidance Software (Now OpenText), Guidance Software (Now OpenText) for EnCase® Forensic and EnCase Endpoint Investigator
• PacketSled, PacketSled Platform
• ProtectWise, The ProtectWise Grid
SC AWARDS 2018 12
SC AWARDS 2018
Trust AwardTrust Award
WINNERSymantec for Symantec Data Loss Prevention
The proliferation of cloud applications, mobile/BYOD devices, and third-party ser-vices increases organizations’ susceptibility to data leaks, account hijackings and data breaches – a troublesome real-ity that is only exacerbated by a lack of infosec resources.
Symantec Data Loss Preven-tion addresses these concerns by defending an ever-expand-ing threat surface area, adding visibility, protection and remediation, all within a single solution and console. It guards sensitive data in both managed and unmanaged environments – whether controlled internally or via third party – and ensures this information is not leaked through shadow applications.
Symantec’s solution takes a novel, streamlined approach, allowing customers to create a single policy for email, stor-age, network, endpoints and cloud applications, as well as manage remediation through
a single workflow. Users stand to benefit by ensuring industry and regulatory compliance (including GDPR), accelerating threat response times, conserv-ing resources, and preventing financial and customer loss caused by breaches and other security incidents.
To further help users opti-mize the solution, Symantec also provides training, on-demand cybersecurity experts, security operations centers via Symantec Cyber Security Ser-vices, and outsourcing services.
With Symantec DLP, 90 percent of data loss incidents can be detected, responded to and remediated automati-cally without intervention from the user company’s security staff. And as an organization continues to refine its data loss polices, it takes as little as one full-time employee to maintain a DLP system that monitors up to 25,000 users.
BEST DATA LEAKAGE PREVENTION (DLP) SOLUTION
WINNERProtegrity for Protegrity Database Protector
The Protegrity Database Protector has all the bases covered when it comes to safeguarding stored data from spying eyes.
It covers most major data-bases – Oracle, DB2, MySQL, MongoDB, Cassandra, Teradata, Exadata and Netezza among them – and is compat-ible with all leading standard Linux, UNIX, Windows and IBM iSeries and zSeries envi-ronments.
Size is also no concern here, as the solution is capable of protecting every node in giant Massively Parallel Processing (MPP) database clusters. And it is certified to run on cloud and virtual environments such as VMware, Xen and Hyper-V.
Offering encryption, tokeni-zation or masking functional-ity in databases and storage and backup systems, Protegrity Database Protector delivers high transparency to applica-tions using the database, while
offering policy-based access controls, monitoring and auditing.
Protegrity operates across all five data silos – database, file storage, big data, software-as-a-service and infrastructure-as-a-service – while offering solutions that provide simple monitoring and alerting; inte-gration of policies across silos; data classification; integrated data discovery; application user access control; and data protection policy enforcement.
Companies who use Proteg-rity stand to benefit from not only improved data security, but also budgetary savings as a result of more efficient regula-tory compliance, reduced man-power needs, and a smaller audit scope.
Protegrity Database Protec-tor provides centralized con-trol of data security policies, while fully supporting separa-tion of duties, which prevents unauthorized employees from accessing sensitive data in the clear. It also integrates with Protegrity’s other Data Protec-tor products.
BEST DATABASE SECURITY
Finalists 2018• Bitglass, Bitglass DLP
• Code42, Code42 Security Center
• CoSoSys S.R.L., Endpoint Protector
• Digital Guardian, The Digital Guardian Data Protection Platform
• Symantec, Symantec Data Loss Prevention (DLP)
Finalists 2018• Imperva, Imperva Database Security (SecureSphere Database
Firewall and CounterBreach)
• Informatica, Secure@Source
• Netwrix Corporation, Netwrix Auditor
• Protegrity, Protegrity Database Protector
• Thales eSecurity, Vormetric Live Data Transformation (LDT)
2015 SC AWARDS EUROPE
SC AWARDS 2018 13
Trust Award
WINNERIllusive Networks for Core Solution
Like a bank that invites robbers inside, only to hand out fake money bags filled with GPS trackers, companies that employ Illusive Networks’ Core Solution are daring cybercrimi-nals to breach their systems, only to lure them into a stealthy trap.
Users of this deception technology already assume malicious hackers are going to get inside the network. The key, however, is to keep attackers away from the organization’s crown jewels by sidetracking them with convincing decoys that, once meddled with, trig-ger an “incident detection” alert and an active forensic collection.
Built to be endpoint-based, rather than an extension of a centralized honeypot archi-tecture, the machine learning-based solution is lightweight, agentless, and highly scalable, serving large environments with as many as 300,000 nodes.
Illusive Networks automati-cally designs, deploys, updates and manages tailored decep-tions based its own interpreta-tion of the business environ-ment it’s protecting, including how endpoints are used and any vulnerable attack vectors it foresees. Quick on its feet, it can readily take into account newly introduced assets and other sudden system and server changes, and alter its decep-tions accordingly.
Additionally, it offers a risk dashboard that Illusive claims is the first-ever means to quan-tify the degree of APT attack risk that an organization faces.
In addition to confirmed intrusion incidents, the Core Solution can also proactively identify and prioritize con-nection anomalies, policy violations or other suspicious indictors that can degrade a company’s hygiene.
BEST DECEPTION TECHNOLOGYTrust Award
WINNERAgari for Email Trust Platform
Email-based threat behavior is often unpredictable. Genuine business behavior, however, usually isn’t.
Bearing that philosophy in mind, Agari’s Email Trust Platform protects compa-nies from email threats such as spear phishing, business email compromise scams and ransomware not by anticipat-ing potential attacks from any number of possible vectors, but by recognizing and defending predictably authentic patterns of communication that are deemed to be safe.
This email security tactic also reduces an organization’s reliance on employees – who like all people are inherently flawed – to identify cyberat-tacks that deliberately prey on human perception and identity deception such as display name fraud, domain name fraud and lookalike domain fraud.
Rather than relying on known bad threat behavior to flag email
communications – after all, threats constantly evolve – Agari’s AI-based solution combines a client’s email data sets to develop a model for what legitimate communications look like. From there, it flags any emails that deviate from this model.
Agari’s cloud-based solution also stops digital deception tactics that affect outbound email communications, such as phishing and spam campaigns that hijack a company’s brand and can damage its reputation. And it streamlines the deploy-ment and implementation of the DMARC (Domain-based Mes-sage Authentication, Report-ing and Conformance) email authentication standard.
Agari currently protects more than 400 government domains and is used by some of the world’s top banks and social media networks. According to Agari, one organization saved more than $1.4 million in call center support over three years by reducing the number of malicious emails its consumers would receive, thereby lowering the number of support calls by 92 percent.
BEST EMAIL SECURITY SOLUTION
Finalists 2018• Agari, Agari Email Trust Platform
• FireEye, FireEye Email Security (EX)
• Mimecast, Mimecast Advanced Security
• Proofpoint, Proofpoint Email Protection
• Zix, ZixProtect
Finalists 2018• Acalvio, ShadowPlex
• Attivo Networks, ThreatDefend™ Deception and Response Platform
• GuardiCore, GuardiCore Centra Security Platform
• Illusive Networks, Illusive Networks Core Solution
• Symantec, Symantec Endpoint Protection with Deception
SC AWARDS 2018
SC AWARDS 2018 14
SC AWARDS 2018
Trust Award Trust Award
Finalists 2018• Barracuda Networks, Barracuda NexGen Firewall -
MSP (Virtual and Public Cloud)
• Comodo, Comodo ONE
• Netsurion, Netsurion Managed Security for Distributed, Multi-Location Businesses
• SonicWall, SonicWall Cloud Global Management System (GMS)
• Webroot SecureAnywhere Business Endpoint Protection
WINNERComodo Group for Comodo ONE
What makes Comodo ONE, Comodo Group’s scalable IT management platform for MSPs, SC Media’s pick for best man-aged security service?
Well, if the ability to access remote monitoring and manage-ment, ticketing, and patch man-agement tools all from one single console isn’t enough justification, perhaps the cost is what seals the deal…It’s all free.
Which means: MSPs who leverage this platform can al-locate the money they are saving on third-party licensing fees toward other investments that can help grow their business. In fact, MSPs can even outsource their out-of-hours client support to Comodo for free.
“The money we’re saving on licensing fees and other service costs through Comodo ONE al-lows us to hire more people and better compete for business,” said Matt Helliwell, company director at Canadian MSP com-pany XL Pro PC.
Which is not to say Comodo hasn’t found a way to monetize its centralized platform solution. Indeed, for a discounted licens-ing fee, Comodo ONE’s MSP clients can download numerous add-on applications – some, but not all of which are developed by Comodo – that they in turn can offer to their customers.
These apps are managed via Comodo’s platform, which helps MSPs reduce operating costs and improve quality of service by automating existing processes, offering a real-time look at customers’ data and alerts, and providing advanced endpoint security, web security, data backup and network monitoring and protection.
Comodo also offers its MSP clients year-round 24/7 customer support, and is constantly revis-ing and upgrading its platform to include new functionality and enhancements, based on feedback it receives from its tight-knit user community.
As of Comodo’s submission nomination, the company has amassed more than 140,000 managed MSP endpoints.
BEST MANAGED SECURITY SERVICE
Finalists 2018• Avecto, Defendpoint
• Balabit, Privileged Access Management Solution (PAM)
• CyberArk ,CyberArk Privileged Account Security Solution
• Okta, Okta Identity Cloud
• Saviynt, Saviynt Identity Governance-as-a-Service
WINNERSaviynt for Saviynt Identity Governance-as-a-Service
Managing the access rights of thousands of employees can be challenging enough when there’s just one single corporate-wide system to log in to. But often in business, the reality is far more complicated, especially when each depart-ment’s workflow is managed via separate on-premise or cloud-based applications.
And yet, to guard against any unauthorized entry from malicious outsiders or insider threats, access rights and iden-tity management procedures must remain consistent across a company’s cloud-based or hybrid environment. That’s where Saviynt’s Identity Governance-as-a-Service solu-tion comes into play.
Leveraging big data to perform real-time automated risk analysis, Saviynt provides companies with single-pane-of-glass visibility as users attempt to access their applications, data and infrastructure. This
helps businesses predict and prevent system compromises, while maintaining proper corporate governance and compliance and managing each employee’s privileges on an individual level.
Ordinarily this might take months of man hours to properly manage. But Saviynt’s set of tools allow for quick and nimble access policy manage-ment – not to mention, they are quick to deploy, enabling out-of-the-box management for enterprise applications, cloud environments or data storage platforms.
Additionally, users ben-efit from Saviynt’s ability to natively integrate with cloud services such as AWS in order to analyze security vulnerabili-ties and misconfigurations. It also provides access to ample cloud data such as usage, raw data, fine-grained entitlements and configuration data.
BEST IDENTITY MANAGEMENT SOLUTION
2015 SC AWARDS EUROPE
SC AWARDS 2018 15
Trust Award Trust Award
WINNERCisco Systems for Cisco Identity Services Engine
It’s designed to centralize and automate the enforcement of role-based network access policies. But perhaps the most important thing that Cisco’s Identity Services Engine grants access to is savings.
A recent composite study of four enterprises using ISE to monitor and control access to network resources and applica-tions found that, collectively, the organizations saved 80 percent on IT operational costs and generated a return on in-vestment of 140 percent. Much of this windfall was attributed to avoiding costs associated with perimeter-based solutions, diminishing IT operations costs, lowering the IT opera-tional headcount, and improv-ing network resilience.
A repeat winner from 2017, Cisco ISE simplifies access control by offering deep and detailed visibility into all us-ers and devices across wired, wireless and VPN connections
– combining authentication, authorization, accounting, pos-ture, profiling, device adminis-tration and guest management features into a single unified appliance.
The NAC solution shares key contextual details with over 100 integrated technology partners, and in turn these partners send security intel back to ISE, which uses threat and vulner-ability feeds to execute rapid threat containment with the as-sistance of integrated detection solutions.
Additionally, ISE feeds into Cisco’s TrustSec solution to help organizations dynamically manage network segmentation policies that limit unnecessary exposure to sensitive data.
Other benefits include faster time-to-market for project roll-out, simplified and automated firewall rule management, and improved regulatory compli-ance.
BEST NAC SOLUTION
Finalists 2018• Asavie, Asavie Moda
• IBM, IBM MaaS360 with Watson
• Safetrust , SafeLogon
• Secucloud, ECS2
• Sophos, Sophos Mobile
WINNERSophos for Sophos One
The research department at IT security firm Sophos was on pace to track 10 million suspi-cious Android apps by the end of 2017, 3.2 million of which were malicious in nature.
These eye-opening numbers demonstrate the dire need for Enterprise Mobility Manage-ment solutions like Sophos Mobile, which gives companies the tools to manage devices within a comprehensive, inte-grated endpoint strategy that also includes more traditional endpoints as well as IoT prod-ucts.
Like its predecessors, the most recent version of the solu-tion, Sophos Mobile 7.1, comes with myriad benefits that reduce total cost of ownership. For starters, it facilitates the remote configuring of BYOD and corporate-owned devices, as well as the installation, removal and managing of the apps running on them. And its intuitive admin workflow and flexible self-service portal
reduce the need for time-con-suming help desk calls.
To bolster security and guard against device misuse, Sophos offers anti-phishing, web protection and web filter-ing technologies, and enables containerization of sensitive business email and documents, keeping them separate from personal apps and files.
Sophos Mobile takes just minutes to install, and it can scale on a single on-premises server to accommodate up to 20,000 users. Sophos en-forces a one license per user policy, regardless of how many devices any one user owns, which keeps costs down even as device inventory grows.
And by deploying Sophos mobile with the hosted and web-based integrated manage-ment platform Sophos Central, companies can manage their mobile devices side by side – with endpoint, network, and server security all acces-sible via one unified admin interface.
BEST MOBILE SECURITY SOLUTION
Finalists 2018• Aruba, a Hewlett Packard Company, Aruba ClearPass
• Bradford Networks, Network Sentry
• Cisco, Cisco Identity Services Engine (ISE)
• F5 Networks, BIG-IP Access Policy Manager
• Portnox, Portnox CLEAR
SC AWARDS 2018
SC AWARDS 2018 16
SC AWARDS 2018
Trust Award Trust Award
WINNERSecuronix for Securonix Next Gen SIEM
Infosec professionals un-derstand that there really can be too much of a good thing. Too much data. Too many tools. Too many threat alerts, too many of which are false positives.
Securonix and its Next Gen SIEM product relieves the burden of “too much,” offering customers a single enterprise solution that churns through high volumes of data, using signature-less, behavior-based analyses to detect and prioritize the true threats to an organization. In so doing, Securonix reduces the number of security alerts by up to 95 percent, which saves time and resources because infosec professionals can respond to the highest risk events, not false alarms.
Leveraging the SIEM solution’s comprehensive set of threat models, advanced analytics, and use of both supervised and unsupervised
machine learning, customers can glean continuous, real-time security intelligence on internal users, systems and applications through context-based monitoring and up-to-date risk scorecards.
While the solution is often deployed as enterprise soft-ware, Securonix also offers its capabilities via MSSP partners and its cloud-based SaaS-only behavior analytics service – two options that make deploy-ment more scalable.
Meanwhile, the cost remains reasonable because the price is contingent on the number of users, rather than volume of data logs, and also because it is deployed on commodity hardware. Indeed, customers typically see up to 70 percent savings when deploying the solution.
Other benefits that contrib-ute to ROI include a reduc-tion in the number of digital assets leaked or shared, better educated employees, and time savings due to automation.
Finalists 2018• Exabeam, Exabeam Security Intelligence Platform
• Rapid7, InsightIDR
• Securonix, Securonix Next Gen SIEM
• Splunk, Splunk Enterprise Security
• Zoho Corporation Private Limited, ManageEngine Log360
BEST SIEM SOLUTION
Finalists 2018• AlgoSec, The AlgoSec Security Policy Management Solution
• Bay Dynamics, Risk Fabric
• Cavirin, Cavirin Automated Risk and Policy Management for the Hybrid Cloud
• RiskSense, RiskSense Platform
• Skybox Security, Skybox Security Suite
WINNERSkybox Security for Skybox Security Suite
In its 2018 Vulnerability and Threat Trends Report, Skybox Security noted that last year saw an average 60 percent increase in exploit samples published online for would-be hackers to adopt. And while not everything in the document was doom and gloom – exploit kit activity was markedly down in 2017, for instance – such numbers still give security professionals plenty of reason to be mindful how vulnerable their organiza-tions are to emerging threats.
With that in mind, Skybox offers its customers the Skybox Security Suite – a col-lection of integrated security management solutions, acces-sible via one single platform, that allow users to visualize, control and reduce their attack surface, while centralizing risk and policy management.
Skybox integrates with over 120 networking and security technologies, normalizing and
leveraging their vulnerability and threat intelligence data to provide comprehensive and automated risk analysis, measurement and reporting capabilities across physical IT, virtual, multi–cloud and industrial networks.
Its abstracted attack surface models highlight the issues most likely to be targeted by exploits and attacks – perhaps a change to firewall settings, for example – so that remedia-tion efforts can be prioritized.
Meanwhile, same-day audits to determine if companies are meeting both regulatory com-pliance standards and internal policies can reduce costs by up to 90 percent. Indeed, companies with a 150-fire-wall deployment can save an estimated $500,000 simply by replacing their biweekly manual firewall audits.
And with a low total cost of ownership starting at $7,170, businesses need not worry that their risk management solu-tion is a risk to their coffers.
BEST RISK/POLICY MANAGEMENT SOLUTION
2015 SC AWARDS EUROPE
SC AWARDS 2018 17
Trust Award Trust Award
Finalists 2018• AlienVault, Open Threat Exchange (OTX)
• Anomali, ThreatStream
• Cloudera, Cloudera’s cybersecurity solution
• InfoArmor, VigilanteATI™
• Recorded Future, Recorded Future
WINNERInfoArmor for VigilanteATI
Legendary Chinese military strategic Sun Tzu said, “If you know the enemy and know yourself you need not fear the results of a hundred battles.” InforArmor puts this this lesson to good use with VigilanteATI Advanced Threat Intelligence platform.
This pure human intelligence solution delivers context- and client-specific alerts to clients, warning them of potentially im-minent attacks, based on a thor-ough network security analysis, as well as the latest threat data gathered from myriad dark web and cybercriminal sources.
First, know your enemy: VigilanteATI security agents search a wealth of sources – including hacker dump sites, underground markets, hacktiv-ist forums, file-sharing portals, threat actor libraries, botnet exfiltrations, data leaks, mal-ware logs, lists of compromised credentials, and various IOCs – to uncover critical information that InfoArmor customers can
use to configure their defenses against the highest priority threats, without impacting busi-ness continuity.
But organizations also must know themselves better as well. To that end, VigilanteATI iden-tifies compromised or exploit-able external network hosts, and delivers timely alerts that reveal undetected network- and application-level vulnerabili-ties. It even scans third-party partner and vendor sites and networks for flaws as well.
InfoArmor uses a myriad of techniques to gain valuable in-sights into a company’s vulner-abilities, including proprietary scanning of the IPv4 network, honeypotting, malware analysis, and more.
“VigilanteATI intel is precise, actionable [and] extremely specific,” said one unnamed InfoArmor customer. “Add the operational efficiency we gain from not fighting fires, controlling loss, and the faster remediation time we would have in the event that a ‘fire’ should occur, and VigilanteATI surpasses budget expectations.”
BEST THREAT INTELLIGENCE TECHNOLOGY
Finalists 2018• Aruba, a Hewlett Packard company, Aruba IntroSpect
• Barracuda Networks, Barracuda Advanced Threat Protection
• Cybereason, Cybereason’s Anti-Ransomware and PowerShell Protection
• FireEye, FireEye Network Security Platform (NX)
• Rapid7, InsightIDR
• RSA, RSA NetWitness® Suite
• Sqrrl, Sqrrl
WINNERAruba, a Hewlett Packard Enterprise company, for Aruba IntroSpect
Like a digital Sherlock Holmes, Aruba’s eagle-eyed user and entity behavior analytics (UEBA) solution, IntroSpect, notices tiny anomalies and deviations in net-work activity that more conven-tional technologies might miss.
IntroSpect uses machine learning-based analytics to au-tomate the detection of attacks, exploits and breaches by keying in on suspicious behavior that strays from established normal baselines – even if the malicious actions are subtle or take place in incremental steps.
The solution leverages over 100 AI-based models to continu-ously assess risks associated with each user/guest, system and device, as well as identify and remediate threats including phishing, ransomware, lateral movement, data exfiltration, command-and-control com-munication, account takeovers, privilege escalation and more.
Aruba estimates that custom-
ers save roughly $45,000 per month and nearly 30 hours per incident by cutting down on investigations. Indeed, custom-ers say they have been able to re-solve single incidents in only 10 minutes, compared to 30 hours using traditional methods.
Moreover, in 2017, Aruba introduced IntroSpect Standing, a new “fast-start” version of the UEBA solution that requires only three data sources.
Cadence Design Systems, an electronic design automation software and engineering ser-vices company, uses IntroSpect in conjunction with Aruba’s Net-work Access Control solution, ClearPass. “By adding Aruba IntroSpect UEBA analytics and threat detection capabilities, we will be able to better protect our source code by automat-ing anomaly detection and prioritizing security incidents for faster resolution,” said Faramarz Mahdavi, senior group director of IT operations at Cadence.
ClearPass and IntroSpect also fit into a larger set of integrated solutions that make up Aruba’s “360 Secure Fabric.”
BEST THREAT DETECTION TECHNOLOGY
SC AWARDS 2018
SC AWARDS 2018 18
SC AWARDS 2018
Trust Award Trust Award
Finalists 2018• Digital Defense, Frontline Vulnerability Manager™
• Rapid7, InsightVM
• RiskSense, RiskSense Platform
• Skybox Security, Skybox Security Suite
• Tenable Network Security, Tenable.io
WINNERRapid7 for InsightVM
It may not be possible to eliminate every vulnerability residing in your company’s network, but you can reduce the odds of a serious incident by prioritizing the ones causing the greatest risk.
That’s why Rapid7’s vulner-ability management solution, InsightVM, takes an impact-focused approach to remedia-tion. Rather than listing every vulnerability that must be addressed, it instead helps iden-tify the remedial actions that will reduce the most risk in one fell swoop – for instance, apply-ing a specific patch that can fix multiple security issues.
To provide this action-able remediation advice, the solution collects live data from endpoints, servers, cloud environments, containers and virtual devices – including new-ly discovered devices joining the network – and combines that information with contex-tual threat intelligence from threat feeds and the Metasploit
Project. It also takes into ac-count CVSS scores, exposure to exploits and malware, and user-driven tagging of critical assets.
Data can be accessed and remediation projects can be tracked via live, fully custom-izable dashboards that can be queried by users ranging from local system admins to corporate-level CISOs. Using InsightVM, organizations can reduce remediation time, increase security team ef-ficiency and reduce total cost of ownership.
Also, by directly orchestrat-ing remediation workflow through an IT ticketing process, the solution helps a company’s security and IT teams collaborate more success-fully with each other.
InsightVM also saves compa-nies money because it’s priced by the number of active assets a customer is looking to scan, meaning there are no addi-tional costs for the use of agents and virtual appliances.
BEST VULNERABILITY MANAGEMENT SOLUTION
Finalists 2018• Secucloud, MPS
• SonicWall, SonicWall NSA 2650 Firewall
• Sophos, Sophos XG Firewall
• WatchGuard Technologies, WatchGuard Firebox M Series T
WINNERSophos for Sophos XG Firewall
The Sophos XG Firewall Unified Threat Management solution provides a veritable phalanx of security defenses, all united into a single all-inclusive appliance.
Its feature-rich offering in-cludes anti-virus and anti-mal-ware protection; an intrusion prevention system; web content and URL filtering; application control; email anti-spam, data loss prevention and encryption; a web application firewall with reverse proxy; a secure wireless and hotspot controller; sand-boxing; and built-in reporting capabilities.
To simplify control of these myriad functions, Sophos offers customers a central-ized real-time dashboard, an intuitive user interface, easily configurable firewall rules, modular capabilities, and plug-and-play Remote Ethernet Devices (REDs) for deployment of secure networking to branch offices. Additionally, the solu-
tion benefits from threat intel-ligence generated by Sophos’ SophosLabs division.
In total, Sophos offers 17 different models of its XG Firewall to address the needs of businesses big, small and ev-erything in between. Moreover, the UTM solution integrates with Sophos’ endpoint defense solutions, creating a “Synchro-nized Security” environment in which endpoints and the firewall can share health status, threat intelligence and other telemetry. This allows compa-nies to identify and isolate the source of a potential compro-mise, infection or breach before it can cause significant harm.
Other unique features include tailored solutions for infrastructure-as-a-service (IaaS) public cloud deploy-ments, as well as cloud-based sandboxing. And through Sophos Firewall Manager, organizations can also decrease costs by consolidating the management and reporting of multiple firewalls using one centralized system.
BEST UTM SECURITY SOLUTION
2015 SC AWARDS EUROPE
SC AWARDS 2018 19
Trust Award Excellence Award
Finalists 2018• Barracuda Networks, Barracuda Customer Service
• CyberScout, LifeStages
• Proofpoint, Proofpoint Customer Service
• ReliaQuest, ReliaQuest’s Co-Managed Approach to Customer Service
• Varonis, Varonis Data Security Platform
WINNERCyberScout for LifeStages
According to Javelin Strategy & Research, there were 16.7 million victims of identity fraud in 2017 – a record number that shows consumers still desperately need to be educated about how to best protect their personally identifiable data.
To that end, CyberScout’s Identity Management Services offering, LifeStages, helps orga-nizations provide their clients or employees with proactive educa-tion, risk-reduction strategies, ID theft protection, privacy manage-ment and unlimited 24/7 resolu-tion support. Such services come in the form of direct one-to-one phone and email support from fraud specialists, as well as written materials, online assessment tools, and an online Knowledge Center containing helpful content.
In addition, individuals can use CyberScout’s ID Risk Compass tool to assess how well they are protecting their PII, simply by answering a few questions.
Consumers typically gain access to these benefits via their
insurance company, financial services provider or employer. Indeed, 16 of the top 20 U.S. property and casualty insurance carriers make LifeStages available to their customers.
“During this year our office was a victim of a ransomware attack,” said an anonymous medical professional who was in-troduced to CyberScout through her practice’s insurance company. “The staff at CyberScout has assisted me through the grueling process of notifying the patients and determining what services to offer. Their advice helped us stay within our budget.”
Customers who contact Cyber-Scout’s Resolution Center for help with such issues as credit alerts, Social Security fraud and court in-quiries will be relieved to hear that 98 percent of calls are answered within 60 seconds, with an average wait time of just eight seconds.
The average CyberScout em-ployee has 11 years of experience in the financial and fraud industry – which probably explains why the average customer survey score over the last four years is a near-perfect 99 percent.
BEST CUSTOMER SERVICE
WINNERF5 Networks for BIG-IP Application Security Manager and Silverline Web Application Firewall
F5 Networks might be named after the most powerful tornado on the Fujita Scale, but its web application firewall (WAF) offerings help compa-nies calm any impending cyber storms that threaten their web applications and APIs.
The BIG-IP Application Security Manager protects against and mitigates threats such as bots, code injections, denial of service attacks and credential attacks, using a combination of DDoS defenses, advanced detection and mitiga-tion techniques, deep threat analysis, dynamic learning, virtual patching and granular attack visibility.
Meanwhile, its cloud-based Silverline WAF-as-a-service solution allows organizations to leverage these security services and create their own policies without having to invest in any infrastructure of their own. It’s
available as a fully managed, comprehensive service, or as an express self-service for rapid deployment.
F5’s WAF products rely on cutting-edge techniques to quell today’s most press-ing threats: For instance, they perform fingerprinting and ma-chine learning-based behavior analysis to prevent web scrap-ing and DDoS attacks – auto-matically routing attempted network- and application-layer DDoS attacks to cloud scrub-bing for mitigation. And they provide app-level encryption to defend against credential harvesting attacks.
The WAF solutions can also integrate with vulnerability assessment solutions in order to provide accurate bug detection and rapid patching. Moreover, the F5 customer portal offers users attack logging, reporting and analytic insights of SOC designed policies, while spe-cialized SOC security experts also make themselves available to Silverline customers on a 24-7 basis.
BEST WEB APPLICATION SOLUTION
Finalists 2018• F5 Networks, F5 Networks Advanced WAF solutions
• Fastly, The Fastly Web Application Firewall (WAF)
• Imperva, SecureSphere Web Application Firewall
• Neustar, Web Application Firewall
• NGINX, NGINX Web Application Firewall (WAF)
SC AWARDS 2018
SC AWARDS 2018 20
SC AWARDS 2018
Excellence Award Excellence Award
Finalists 2018• Attivo Networks, ThreatDefend™ Deception and Response Platform
• CrowdStrike, CrowdStrike Falcon
• CyberArk, CyberArk Privileged Account Security Solution
• Darktrace, The Enterprise Immune System
• Dome9 Security, Dome9 Arc platform
• Splunk, Splunk Enterprise Security
• Varonis, Varonis Data Security Platform
WINNERCrowdStrike for CrowdStrike Falcon
Talk about your mind-boggling numbers: Every single day, the CrowdStrike Falcon platform analyzes billions of endpoint events collected from millions of sensors across 176 countries.
Designed to hunt down breaches and other endpoint threats, Falcon delivers real-time protection and visibility to users across the globe, as opposed to mere snapshots in time. It pinpoints not only known signatures and malwares, but also fileless, malware-free intrusions – even when hosts are off the network.
Among Falcon’s newest innovations are a vulnerabil-ity management feature and Falcon Discover, an IT hygiene solution that monitors and inventories systems, application usage and user account activity in real time to help identify any unauthorized actions. The company also recently launched an online tech center
with tools, templates and support for customers – an ad-dition that nicely complements its 24/7/365 customer support center.
Moreover, CrowdStrike in 2017 upgraded its artificial intelligence capabilities, in-troducing enhanced endpoint machine learning to improve its behavior-based threat pre-vention capabilities. And the company continues to develop its CrowdStrike Falcon Search Engine as well.
CrowdStrike’s user base is primarily comprised of mid-sized organizations and large enterprises across a wide spectrum of industries, includ-ing three of the 10 largest global companies by revenue. As of Q2 2017, the company says it has seen a 476 percent year-over-year increase in new endpoint protection platform subscriptions.
In 2017, Falcon took home top prize for Best Behavior Analytics/Enterprise Threat Detection.
BEST ENTERPRISE SECURITY SOLUTION
Finalists 2018• Carbon Black, Cb Defense
• IRONSCALES, Federation - The Only Real-time Automated Phishing Intelligence Sharing
• OPAQ Networks, The OPAQ 360 Platform
• Prevoty, Prevoty’s Autonomous Application Protection
• Security Compass, SD Elements
• Vectra, Vectra Cognito
• Versive, Versive Security Engine
WINNERPrevoty for Autonomous Application Protection
The DevOps movement continues to put immense pres-sure on application developers, accelerating deployment cycles and therefore increasing the odds that critical security vul-nerabilities may be overlooked. If exploited, these flaws open the door wide open for adver-saries to successfully circum-vent the defenses of organiza-tions using these apps.
To combat this threat, Prevoty has developed an autonomous runtime applica-tion self-protection (RASP) solution that enables applica-tions to monitor themselves and neutralize attacks in real time, at runtime. Autonomous Application Protection ensures that applications remain secure from malicious payloads, despite the presence of bugs that either already exist in the software or are introduced with new or updated versions.
Built to scale with DevOps, the service can be deployed in
the cloud or on-premises, and is highly scalable, easily allowing users to processes upwards of 50,000 requests per second. No behavioral learning period is required, and maintenance is minimal.
Prevoty user David Nolan, director of information secu-rity at Atlanta-based furniture retailer Aaron’s Inc., said that while a web application firewall “requires two full-time staff members dedicated to deploy-ment and support,” Prevoty simply “requires two hours a week from one staff member, and it delivers better protec-tion.”
“Prevoty… has enabled us to move fast and scale while providing enhanced visibility and security as we embed core DevSecOps principles in our organization,” added Almir Hadzialjevic, Aaron’s VP of enterprise risk and security.
BEST EMERGING TECHNOLOGY
2015 SC AWARDS EUROPE
SC AWARDS 2018 21
Excellence Award Excellence Award
Finalists 2018• Carbon Black
• CrowdStrike
• Darktrace
• FireEye
• Proofpoint
• Securonix
• Sophos
WINNERCrowdStrike
The 2017 WannaCry and NotPetya malware attacks re-portedly cost some unlucky com-panies like FedEx and Marersk hundreds of millions of dollars, but for organizations shielded by CrowdStrike’s comprehensive endpoint protection solution, these incidents were mere blips.
The successful defense against two of last year’s biggest threats serve to exemplify the prowess of the highly modular Crowd-Strike Falcon Platform, which unifies next-generation anti-virus, endpoint detection and response, security hygiene and threat intelligence. In its quest to prevent data breaches and infec-tions, Falcon identifies known signatures and malware, but also malware-free intrusions.
Complementing Falcon’s AI engine is OverWatch, an elite force of cyber intrusion detec-tion analysts, investigators and first responders, who act as a managed threat hunting team.
CrowdStrike feeds billions of daily events into its new Falcon
Search Engine, which speeds up threat queries while providing a more complete data set. It also comes with Falcon MalQuery, a cloud-based malware research tool that used to search a massive collection of malware samples.
“CrowdStrike solves our pre-vention, detection and visibility challenges by unifying next-generation AV and endpoint detection and response (EDR) via a cloud-delivered model,” said David Giambruno, CIO at stock photo company Shutter-stock. Falcon’s cloud-based ar-chitecture allows the solution to be deployed in mere minutes to thousands of endpoints – in one recent case to 77,000 endpoints with no reboots in mere hours.
“In my career, the deployment of CrowdStrike Falcon was per-haps the easiest global security technology rollout I’ve seen,” said Roland Cloutier, chief security officer at HR manage-ment software provider ADP. By leveraging the technology’s cloud architecture and Crowd-Strike’s expertise, we were able to deploy with incredible speed and efficacy.”
BEST SECURITY COMPANY
Finalists 2018• Onspring Technologies, Controls &
Compliance
• Proofpoint, Proofpoint Information Protection, Archive, and Compliance
• RSA, RSA Archer
• TrustArc, Data Privacy Management Platform (comprised of the Assessment Manager, Data Flow Manager, Cookie Consent Manager and Website Monitoring Manager modules)
• Varonis, Varonis Data Security Platform
BEST REGULATORY COMPLIANCE SOLUTION
WINNERRSA for RSA Archer
As companies race to meet the looming deadline for Europe’s sweeping GDPR standards, the stakes to ensure compliance have never seemed so high. And the advantage of RSA’s government regulatory compliance (GRC) platform, RSA Archer, has never been so apparent.
Comprised of seven solutions that introduce automation, col-laboration and cross-organiza-tional visibility through purpose-built tools (RSA calls them “use cases”), Archer offers expertise in audit management, business re-siliency, third-party governance, IT/security risk management, regulatory/corporate compliance management, operational risk management and public sector/federal agency management.
Archer’s latest release, version 6.3, introduced two new compli-ance management use cases that specifically help organizations manage data privacy programs in direct support of GDPR. Now more than ever, companies will benefit from the ability to
consolidate multiple regulatory body requirements and develop a sustainable compliance pro-gram, while reducing the risk of fines, penalties and reputation damage. Indeed, a recent IDC found that organizations using RSA Archer achieve an average five-year ROI of 496%.
“Implementing RSA Archer was the first step to ISO 22301 [business continuity manage-ment] certification at DZBANK. This enables us to meet compli-ance standards and significantly reduce audit activities each year,” said Thorsten Scheibel, global head of business continu-ity and crisis management at DZ Bank, in an RSA case study.
Introduced in 2016, RSA’s use case pricing and packaging model has helped companies decide which uses cases are best suited for their regulatory needs, while staying within budget. Meanwhile, RSA’s customer advocacy program dedicates 25 of its support professionals to providing RSA Archer GRC plat-form support across more than 1,400 worldwide deployments.
SC AWARDS 2018
SC AWARDS 2018 22
SC AWARDS 2018
Excellence Award
WINNERXM Cyber
XM Cyber may be a new-comer to the network security space, but its founders are seasoned veterans from the Israeli intelligence community, who used their vast experience to create an AI-based attack simulation platform that thinks and acts like an APT actor.
The automated platform, HaXM, combines critical red team and blue team functional-ity to create a virtual “purple team” that simulates real hack-ers’ behaviors, identifies hid-den attack vectors in real time, and prioritizes the remediation of discovered vulnerabilities before they can be exploited for real.
To enhance the realism and accuracy of HaXM’s simulated attack scenarios, XM Cyber’s behind-the-scenes research team is constantly analyzing available intelligence to create models of the most common in-the-wild TTPs of active hacking groups. These models take into consideration factors
that can increase an organi-zation’s risk, including user behavior and accumulated knowledge of the network.
Although it officially launched in March 2018, the platform already counts sev-eral large financial institutions among its early customer base, including ING.
As an additional benefit, XM offers an array of customer services, provided by person-nel with expertise in not only the platform itself, but also networking and cybersecurity. Whether utilized in large-scale deployments or proof-of-con-cept tests, HaXM in its short lifespan has already demon-strated its value to companies after successfully uncovering vectors likely to be targeted in future attacks, including unau-thorized software products and versions, reused credentials and more.
Excellence Award
ROOKIE SECURITY COMPANY OF THE YEAR
WINNERArctic Wolf for AWN CyberSOC
Just because a business is small doesn’t mean its security risks aren’t huge. Impeded by limited staff, expertise and resources, many small- and medium-sized business crave an all-inclusive Security Operations Center (SOC) that’s affordable and fits their needs.
Arctic Wolf’s AWN Cyber-SOC solution supplements SMEs with a combination of machine intelligence and human exper-tise. The human component comes in the form of a dedicated Concierge Security Engineer (CSE) who for all intents and purposes acts as a direct exten-sion of that company’s IT team.
CSEs closely familiarize themselves with their assigned clients’ environments and deliver a highly personalized experi-ence, helping organizations with threat hunting, log management, remote forensic analysis, incident response and remediation, and other critical tasks. Customers are not forced to escalate their
security concerns through a call center; rather, they phone or email their CSEs, who are further supported by additional specialized Arctic Wolf security personnel.
The CSEs also aid their cus-tomers with the implementation of Arctic Wolf’s managed detec-tion and response (MDR) tool set, which includes its Hybrid AI threat detection solution. The cloud-based tool takes just min-utes to install and is eminently scalable, keeping costs low. Arc-tic Wolf’s service also includes threat intel subscriptions and CSE assistance with regulatory compliance efforts, including audits required for certifications such as PCI and HIPAA.
“To build the equivalent of the service internally I would have had to hire a team of people, and it would have taken 6-12 months to get everything up and running,” said AWN CyberSOC user Chris Rogers, CIO of data processing and preparation com-pany EE Micronix, in a customer testimonial. “Arctic Wolf was up and running in less than a week.”
BEST SME SECURITY SOLUTION
Finalists 2018• Arctic Wolf, AWN CyberSOC
• Bitdefender, Bitdefender GravityZone
• eSentire, eSentire Managed Detection and Response
• Untangle, Untangle NG Firewall
• VIPRE Security, VIPRE Endpoint Security — Cloud Edition
Finalists 2018• Aqua Security
• Armis
• BluVector
• Fortanix
• XM Cyber
Learn more at https://arcticwolf.com/awn-cybersoc/
The Industry’s Most Fierce SOC-as-a-Service
You Need the Industry’s Fiercest Threat Hunter on Your Side
To Survive the Dangers of Today’s Security Landscape,
2015 SC AWARDS EUROPE
SC AWARDS 2018 24
Finalists 2018• Erin Kuffel
• Ray Cotton
WINNERErin Kuffel, Texas A&M University
Erin Kuffel may not have graduated from Texas A&M University just yet, but the undergraduate student is already envisioning her own future in cy-bersecurity, as well as the futures of those who follow her lead.
“I keep hearing that there’s a gap in the cybersecurity field, that there’s a void that’s not going to be easily filled. But I want to be that person to teach others, to in-spire them, and to motivate them to learn and do and follow their passions in cybersecurity,” Kuffel wrote in her self-nomination. “I want to pass my knowledge and experience to those who would one day take my place in the industry, so that my mark may be made and this field can continue to protect and defend.”
Kuffel is now set to graduate this year with a B.S. in computer science and a minor in business administration, cybersecurity, and mathematics. While she expects to eventually pursue a master’s or doctoral program,
Kuffel plans to first accrue some valuable hands-on technical ex-perience. For her first gig, she has accepted a volunteer position to work at U.S. Cyber Command in the NSA’s Information Assurance Scholarship Program.
As president of the TAMU Cybersecurity Club, Kuffel over-sees general meetings, the club’s competition team and its new Cyber Operations Special Unit. Additionally, she spearheaded the creation of a new process to help club members obtain profession-al training and certifications.
Kuffel also is a security analyst for the TAMU Systems Security Operations Center, helping moni-tor university member networks for malicious activity, while training fellow analysts. “She now works with true AI-based tools to monitor over 17 different networks,” said Daniel Basile, executive director of the Texas A&M University System, adding that Kuffel recently “took the opportunity to help develop new practices for tier-one triaging of events. These practices decreased the mean time to resolution for security events drastically.”
Professional Award
CYBERSECURITY STUDENT OF THE YEAR
Finalists 2018• Champlain College
• Iowa State University
• Regent University
• TCAT Shelbyville
• University of Maryland University College
WINNERUniversity of Maryland University College
Home to the world-champion hacking team the Cyber Padawa-ns, the University of Maryland University College didn’t have to pull a Jedi mind trick to convince the SC Award judges that it also lays claim to the best cybersecu-rity higher education program.
Boasting over 12,000 students and over 400 faculty members, UMUC’s cybersecurity education program is the largest in the world. Not only is the university certified as a Center of Academic Excellence in IA Education by the NSA and DHS, but its Digi-tal Forensics program is the first of its kind to be certified by these same two government agencies.
Having recently overhauled its Master of Science cybersecurity degree programs, UMUC places a heavy emphasis on real-world experience and field work over tests and quickly outdated textbooks. (In fact, by eliminat-ing textbooks, the school saves its pupils roughly $14 million annually.)
To pass the program, students are expected to complete projects and develop marketable skills, understand digital strategy and risk, and develop executive presentations and strong writing skills. Classes are offered either online or in hybrid online-offline formats, aided by virtual labs that are accessible to all students – allowing full-time working professionals to partake in the programs during evening hours and earn a 36-credit Masters Degree in a mere 18 months, for under $25,000.
Since the program was revital-ized, the number of students who successfully complete the programs has doubled, and the number of pupils earning “A” grades has also increased dra-matically. Additionally, education costs have decreased by about $400 per student, per term.
“As a working adult and father of two, the thought of returning to school was extremely daunt-ing. [But] the flexible assignment deadlines offered by the program proved to be a life saver,” said IT professional and graduate student Matthew Nicklin.
Professional Award
BEST CYBERSECURITY HIGHER EDUCATION PROGRAM
SC AWARDS 2018
SC AWARDS 2018 25
SC AWARDS 2017
Professional Award Professional Award
SC AWARDS 2018
Finalists 2018• (ISC)² for CISSP
• Cloud Security Alliance
• ISACA for CISM
• ISACA for CSXP
WINNERISACA for CISM certification
It goes without saying that information security managers are expected to demonstrate a strong expertise in security technology and processes. But if their initiatives are to win corporate buy-in from the CEO and the board room, it’s also im-perative that these professionals comprehend and communicate exactly how their security proj-ects are going to support overall business objectives.
So when the Information Systems Audit and Control Asso-ciation – better known as ISACA – developed the only manage-ment-level certification program for infosec professionals, it took the unique step of measuring candidates’ ability to develop and manage a security program that not only protects a company’s valuable assets, but also honors its corporate strategy.
Professionals who earn the global IT association’s official designation of Certified Infor-mation Security Manager are therefore more likely to convince
prospective employers that they can align their security recom-mendations with the directives of top management.
Such skills apparently pay off: Global Knowledge’s 2017 IT Skills and Salary Report listed ISACA’s CISM as the second highest paying IT certification, with certificate holders earning an average salary of $122,448.
Founded in 2002, ISACA’s CISM program has awarded more than 34,000 certifications to professionals who meet strin-gent requirements, including a minimum of five years of work experience and three years of in-formation security management in several job practice analysis areas. It also requires continuing education to maintain certifica-tion, and is frequently updated to reflect shifting IT roles and responsibilities.
Approaching its 50th anniver-sary in 2019, ISACA runs more than 215 chapters worldwide.
Last year, ISACA won the same SC Award for its Certified Information Systems Auditor (CISA) certification program.
BEST PROFESSIONAL CERTIFICATION PROGRAM
Finalists 2018• Circadence® Corporation
• Idaho National Laboratory
• Knowbe4
• PhishMe
• Wombat Security Technologies
WINNERWombat Security Technologies for Wombat Continuous Training Methodology
Cyberthreats never stop, so why should user training? After all, the threats employees trained for today will evolve.
Wombat Security Technolo-gies certainly doesn’t buy into the conventional one-and-done approach. Its Continuous Training Methodology takes a cyclical, multi-faceted ap-proach to teaching best prac-tices, all while emphasizing four points – Assess, Educate, Reinforce and Measure.
The results speak for them-selves: Customers who have applied this methodology have reduced the number of success-ful external phishing attacks and malware infections by as much as 90 percent, with many witnessing a marked improve-ment in two months or less.
Thanks to Wombat’s program, one international manufacturing company saw a 46 percent drop in malware
infections, and a northeastern U.S. college observed a 90 percent reduction in successful phishing attacks.
Wombat’s users also get a comprehensive library of train-ing resources, including mod-ules for spear phishing, mobile phishing and ransomware.
Additionally, the train-ing program offers advanced reporting features that allow companies to analyze how well the workforce is following rec-ommended security practices.
“We have been using Wom-bat for over two years now, and one of the reasons we chose to go with them was not just because we felt the prod-uct offered more than their competitors technically, but also because the user education experience had the edge with tone, pace and multinational options,” said Lesley Marjorib-anks, customer and colleague security awareness manager at the Royal Bank of Scotland. “The product itself is constant-ly evolving, and there’s always something new to offer our col-leagues by way of education.”
BEST IT SECURITY-RELATED TRAINING PROGRAM
2015 SC AWARDS EUROPE
SC AWARDS 2018 26
Finalists 2018• Bank of America
• Lower Colorado River Authority
• State of Missouri
• Thomson Reuters
• Zuora
WINNERTim McKnight, CISO of Thomson Reuters
Normally, Thomson Reuters employees just get to write the headlines. But the publish-ing powerhouse’s CISO Tim McKnight made some headlines of its own at the 2018 SC Media Awards when he was named CSO of the Year.
After joining the Toronto-based mass media giant in October 2016, McKnight built a state-of-the-art cybersecu-rity program in just 12 months, transforming the organization’s security posture by espousing a key enterprise-wide mantra: Don’t say “No.” Say “How?”
In other words: find a way.Under McKnight’s leadership,
TR launched its first-ever Cyber Fusion Center in just over eight weeks, while doubling the size of the company’s security program in fewer than six months. To meet with growing demands, he former General Electric CISO recruited a diverse and talented workforce, filling key positions in defensive automation, cloud
security and cyber intelligence, while improving corporate train-ing regimens. And to further enrich the talent pool, he began sponsoring programs at histori-cally black colleges and universi-ties to develop talent pipelines.
Current projects include an effort to embed measurement into the business development process, improve TR’s secure development lifecycle in the product space, and ensure regu-latory compliance.
But none of this would be pos-sible without first securing buy-in from executives and everyday workers across the $11.2 billion organization – a challenge McKnight achieved by proving himself to be an approachable and inspirational mentor, leader and communicator.
“Tim has transformed our ISRM group well beyond my expectations. He has moved critical initiatives faster, intro-duced new ones to protect us and significantly upgraded our team,” said Rick King, EVP and CIO at TR.
Professional Award
CSO OF THE YEAR
Finalists 2018• Bank of America
• Humana
• Idaho National Laboratory
• Zuora
WINNERBank of America for its Global Information Security team
Always innovating, the Global Information Security (GIS) team at Bank of America is striv-ing to set the gold standard in cybersecurity.
In 2017, resourceful GIS staffers filed patents for 48 new technologies or processes. And over the last few years, GIS team members have compiled a veri-table highlight reel of projects, including a new IAM (Identity and Access Management) Pro-gram that successfully consoli-dated 27 separate review systems into just one, and 20 individual request systems into just one.
In another ambitious initiative, they created a Governance & Policy Ecosystem that gives con-trol owners access to the infor-mation they need to respond to auditor and regulator inquiries.
When BoA creates any new product or program, the GIS team is sure to support its devel-opment and subsequent rollout. For instance, team members onboarded BoA’s web-based
document management and storage system SharePoint into the central security database, to enhance controls and reduce the odds of unauthorized access.
They also introduced Zelle, a new person-to-person transfer service that helps customers transfer money safely within minutes, as well as a new cardless ATM machine that reduces card fraud by letting banking custom-ers use the Bank of America mobile app instead. That same BoA app also allows customers to self-lock or unlock their debit cards in real time, in the event of a lost or stolen card.
This past year, GIS also rolled out new anti-phishing tech that ensures every email sent from or on behalf of the bank is au-thenticated before delivery, and that any emails from a fraudu-lent source are quarantined or blocked.
But not every innovation is a new technology. The team has also introduced various initia-tives to help spread organization-al cybersecurity awareness and developed diversity programs and talent partnerships.
Professional Award
BEST SECURITY TEAM
SC AWARDS 2018
tr.com
Congratulations to Tim McKnight, CSO of the year finalist. Thomson Reuters salutes Tim and all of the finalists being honored at the 2018 SC Awards ceremony.
© 2018 Thomson Reuters S064928/3-18
SC AWARDS 2018 28
Professional Award
WINNERInformation Security Forum
A new age in data privacy and security is almost upon us. The European Union’s General Data Protection Regulation is set to take effect on May 25, 2018, fundamentally changing the way businesses manage their information and their customers.
Perhaps not since Y2K have companies all across the world been so fixated on such a daunting deadline. But while Y2K threatened an apocalypse of glitches, GDPR is generating night-mares over compliance costs and fines of up to four percent of annual turnover.
Fortunately, the non-profit Information Security Forum has
emerged over the last year and beyond as a “security blanket” for organizations seeking guidance, comfort and clarity as they ensure every European citizen’s data is shielded from breaches, leaks and abusive data sharing practices, regardless of where that information is stored and processed.
Better yet, the ISF is helping these same companies learn how to reframe this Herculean challenge as potentially golden oppor-tunity to profit and benefit from improved business practices.
ISF endorses a structured two-phase approach toward compli-ance – ideally one spearheaded by a designated Data Protection Officer. First, companies, must identify the scope of the proj-ect by accounting for all of the personal data they harbor and evaluating their current abilities to achieve compliance status, the organization says.
Only then should they move on to implementing the required controls, with a firm understanding of the financial and opera-tional consequences of non-compliance.
To that end, ISF offers a variety of GDPR consultancy services to keep companies sure-footed on the precarious path toward compliance, including mapping companies’ personal data and then performing a gap analysis against EU regulatory require-ments. It also offers services and literature for scoping and facilitating GDPR implementation programs, conducting security assessments, and encouraging a culture of privacy awareness.
In the run-up to the final GDPR deadline, the ISF has released a series of digests and implementation guides, designed to keep companies informed of their responsibilities and help them opti-mize their compliance efforts.
“The need for organizations to prioritize data protection and information security has never been greater. A well-funded, well-
governed and enterprise-wide GDPR compliance program will demonstrate an organization’s commit-ment to data protection and security,” says Steve Durbin, ISF managing di-rector, in a recent company news release.
And while this is by no means an easy or simply task, Durbin believes these efforts ultimately can be a win-win for consumers and businesses. According to Durbin, benefits could include the consolidation of business activities into
broader information gov-ernance programs and the embedding of information
security into the design of business applications and technical infrastructure, and, obviously improving data protection and privacy practices across the entire enterprise.
“Data protection and legal compliance should not be perceived solely as a burden. The GDPR provides organizations with an opportunity to move programs beyond risk reviews and data analysis to deliver tangible operational change, thereby securing competitive advantage,” Durbin explains.
“While every organization should judge the risks and rewards of its own data protection investments, the GDPR offers a unique opportunity to translate necessary compliance actions into tangible business benefit,” he says. “Leading organizations are structuring GDPR compliance programs to exploit these oppor-tunities and our GDPR Implementation Guide offers a method for doing just that.”
EDITOR’S CHOICE AWARD
Steve Durbin, managing director of the Information Security Forum (ISF).
SC AWARDS 2018
