We are delighted to announce the winners of this year's SC Awards Europe 2017. Hosted by Holly Walsh at Old Billingsgate, it was an evening of glitz and glamour on the Thames in the heart of the City of London.
- Make sure to enter next year for a chance to join us at the 2018 event!
Awards were given to leading products and services in the cyber-security industry, but in addition to that, there were awards for individuals and teams who have made an outstanding contribution to cyber-security.
One of those individuals was Marcus Hutchins, aka MalwareTech, the 22-year-old security researcher who "accidentally" stopped the WannaCry attack in its tracks and in so doing, earned himself a place in cyber history. We were pleased to give him a Special Recognition Award.
We also recognised, with the Editor's choice award, a team which has had a significant impact on ransomware. We were delighted that representatives from the four founding organisations behind No More Ransom [dot] org were able to attend the event: The Dutch National Police, Europol EC3, Kaspersky Lab and McAfee.
Also picking up an award was Ed Tucker, head of cyber security at HMRC, who was named Best CISO of the Year. Read and watch a video interview with Tucker about eliminating the scourge of spoofed HMRC emails - A cyber-success story: HMRC's road to DMARC implementation.
And picking up the award for Best Security Team was David Boda, head of information security at Camelot.
Best Advanced Persistent Threat (APT) Protection
Carbon Black Carbon Black Cb Defense
Cb Defense differs significantly from its competition because it focuses on preventing an attacker's behaviours and not simply blocking files. Competing products, specifically legacy AV and machine learning AV, detect malware at the moment of execution. Cb Defense focuses on more than just malware.
Best Behaviour Analytics/Enterprise Threat Detection
LightCyber/Palo Alto Networks LightCyber Magna
The LightCyber Magna platform directly addresses the data breach crisis by quickly and accurately detecting a targeted external or malicious internal attacker working towards a data breach. Currently, without a solution like Magna, the industry average dwell time is five months, giving attackers healthy odds to successfully reach their objectives. Traditional security is simply not effective at detecting an active attacker working inside the perimeter, and it is almost certain that a motivated attacker will get into a network. As a reflection of its effectiveness and accuracy, it is the only product to uncover the activities of a simulated Red Team attack secretly being conducted unbeknownst to the Magna operator.
Best Cloud Computing Security Solution
AlienVault USM Anywhere
AlienVault's new USM Anywhere offers customers the same comprehensive, unified solution across cloud, hybrid cloud and on-premises environments. It is the first all-in-one SaaS security monitoring platform designed to centralise threat detection, incident response and compliance management across these environments from a single, cloud-based console. Built natively in the cloud to monitor hybrid cloud, USM Anywhere significantly reduces deployment time, so that companies of all sizes can go from installation to first insight within minutes.
Best Computer Forensics Solution
Guidance Software EnCase Endpoint Investigator and EnCase Forensic
EnCase Forensic and EnCase Endpoint Investigator provide a powerful, judicially-accepted platform that serves as the foundation for corporations, government agencies, and law enforcement to conduct digital investigations of any kind. As market pioneers, Guidance knows the complexities of criminal investigations and what it takes to get to case closed. As such, EnCase Forensic is the trusted standard in criminal investigations and accepted in courts around the world.
Best Data Leakage Prevention (DLP) Solution
Netskope Netskope Cloud DLP (integrated with the Netskope Active Platform)
The proliferation of cloud services has led to an exponential rise in the volume of sensitive business data stored in and shared across cloud environments. Netskope Cloud DLP enables IT to protect against intentional and unintentional data theft and loss across all SaaS, IaaS and PaaS solutions – regardless of where the transaction originates from or its destination, from a remote mobile device user to an external contractor or unsanctioned application.
Best Disaster Recovery/Business Continuity Offering
Druva provides a platform for data protection in the Cloud. Using Druva, companies can protect critical business information that is created and stored within remote office servers, virtualised environments, cloud applications and laptops, tablets and phones.
Best Email Security Solution
Sophos Sophos Email on Sophos Central
Sophos Email is a cloud-delivered secure email gateway engineered to keep businesses safe from all email threats. It stops spam, phishing, malware and data loss and keeps employees productive. For SMEs that want to consolidate protection, it lets them control their email security alongside endpoint, mobile, web, and wireless protection using Sophos Central's single interface.
Best Fraud Prevention Solution
Proofpoint: Proofpoint Email Fraud Defense
Highly-targeted impostor email attacks, also known as business email compromise (BEC) scams, are the biggest threat to the enterprise today. And the clear majority of these attacks spoof legitimate domains from trusted internal and third-party senders.
Best Identity Management Solution - Sponsored by CrowdStrike
SailPoint SailPoint Open Identity Management Platform
Enterprises are rapidly adopting new technologies like cloud/SaaS and mobile across their IT infrastructure. Similarly, hackers and malicious insiders are finding new ways to target security's weakest link: people (or identities). Organisations must shift their security strategy to embrace a user-centric approach, placing identity at the centre of IT and security to mitigate risk of data breach.
Best Managed Security Service
IBM Managed Security Services
IBM is an industry-leading managed security services partner who can provide a high level of personalised protection from attacks, including in the cloud. IBM has differentiated itself from other managed security services providers by making significant investments in people, facilities, tools and cutting-edge cognitive technologies to provide its clients with a service built on industry-leading security intelligence and proven security methods delivered by security experts located in its global array of eight X-Force Command Centers (including two in Europe).
Best Mobile Security Solution Sponsored by BooleBox
Wandera Secure Mobile Gateway
Mobile is indisputably the new frontier for cyber threats, as adoption of corporate mobility continues to grow, so too does the number of attacks. Businesses have become increasingly exposed to new threats, vulnerabilities and data leaks.
Best Multifactor Solution
Yubico YubiKey 4
Trillions of dollars are lost, and billions of internet users risk getting their online accounts hacked because of compromised static credentials. YubiKeys provide an additional layer of security beyond the password with the touch of a button.
Best NAC Solution
ForeScout ForeScout CounterACT
Enterprise networks contain a vast, increasing range of devices – computers, mobiles, industrial controls, VMs, and other ‘things'. Diversity accelerates hybrid IT environments, and IoT is becoming the norm. With diversity, complexity and confusion of security increases.
Best SIEM/Behavioural Analytics Tool
Splunk: Splunk Enterprise Security 4.5 (ES) with Adaptive Response
Advanced cyber adversaries are leveraging new attack methods that span multiple domains, launching devastating attacks that leave enterprises vulnerable. Despite advancements in security technologies, most solutions are not designed to work together or out of the box, making it a challenge to coordinate a quick response. Splunk Enterprise Security 4.5 (ES) is a next-generation SIEM platform used by thousands of security customers for log management, continuous monitoring, incident investigation and response, security and compliance reporting, fraud detection, real-time correlation and detection of known/unknown threats.
Best UTM Solution
Sophos Sophos XG Firewall
Sophos XG Firewall makes managing advanced protection simple by providing more defence in a single appliance than any other firewall. Sophos XG Firewall provides unprecedented visibility into your network, users, and applications right from the control centre.
Best Vulnerability Management Solution
Core Security Core Impact/Vulnerability Insight
Core Vulnerability Insight allows customers to evolve their vulnerability management program and improve their overall security posture. It offers greater scalability and advanced attack path analytics, to help users accurately identify the vulnerabilities that pose the greatest threat to critical business assets, regardless of the size and complexity of their IT landscape. Core Vulnerability Insight also allows for multiple vulnerability scans across vendors, while matching known exploits and simulating attacks, enabling customers to focus on the most vulnerable points of their network. Once critical vulnerabilities are prioritised, companies can move quickly to remediate the threat within their systems.
Best Web Content Management Solution
Sophos Sophos Web Gateway
Organisations need comprehensive protection from the latest web threats. IT managers also need to be able to control web usage to ensure employee productivity.
The way users access the web has changed. They use multiple devices and cloud services, like Box and Salesforce and consume these anywhere, both in the office and remotely. Considering the threat to organisations from phishing attacks and drive-by downloads, IT teams need a solution that enforces policy and secures web browsing on all user devices, wherever they are.
Best Customer Service
Barracuda strives to provide fanatical and awesome customer service with live people always on the receiving end to help troubleshoot – there are no phone trees and no automated service. Barracuda offers 24/7 phone-based technical support as part of the purchase price. Customers also can purchase additional options as part of an annual subscription starting at just under $2,000. Additional tiers include enhanced and premium. With enhanced Barracuda Support, customers calling in are placed at the front of the queue. At the premium level, Barracuda will actively monitor the system and alert the customer if something goes wrong. All customers also can access a large support area via the website that includes a knowledge base, user forum, product documentation and other helpful resources.
Best Emerging Technology Sponsored by F-Secure
High-Tech Bridge ImmuniWeb
ImmuniWeb Web Security Testing Platform leverages a machine learning technology for intelligent automation of web vulnerability scanning. Complemented by human intelligence, it detects the most sophisticated vulnerabilities and contractually guarantees zero false-positives.
Best Enterprise Security Solution
Complimenting Cylance's revolutionary technology is a set of consulting services that provide pre-attack penetration and vulnerability testing, compromise assessments, and post-attack incident response. Its experts organise information so customers can see their full security picture, and then offer strategic and tactical recommendations to ensure customers become secure.
Best Risk Management/Regulatory Compliance Solution
IRM Security IRM SYNERGi
SYNERGi's growth has continued over the past year, with Unilever, BBC Worldwide, ASOS, Hutchinson 3G, and Amadeus – alongside numerous small and medium-sized businesses – joining its customer base.This means, despite only being in its fourth year of operation, SYNERGi now enables no fewer than 40 organisations to simplify cyber security management, compliance, risk assessment, and vendor management. This includes some of the UK's most trusted brands – names like the Post Office, John Lewis, Virgin Media, Auto Trader, HRG Worldwide, Debenhams and Deloitte.
Best SME Security Solution
Proofpoint Proofpoint Essentials
Proofpoint Essentials provides an extremely high level of follow-the-sun support with consistently high levels of customer service satisfaction scores. Global support 24x7x365 is included as part of the Proofpoint Essentials subscription with phone, email and live chat communication options available.
Best Newcomer Security Company of the Year
Virtual containers are rapidly being adopted in enterprise deployments, but present unique security challenges due to the scale, agility and open nature of the container operating environment. The rapid DevOps process that is often behind container deployments and the inclusion of many open source components require tight governance of the process from the development phase and beyond.
Best Security Company
Symantec is the largest cybersecurity company in the world, helping consumers, small businesses and the world's leading enterprises secure and manage their data. The company counts 90 percent of the Fortune 500 as customers of its SSL certificates, and has the largest market share (31.5%) and protection capabilities in endpoint protection. Symantec is also the leading email security provider with 20.9 percent market share according to IDC and scans 30 percent of the world's enterprise email traffic each day. Nearly a third of the company's revenue comes from EMEA.
Editors' Choice Award
No More Ransom Kaspersky, EC3, Dutch Police, McAfee
Law enforcement and IT Security companies have joined forces to disrupt cybercriminal businesses with ransomware connections.
The “No More Ransom” website is an initiative by the National High Tech Crime Unit of the Netherlands' police, Europol's European Cybercrime Centre and two cyber security companies – Kaspersky Lab and Intel Security – with the goal to help victims of ransomware retrieve their encrypted data without having to pay the criminals.
Since it is much easier to avoid the threat than to fight against it once the system is affected, the project also aims to educate users about how ransomware works and what countermeasures can be taken to effectively prevent infection. The more parties supporting this project the better the results can be. This initiative is open to other public and private parties.
Best Professional Training or Certification Programme
PhishMe PhishMe Simulator and Reporter
The PhishMe methodology turns every employee into an IT security aware professional –transforming a company's biggest liability into its strongest defence. The behavioural conditioning methods prepare employees to recognise and resist malicious phishing attempts. Employees are conditioned to identify and report phishing attempts, also providing critical attack intelligence to the IT security teams in defending against data breaches, ransoms and systems shutdowns.
Best Security Team - Sponsored by Carbon Black
The team at Camelot has been re-built over the last 24 months. They started from humble beginnings with a security team of just 2 people following the departure, over the preceding 3-month period, of the rest of the function. The first 12 months was tough for the team as they had to both maintain business as usual whilst recruiting. With no hand over and little documentation, they also had to develop an understanding of the business, reverse engineer the architecture and configuration of the security technologies in place and build relationships with stakeholders.
Best Cyber Security Education Programme Sponsored by Malwarebytes
The Information Security Group (ISG) at Royal Holloway University of London (RHUL)
The Information Security Group (ISG) at Royal Holloway, University of London, is a world-leading interdisciplinary research group dedicated to research and education in information (cyber) security. It has been recognised by EPSRC and GCHQ as one of eight Academic Centres of Excellence in Cyber Security Research in the United Kingdom.
The ISG contains more than fifteen full-time academic faculty members, including a mixture of computer scientists, mathematicians and social scientists. These are supported by several research assistants and many research students, making the ISG one of the largest academic information security teams in the world. The group has expertise in cryptanalysis, combinatorial cryptography, provable security and message authentication codes.
CSO / CISO Of The Year Sponsored by IBM
Ed Tucker, head of cyber security, HMRC
Ed Tucker has been working in IT and Security for over 15 years. He currently leads HMRC's Cyber Security and Response capability, looking into areas such as Online Fraud, Hacking Analysis & Capability Scoring, Forensic Investigations, Cyber Threat.
Over the last few years, Tucker has been working hard to implement security controls across all HMRC's email domains and has managed to reduce phishing emails by 300 million this year through spearheading the use of DMARC (Domain-based Message Authentication, Reporting and Conformance). This has enabled the organisation email service providers to identify fraudulent emails purporting to be from genuine HMRC domains and prevent their delivery to customers
Its dedicated Customer Protection Team, part of HMRC's Cyber Security Team, in the first six months of 2016, has responded to over 300,000 phishing referrals from customers. They've also instigated the takedown of over 14,000 fraudulent websites that were attempting to harvest customer data.
Special Recognition Award
Malwaretech / Marcus Hutchins
Marcus Hutchins has been lauded as a hero that very possible may have saved the NHS and many other organisations around the world from the full effects of WannaCry. The 22-year-old slowed down the spread of the malware from his home on the North Devon coast. Known as MalwareTech on Twitter, Hutchins managed to register a garbled domain name hidden in the malware to track the virus, with the effect of halting the infection.