• Best Anti-malware Solution
• Best Email Security Solution
• Best Instant Messaging Security Solution
• Best Web Filtering Solution
• Best Intellectual Property Protection
• Best Endpoint Security Solution
• Best Mobile Device Security Solution
• Best Enterprise Firewall
• Best Intrusion Detection/Prevention Solution
• Best Wireless Security Solution
• Best IPsec/SSL VPN
• Best Identity Management Solution
• Best Multi- and Second-factor solution
• Best Integrated Security Solution
• Best Managed Security Service
• Best Computer Forensics Solution
• Best Event Management Solution
• Best Policy Management Solution
• Best Audit/Vulnerability Assessment Solution
• Best Security Software Development Solution

• Best Security Company
• Rookie Security Company of the Year
• Best SME Security Solution
• Best Enterprise Security Solution
• Best Regulatory Compliance Solution

• Best Professional Certification Program
• CSO of the Year
• Best Security Team
• Best Professional Training Program
• Editor's Choice Award

Includes anti-spyware, anti-spam, anti-virus, anti-worm solutions. Can cover both point solutions as well as those tackling all these threats in one.

Will consider anti-spam, email content filtering, email encryption and email security solutions.

Includes solutions that help organizations safeguard their intellectual property persistently - both inside and outside the company.

Includes solutions that secure the endpoint - from desktop firewalls to NAC products.

Includes anything from hard disk encryptions solutions and tools that track lost mobile devices to USB/thumb drive security solutions

Includes both types of solutions offered individually, as well as combo packages.

Covers WLAN security solutions.

Includes bimetrics, smart cards, tokens, etc. Includes second-factor solutions that provide additional security and authentication mechanisms.

Both UTM devices and software that help companies address myriad security problems in one, easy-to-use and centrally-managed offering.

Covers providers offering specific services, such as email security, as well as larger and smaller players whose services run the IT security gamut.

Can include both enterprise/network and desktop/single system forensic tools.

Covers SIM/SEM solutions

Will consider tools that help companies enforce policies -- both end-user and technical.

Includes vulnerability assessment solutions, patch management tools, pen testing, misconfiguration testing, etc.

Includes solutions that help developers, working for both software vendors and internally for end-user companies, to create more source code in products.

Nominees should be the tried-and-true, longer-standing companies tht have been offering products and services to customers for at least two years. Nominations can come from all sectors. Areas that will be accounted for in the judging process include product line strength, customer base, customer service/support, research and development, company growth and solvency, innovation and more.

Nominated companies should be new to the IT security field, offering at least one strong product that is within two years of its initial release. Nominees can come from any IT security product/service sector and will be continuing their efforts in further product development, customer growth, and overall fiscal and employee growth.

This includes product nominations from all product sectors specifically designed to meet the requirements of small- to mid-sized businesses. The winning solution will have been a leading solution during the last year, having help to strengthen the IT security industry's continued evolution.

This includes product nominations from all product sectors specifically designed to meet the requirements of large enterprises. The winning solution will have been a leading solution during the last year, having help to strengthen the IT security industry's continued evolution.

Nominated solutions should help organizations comply with specific regulatory requirements demanded of companies in the healthcare, financial services and government markets. Solutions should help customers meet mandates noted in such legislation as HIPAA, GLBA, FISMA or in guidelines noted by the likes of the FFIEC. Nominees must be prepared to offer customer references who are engaged in or have already completed real, fully-fledged deployments, and should be ready to address specific questions posed to them during the judging process.

Programs are defined as professional industry groups offering certifications to IT security professionals wishing to receive educational experience and credits. Entrants can include organizations in the industry granting certifications for training and knowledge which they provide.

Contenders should include those who work for end-user companies only. No vendor CSOs will be considered. Nominees are the cream of the crop, having spearheaded a viable IT security program, gained the support of their company's executive leaders as well as their colleagues, and helped -- through their indefatigable efforts -- to propel the CISO/CSO position to a footing of influence within their organizations and the corporate world as a whole. Specific projects,undertakings as well as over-arching security programs to propel these various goals should be noted. Nominees should be prepared to answer further questions during the judging process, offer at least two references and be amiable to holding confidential interviews with members of the SC editorial team if warranted.

Contenders should only include end-user teams who have executed and are managing exceptional security programs; who have built a strong security program from a virtually non-existent one; who have successfully established and implemented an integral and/or innovative/cutting-edge component of their security program; who have spearheaded strong awareness and training programs for their end-users, customers or partners; etc.

Programs are defined as those geared toward strengthening expertise of IT security professionals via training on secure coding, end-user awareness, and more by an outside industry expert. Entrants can include companies offering such training - which does not conclude with the winning of a particular professional certification.

Based on information culled from SC events, through research conducted by the SC editorial team for various features and news articles, and conversations with/feedback from readers, analysts and vendors, this award is given to a group, person, company or product at the discretion of the U.S. Editor-in-Chief.