collaborate pyramid Open Invitation to Help Develop Infosec Community Resources

Open Invitation to Help Develop Infosec Community Resources

It may be possible to democratize security by making it more accessible to average companies through community resources. We have an idea or two, but we would appreciate your thoughts. At the 2019 RSA security conference, Matt Chiodi, Chief Security Officer of Palo Alto Networks said “… small organizations are ... Read More

Mitigating Risks in Cloud Migration

Companies are moving to incorporate the cloud into their computing infrastructure at a phenomenal rate. This is, without question, a very positive move. It permits companies to scale processing resources up and down in response to changing demands, giving companies the operational equivalent of unlimited resources while paying only for ... Read More
Assessment of Business cybersecurity

Cybersecurity Hygiene: Not a Dirty Little Secret for Long

In October 2018, FICO (a consumer credit scoring specialist) began scoring the cybersecurity of companies based upon a scan of internet facing vulnerabilities. FICO grades companies using the same scoring that is familiar with consumer credit. These metrics are then used to compare security risks against competitors. This announcement has ... Read More

Regulatory Fines, Prison Time Render “Check Box” Security Indefensible

In May 2017, the Equifax data breach compromised critical credit and identity data for 56 percent of American adults, 15 million UK citizens and 20,000 Canadians. The Ponemon Institute estimates that the total cost to Equifax could approach $600M in direct expenses and fines. That doesn’t include the cost of ... Read More

What Keeps You Up At Night?

Maybe you have nightmares about accidentally posting AWS console credentials on Github. Some CISOs undoubtedly have dreams where they must explain to the board that the company has just set the record for the world’s largest data breach. As a developer of security products, I spend many early mornings thinking ... Read More

Tripwire Visibility for ICS: Getting From Data Mountains to Event Nuggets

If you operate an industrial network, you know that it is important to recognize operational errors and malicious changes as fast as possible to prevent unsafe and costly conditions from emerging. But achieving this goal requires you to be able to ingest enormous volumes of data and reduce this to ... Read More

Tripwire & NCCoE Collaborate on the Energy Sector Asset Management Project

| | Energy, ICS Security, IT, NCCoE, OT, security
Eight companies including Tripwire have been selected by the National Cybersecurity Center of Excellence (NCCoE) to collaborate on the Energy Sector Asset Management Project. The NCCoE is a part of the National Institute of Standards and Technology. These companies are working together to build a reference design and an example ... Read More

Beware: Real Estate Scams are Growing

What does the chairman of MIT’s board of trustees and a Supreme Court judge for New York State have in common with the Weintraubs of Lebanon, Oregon? They were all victims of real-estate spoofing scams, a form of cyber-security fraud that has grown from $19 million in 2016 to over ... Read More