Fighting Cybercrime: We Are Stronger Together than We Are Individually
As a cybersecurity professional, how numb have you become to vendors who try to scare you with frightening statistics in an effort to sell you a new product? It is understandable that a vendor has to present as much information in a limited amount of attention-grabbing time, so their doomsday technique ... Read More
Open Invitation to Help Develop Infosec Community Resources
It may be possible to democratize security by making it more accessible to average companies through community resources. We have an idea or two, but we would appreciate your thoughts. At the 2019 RSA security conference, Matt Chiodi, Chief Security Officer of Palo Alto Networks said “… small organizations are ... Read More
Mitigating Risks in Cloud Migration
Companies are moving to incorporate the cloud into their computing infrastructure at a phenomenal rate. This is, without question, a very positive move. It permits companies to scale processing resources up and down in response to changing demands, giving companies the operational equivalent of unlimited resources while paying only for ... Read More
Cybersecurity Hygiene: Not a Dirty Little Secret for Long
In October 2018, FICO (a consumer credit scoring specialist) began scoring the cybersecurity of companies based upon a scan of internet facing vulnerabilities. FICO grades companies using the same scoring that is familiar with consumer credit. These metrics are then used to compare security risks against competitors. This announcement has ... Read More
Regulatory Fines, Prison Time Render “Check Box” Security Indefensible
In May 2017, the Equifax data breach compromised critical credit and identity data for 56 percent of American adults, 15 million UK citizens and 20,000 Canadians. The Ponemon Institute estimates that the total cost to Equifax could approach $600M in direct expenses and fines. That doesn’t include the cost of ... Read More
What Keeps You Up At Night?
Maybe you have nightmares about accidentally posting AWS console credentials on Github. Some CISOs undoubtedly have dreams where they must explain to the board that the company has just set the record for the world’s largest data breach. As a developer of security products, I spend many early mornings thinking ... Read More
Tripwire Visibility for ICS: Getting From Data Mountains to Event Nuggets
If you operate an industrial network, you know that it is important to recognize operational errors and malicious changes as fast as possible to prevent unsafe and costly conditions from emerging. But achieving this goal requires you to be able to ingest enormous volumes of data and reduce this to ... Read More
Tripwire & NCCoE Collaborate on the Energy Sector Asset Management Project
Eight companies including Tripwire have been selected by the National Cybersecurity Center of Excellence (NCCoE) to collaborate on the Energy Sector Asset Management Project. The NCCoE is a part of the National Institute of Standards and Technology. These companies are working together to build a reference design and an example ... Read More
Beware: Real Estate Scams are Growing
What does the chairman of MIT’s board of trustees and a Supreme Court judge for New York State have in common with the Weintraubs of Lebanon, Oregon? They were all victims of real-estate spoofing scams, a form of cyber-security fraud that has grown from $19 million in 2016 to over ... Read More
