Tripwire & FoxGuard: Patching for compliance and security

There’s a saying in the cybersecurity community which states that just because you are compliant doesn’t mean that you are secure. Over the years, many images have been used to illustrate the point. One ...

The Penetration Testing Guide for Compliance and Audits

A penetration test is a simulated cyberattack against an enterprise’s IT system to identify vulnerabilities that are exploitable which can result in a data breach and financial loss to the organization. Penetration ...
Upgrade From Whitelist Profiler to Tripwire State Analyzer

Upgrade From Whitelist Profiler to Tripwire State Analyzer

If you’re a Tripwire® Whitelist Profiler customer, then you know that the software does an excellent job of executing its core functionalities. These include comparing the running state of a machine to ...

How Internal Audit Brings Value To Your Third-Party Risk Management Program

| | Audit, Third Party Risk
Organizations have become increasingly reliant on third-parties to deliver core products and services to their customers. About 82% of companies provide third-party vendors with highly privileged roles. This is a major risk ...

Hidden Value In Creating Cybersecurity Audit Programs

One of my first tasks after leaving NSA for private industry in the early 90s was to write my new company’s information security policy. I’m not sure my previous job as a ...

CIS Control 08: Audit Log Management

Audit logs provide a rich source of data critical to preventing, detecting, understanding, and minimizing the impact of network or data compromise in a timely manner. Collection logs and regular review is ...
How can the audit team show executives the organization is resilient in it’s use of third-parties?

Ask the Expert: What are steps that the audit team can take to instill confidence in the executive team that the organization is resilient concerning it’s use of vendors and third-parties?

| | Audit, Third Party Risk
Dawn Ward, Senior Solution Consultant at Iceberg Networks and Chris Murphey, VP Advisory Services at Iceberg Networks, discuss how the audit team can instill confidence to the executive team that the organization ...
What is the Board asking audit teams concerning Nth-party risk?

Ask the Expert: What is the Board asking audit teams concerning Nth-party risk?

| | Audit, Third Party Risk
Dawn Ward, Senior Solution Consultant at Iceberg Networks and Chris Murphey, VP Advisory Services at Iceberg Networks, discuss what the Board of Directors is asking internal audit teams around Nth-party risk. The ...
How has audit’s role in evaluating third-party risk changed in the last year?

Ask the Expert: How has audit’s role in evaluating third-party risk changed in the last year?

Dawn Ward, Senior Solution Consultant at Iceberg Networks and Chris Murphey, VP Advisory Services at Iceberg Networks, discuss how evaluating the Third-Party Risk Management program has evolved for internal auditors. The following ...
How has third-party risk changed in the last year?

Ask the Expert: How has third-party risk changed in the last year?

Dawn Ward, Senior Solution Consultant at Iceberg Networks and Chris Murphey, VP Advisory Services at Iceberg Networks, discuss how the third-party risk landscape has evolved in the last year. The following is ...