Collaborate Disseminate
Data breaches and ransomware attacks aren’t just still occurring. They’re also becoming more frequent. According to ZDNet, the number of ransomware attacks detected and blocked by one security firm grew 715% year-over-year in 2020 alone. Another securi… Continue reading A Cure for a Disheartened Cybersecurity Professional
Given that attacks are only increasing and there needs to be greater efficacy in how companies protect themselves, let us reference how the financial industry has created and relies on a body of standards to address issues in financial accounting as a … Continue reading Mind the GAAP: A Lens for Understanding the Importance of the CIS Controls
So many times, we hear companies say, “Our tools are just like Tripwire’s,” “We do configuration management just like Tripwire” and “We can push out policy just like Tripwire.” But as we say, this just ain’t necessarily so. You might be able to do conf… Continue reading How Tripwire Does Configuration Management Differently
Have you ever worked with a company that operates as “close to broken” as reasonably possible? Companies that follow that mindset usually do not have the most robust security practice, and they certainly will walk very close to the edge of compliance. … Continue reading Compliance – The Invisible Hand of Cybersecurity
Unfamiliar territory As a security analyst, engineer, or CISO, there are so many aspects of the field that require immediate attention that one cannot possibly know everything. Some of the common areas of security knowledge include topics such as wher… Continue reading Don’t Let Your Stored Procedures Lack Integrity
ORDELL: Take the keys, man. Listen to music. LOUIS: Which one is for the car? (Ordell finds it. While he goes through the keys, Vicki comes back on the line.) (Max speaks with her as he fills out his papers.) ORDELL: (holding a key) This one’s for the … Continue reading Ordell Robbie, Tripwire and Security Configuration Management.
Lateral movement is one of the most consequential types of network activity for which organizations need to be on the lookout. After arriving at the network, the attacker keeps ongoing access by essentially stirring through the compromised environment … Continue reading File Integrity Monitoring (FIM): Your Friendly Network Detective Control
For many organizations, security flows from the top down. That’s a problem when executives don’t emphasize security as much as they should. Cisco learned as much in its CISO Benchmark Study “Securing What’s Now and What’s Next20 Cybersecurity Considera… Continue reading How CISOs Can Foster Effective Comms and Build a Cybersecurity Program
Have you ever been around someone who is just better at something than you are? Like when you were in school and there was this person who was effortless at doing things correctly? They had great study habits, they arrived on time, they were prepared a… Continue reading The 4 Stages to a Successful Vulnerability Management Program
We all know there are a number of different security devices that need to be continually monitored because they represent attack vectors. That’s why understanding configuration management is critical to security hygiene. As practitioners, we need… Continue reading What Security Leaders Should Consider When Building a Business Case for Integrity Monitoring