GPG 13

Achieve Protective Monitoring with GPG 13 Compliance. Reduce Risk.

CESG’s Good Practice Guide 13 (GPG 13) is a Protective Monitoring framework for HMG ITC Systems, service providers and outsourcing companies to reduce risk and secure confidential data. But there are many misconceptions about GPG 13 compliance. Given the current budget restrictions, Government departments already tackling various compliance initiatives (like GCSX CoCo or PCI) may consider GPG 13 too costly, and therefore assume the risk. Additionally, departments may consider GPG 13 compliance requirements are limited to collecting log files, and therefore neglect to integrate required change detection capabilities. Tripwire delivers a Protective Monitoring solution to help an organisation to gain situational awareness of events of interest that reduce the risk window, and affordably meet GPG 13 compliance requirements.

AFFORDABLE PROTECTIVE MONITORING

Tripwire helps Government bodies to affordably achieve GPG 13 compliance with a single integrated solution. The Tripwire® VIA™ suite combines the power of Tripwire® Log Center—log and SIEM—and the intelligence of Tripwire® Enterprise—FIM and configuration control. The Tripwire VIA suite delivers an automated solution designed to support monitoring, change detection, reporting and investigation in real time to meet the requirements of Protective Monitoring for HMG ICT systems and the recommended controls of GPG 13.

Tripwire VIA solutions allow Government bodies to:

  • Meet the requirements of Protective Monitoring for HMG ICT systems utilising the recommended controls of GPG 13.
  • Monitor in real-time and instantly detect changes and events that may impact upon security.
  • Alert instantly on suspicious behaviour within the enterprise.
  • Collect any readable audit, accounting or operational log and process it in to a scalable flat-file based forensic data store in accordance with the organisation’s Forecsic Readiness Policy.
  • Conform with standards such as the Security Policy Framework (SPF); GCSX requirements; Data Protection Act and Community Security Policy (CSP).

Request an Evaluation

GPG 13 Resources

    • Infosecurity Europe 2012 Wrap Up
      Infosec expert and ‘cynic’ Javvad Malik summarizes the most important aspects of Infosecurity Europe 2012. Some of the top trends and key takeaways: risk management and the rising role of the CISO....
    • Communicating the value of Information Security – Part 3
      In part 2 of this series, I talked about getting to know the "language" of your particular business. This week, I want to talk about how to leverage Enterprise Architects, if they are available. They can be...
    • The Growing Pains of the New CISO
      Recently we had an opportunity to interview Phil Cracknell (@PCracknell on Twitter) during Infosecurity Europe. Infosec expert and ‘cynic’ Javvad Malik asks Mr. Cracknell, Global Security and...

To read more blog posts, visit the State of Security Blog.

To browse more, visit the company news section.

Resource Library

Resource Library

Read, watch or listen to valuable information about Tripwire solutions, customer success stories, IT security and compliance best practices, and more.

Resource Library