The Payment Card Industry Data Security Standard (PCI DSS) was created to help organizations that process credit card payments secure the cardholder environment to prevent credit card fraud, cyber threats, and other security vulnerabilities. The latest version, 4.0, provides specific security guidance on handling, processing, transmitting, and storing credit card data to minimize the theft,...

More attention is being paid to risks around the supply chain in the bulk electricity system (BES). When third-party vendors introduce new products, software and personnel into a power supplier’s environment, the potential for new cyber risks increases. For this reason, the North American Electric Reliability Corporation (NERC) recently added a new set of requirements to its Critical...

Some of our nation’s most critical physical infrastructure is represented by the national Bulk Electric Systems (BES). Today’s digital world relies upon this interconnected network of power generation and transmission systems more than ever. To ensure the reliability and resilience of that network, providers must continually manage threats to the infrastructure, including many that relate to...

Industrial operators subject to the North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) standard know that achieving compliance is no minor feat, and serious strategic consideration is required to ensure efficient resource use in the compliance process. By meeting NERC CIP compliance, these companies take important steps towards securing their IT/OT...

The NERC Critical Infrastructure Protection standards are designed to enhance reliability of the electrical supply by securing the connected assets on which that supply relies. When building a program for NERC CIP compliance, registered entities must balance the need to be audit ready with the resources required to achieve and maintain compliance. NERC CIP version 6 increases the amount of work...

The NERC Critical Infrastructure Protection standards are designed to enhance the reliability of the electrical supply by securing the connected assets on which that supply relies. When building a program for NERC CIP compliance, registered entities must balance the need to be audit-ready with the resources required to achieve and maintain compliance. NERC CIP compliance, especially when...

SigmaFlow is the industry leading solution for orchestrating NERC CIP compliance to achieve an ongoing state of Audit Readiness. Tripwire, Inc. is a leading global provider of advanced threat, security and compliance management solutions. Integrating these solutions offers an automated way to drastically reduce the time and resources required to manage NERC compliance and collect comprehensive...

North American electric utility companies constantly balance the need to be audit-ready for NERC CIP compliance against their top priority: ensuring the reliability of the bulk electric system. NERC CIP compliance, especially when approached using manual methods, is complex, time-consuming, and prone to human error. Further, NERC CIP requirements often infer security skill sets beyond those of...

As a security professional, you’re tasked with protecting your organization against attacks, detecting threats, identifying vulnerabilities and hardening configurations. But in an increasingly crowded marketplace, how do you choose the right cybersecurity partner? From experience and technical innovation to security expertise, Fortra's Tripwire stands out from the competition. Here are 10 reasons...

With notable industrial cyber events on the rise, the 2020s are shaping up to be a challenging time for operational technology (OT) operators concerned with the safety, security, and compliance of their operational technology networks. To protect their OT environments, everyone from plant managers to CISOs is facing increased pressure to deploy effective cybersecurity solutions. However,...