-
Tyler Reguly
Guide
What Experts Have to Say About Choosing the Right Cybersecurity Frameworks
Frameworks like the Center for Internet Security (CIS) Controls, MITRE ATT&CK and the National Institute of Standards and Technology (NIST) Cybersecurity Framework give organizations clear, step-by-step methodologies for protecting their sensitive data, leveraging a wealth of industry knowledge to take the guesswork out of your security program.
While these cybersecurity...
Blog
Insider Threats Maintain a Rising Trend
By Katrina Thompson on Tue, 05/14/2024
Image
“When the cat’s away, the mouse will play,” the old adage goes. Filings to anti-fraud non-profit Cifas would support that claim, as Insider Threat Database (ITD) reports rose by 14% this past year and are largely attributable to hard-to-monitor work-from-home employees mixed with “increasing financial pressures.” The report...
Blog
The Impact of NIST SP 800-171 on SMBs
By Josh Breaker-Rolfe on Mon, 05/06/2024
Image
From more broad laws like GDPR to industry-specific regulations like HIPAA, most organizations today must comply with some kind of data protection guideline. Some businesses may even have to comply with numerous data protection regulations. As such, compliance with data protection regulations has become increasingly complicated....
Blog
Enhancing Endpoint Security with Advanced Host-Based Intrusion Detection Capabilities
By Tripwire Guest Authors on Tue, 04/23/2024
Image
In 2023, companies lost about $4.45 million on average because of data breaches. As cyber threats advance, securing endpoints is more important than ever. An advanced Host-based Intrusion Detection System (HIDS) provides a sturdy remedy to improve endpoint security. By monitoring and examining system responses and device status,...
Blog
Oops, Malware! Now What? Dealing with Accidental Malware Execution
By Dilki Rathnayake on Tue, 04/02/2024
Image
On an ordinary day, you're casually surfing the web and downloading some PDF files. The document icons seem pretty legitimate, so you click without a second thought. But, to your surprise, nothing happens. A closer look reveals that what you believed to be a harmless PDF was, in fact, an executable file. Panic sets in as your...
Datasheet
What Makes Fortra’s Tripwire Different
Are you weighing your options between integrity management solutions? Evaluating, purchasing, and deploying new software is hard work, especially when you get down to the granular details of understanding which solutions have which capabilities and matching those capabilities to your organization’s particular needs. In an industry buzzing with ever-changing terminology and a...
Blog
Federated Learning for Cybersecurity: Collaborative Intelligence for Threat Detection
By Tripwire Guest Authors on Mon, 03/18/2024
Image
The demand for innovative threat detection and intelligence approaches is more pressing than ever. One such paradigm-shifting technology gaining prominence is Federated Learning (FL). This emerging concept harnesses the power of collaborative intelligence, allowing disparate entities to pool their insights without compromising...
Blog
The Importance of Host-Based Intrusion Detection Systems
By Steven Sletten on Wed, 03/13/2024
Image
What Is a Host-Based Intrusion Detection System (HIDS)?
A host-based intrusion detection system, or HIDS, is a network application that monitors suspicious and malicious behavior, both internally and externally.
The HIDS’ job is to flag any unusual patterns of behavior that could signify a breach. By bringing this activity to...
Blog
Resolving Top Security Misconfigurations: What you need to know
By Jeff Moline on Mon, 01/22/2024
Image
One of the most common factors that can lead to cybersecurity incidents is a security misconfiguration in software or application settings. The default settings that come with the implementation of these tools and solutions are often not configured securely, and many organizations do not invest the time and resources into...
Blog
An Introduction to AWS Security
By Gilad David Maayan on Fri, 01/12/2024
Image
Cloud providers are becoming a core part of IT infrastructure. Amazon Web Services (AWS), the world's biggest cloud provider, is used by millions of organizations worldwide and is commonly used to run sensitive and mission-critical workloads. This makes it critical for IT and security professionals to understand the basics of...
Blog
Cloud Security Optimization: A Process for Continuous Improvement
By Gilad David Maayan on Thu, 12/28/2023
Image
Cloud optimization is the process of correctly selecting and assigning the right resources to a workload or application with the ultimate goal of minimizing costs while improving performance and efficiency. These resources can range from computational power, memory, and storage to network capabilities. The cloud optimization...
Blog
Guide to Creating a Robust Website Security Incident Response Plan
By Joseph Chukwube on Mon, 12/18/2023
Image
Earlier this year, the SEC proposed a new set of rules on cybersecurity governance, which would require public companies to make appropriate disclosures of cyber risks and management procedures.
Although the amendments target the financial sector, it is one more evidence of the fact that cybersecurity is no longer a backburner...
Blog
Operational Resilience: What It Is and Why It's Important
By Nick Hogg on Wed, 12/13/2023
Image
Frankly stated, operational resilience is your ability to climb the mountain, no matter the weather. Businesses now need more than a good security structure to weather the storms of AI-driven threats, APTs, cloud-based risks, and hyper-distributed environments.
And more importantly, operational resilience in 2024 requires a...
Blog
The 2023 ISC2 Cybersecurity Workforce Study Delves into Cloud Security and AI
By Katrina Thompson on Mon, 12/11/2023
Image
The security industry is at a critical juncture. Capturing the state of affairs is a recent report released by the International Information System Security Certification Consortium, or ISC2.
“A perfect storm”
As they state in their Executive Summary, “Our study shows that a perfect storm of economic uncertainty, rapidly...
Blog
NIST CSF 2.0: What you need to know
By Antonio Sanchez on Mon, 12/11/2023
Image
Organizations looking to protect their sensitive data and assets against cyberattacks may lack the ability to build a cybersecurity strategy without any structured help. The National Institute of Standards and Technology (NIST) has a free, public framework to help any organization mature its IT security posture. Recently, the...
Blog
The Six Pillars of Cybersecurity
By Gary Hibberd on Thu, 11/16/2023
Image
Winter is coming
In the ever-evolving landscape of cloud computing, ensuring robust security measures has never been more important. In the new ISO 27001:2022 standard, there is a new requirement for organisations to establish control of their Cloud services, which includes every flavor of cloud from Software as a Service (SaaS...
Blog
Cloud Watching Report: Key Takeaways
By Anirudh Chand on Mon, 11/13/2023
Image
The capabilities of cloud computing have changed the digital landscape significantly, and the popularity of cloud solutions only continues to increase. According to Gartner, the market for public cloud services is expected to surpass 700 billion USD by the end of 2024. The growth of cloud technologies presents a wealth of new...
Blog
Massive Surge in Security Breaches of Pensions Prompt Questions
By Josh Breaker-Rolfe on Thu, 11/02/2023
Image
A recent report from RPC has revealed that cybersecurity breaches in UK pension schemes increased by 4,000% from 2021/22 to 2022/23. Understandably, the announcement has raised serious concerns about the efficacy of financial service organization’s cybersecurity programmes. Although the reasons for cyberattacks on financial...
Blog
Understanding Cybersecurity Footprinting: Techniques and Strategies
By Dilki Rathnayake on Mon, 10/16/2023
Image
Footprinting, also known as fingerprinting, is a methodology used by penetration testers, cybersecurity professionals, and even threat actors to gather information about a target organization to identify potential vulnerabilities. Footprinting is the first step in penetration testing. It involves scanning open ports, mapping...