I’m sure you’ve noticed that Tripwire is consistently engaged in an ongoing conversation about cybersecurity breaches, Internet security risks, personal privacy and cybersecurity hygiene. This conversation is no longer restricted to the information security industry; the conversation now includes everyone, from consumers to CEOs and board members in every country around the globe. All the while, the barrage of cybersecurity breach news increases nearly daily.

Corporate Boards Becoming Accountable For CyberSecurity

On June 9, 2013, Snowden disclosed a huge amount of secret information from the CIA and the NSA, putting businesses around the world on notice about the real cybersecurity risks from insider threats.

On December 19, 2013, Target announced that hackers had stolen data of up to 40 million credit cards and debit cards between November 27 and December 15 of that year. The Target breach then followed a common trajectory; the breach was larger than initially disclosed. Then, on January 10, 2014, Target disclosed that hackers had also stolen personal information from 70 million customers.

When Target’s CIO Beth Jacobs resigned in March 2014, and CEO Gregg Steinhafel resigned in May 2014, it became very clear to corporate executives that they could be fired if they failed to manage cybersecurity risks effectively. The breach continued to make the kind of news no company wants when ISS advised Target shareholders to oust many board members for “failure to provide sufficient risk oversight.”

Today, it’s clear that executives and board members are being held accountable for the company’s cybersecurity risks.

New Investments in Projects to Harden Systems

Together, these events have fundamentally changed the way businesses are looking at cybersecurity. Many organizations are actively investing in projects to proactively and continually “harden” their systems against threat-centric changes that increase cybersecurity risks. There have certainly been enough breach investigation findings to give us a roadmap of the most common threat vectors and it’s largely the stealthy changes that tend to get lost in the ‘noise’ of everyday network activity that indicate a breach is in progress.

Highly targeted exploits that lead to massive breaches happen in small, quiet steps that are designed to be easy to overlook. As a result, businesses have realized that they have to fundamentally change the way they manage network security.

Tripwire Detects Threat-Focused Changes

In IDC’s recently published annual Worldwide Security and Vulnerability Management 2014-2018 Forecast and 2013 Vendor Shares report, Tripwire’s rankings have risen significantly. These market changes are being driven by the need to continuously and proactively control quiet and difficult-to-detect changes that are critical to stopping or limiting a data breach in progress.

chart

Catching these kinds of changes is the reason Tripwire Enterprise was created. We’ve been helping businesses around the world proactively harden their systems against threat-centric change for more than 15 years.

There are vast numbers of changes that can occur across any enterprise daily, and Tripwire’s unique and patented ChangeIQ capability is designed to use system state intelligence to sift through the noise to find ‘changes of interest.’ This means we are able to discern ‘good’ change (like authorized patch application) from ‘bad’ change (like a new .exe appearing on a desktop after opening an email).

Those ‘events of interest’ can be your earliest indication of threat activity. Tripwire Enterprise is designed to help organizations continually assess their systems and their state of security to proactively harden against threats (even zero-day threats), and help remediate and automate corrections.

A “Tripwire” Can Catch Cybercriminals

Cybercrime is big business and cybercriminals are going to continue to evolve, constantly becoming more organized and better at evading traditional security controls. In this environment, companies are going to have to equally adapt. A good first step is to fund a project to proactively and continuously harden system configurations, considering hardening critical servers and desktops, as well. Many of the biggest breaches have started there to gain access to valid credentials and later access to more valuable assets elsewhere in the infrastructure. Detecting threat-focused ‘bad’ change in the earliest stages will help you avoid becoming the next breach headline.

 

RELATED ARTICLES:

RESOURCES:

picCheck out Tripwire SecureScan™, a free, cloud-based vulnerability management service for up to 100 Internet Protocol (IP) addresses on internal networks. This new tool makes vulnerability management easily accessible to small and medium-sized businesses that may not have the resources for enterprise-grade security technology – and it detects the Heartbleed vulnerability.

picThe Executive’s Guide to the Top 20 Critical Security Controls

Tripwire has compiled an e-book, titled The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities, which is available for download [registration form required].

Header image courtesy of ShutterStock

Categories: ,

Tags: , ,


Leave a Reply

Katherine Brocklehurst

Katherine Brocklehurst has contributed 20 posts to The State of Security.

View all posts by Katherine Brocklehurst >