Resources

Blog

Compliance vs. Security: Striking the Right Balance in Cybersecurity

Compliance and security often go hand in hand as ideas that attempt to protect against cyber threats. While both compliance and security are designed to lower risk, they are not mutually inclusive—that is, not everything that is required for compliance will necessarily help with security, and not everything that bolsters security will necessarily...
Blog

Revealed! The top 10 cybersecurity misconfigurations, as determined by CISA and the NSA

A joint cybersecurity advisory from the United States's National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) has shone a light on the top ten most common cybersecurity misconfigurations found in large private and public organisations. The report aims to detail the weaknesses found in many large organisations,...
Blog

Increasing Your Business’ Cyber Maturity with Fortra

When building a tower, it helps to start with a sturdy foundation. Cyber maturity is the tower, and there are three levels that build it: Foundational IT/OT & Security Control Processes Fundamental Security Control Capabilities Advanced Security Control Capabilities Fortra occupies a unique space in the industry because of the sheer size of...
Blog

General Data Protection Regulation (GDPR) – The Story So Far

Do you remember where you were on 25th May 2018? Perhaps you were enjoying a Friday night drink with friends. Perhaps you were with family, relaxing after a busy week at work. I was actually having a GDPR Birthday party with friends and colleagues because 25th May 2018 was a landmark day for the world of Data Protection (yes, seriously, we had a...
Blog

5 Reasons Why You Should Conduct Regular Cybersecurity Audits

Cyber threats are growing more sophisticated, covert, and frequent every day. This year alone has seen the likes of T-Mobile and PharMerica suffering serious security breaches. These incidents disrupted operations and threatened their bottom lines, not to mention the lingering aftereffects and negative brand perception in the eyes of their customers...
Blog

What is ISO 27002:2022 Control 8.9? A Quick Look at the Essentials

The basic parameters that control how hardware, software, and even entire networks operate are configurations, whether they take the form of a single configuration file or a collection of connected configurations. For instance, the default properties a firewall uses to control traffic to and from a company's network, such as block lists, port...
Blog

Working with a Reliable Partner for Cybersecurity Success

Technology companies are often seen as revolving doors of constantly shifting personnel. Whether they are seeking a better work environment or chasing a higher paycheck, these staff changes can hurt an organization’s progress. Worse yet, the customers are often negatively impacted by these changes in the continuity of established relationships. At...
Blog

Understanding Firewalls – Types, Configuration, and Best Practices for Effective Network Security

A firewall is a security device that controls the flow of traffic across a network. A firewall may be a hardware appliance, or it may be a piece of software that runs on a third-party operating system. Firewalls operate based on a set of pre-defined, as well as customizable security rules that inspect network traffic to block or permit access to a...
On-Demand Webinar

Expert Compliance Automation Tips for Financial Services

Cybersecurity compliance standards like the Payment Card Industry Data Security Standard (PCI DSS) and Society for Worldwide Interbank Financial Telecommunications (SWIFT) do an excellent job of hardening systems against breaches. This is especially important in the financial services sector, a common target for cybercriminals. This on-demand webinar presented by Senior Solutions Engineer Dan...
Blog

5-Step Guide on Securing Serverless Architectures in the Cloud with RASP

Serverless architecture has increased in recent years, and is anticipated to grow by nearly 25% over the next decade, According to one source, the serverless architecture market was worth over $9 billion in 2022, with its compound annual growth rate projected to increase. The market could be worth over $90 billion by 2032. This indicates the...
Blog

Security Immutability: The Importance of Change

A few years ago, I wrote about the importance of security immutability. More specifically, I discussed how important it is that your environment be unchangeable in order to ensure that it remains secure. As I looked back on the article, I found it rather amusing that the article was published 4 years ago, but that feels like a lifetime ago. In the...
Blog

Tripwire Enterprise: Five ‘Other’ Things You Should Know

Network engineers and security analysts have a lot in common. Both require the ability to not only understand the problems at hand but to ascertain the moments leading to them. A typical scenario would include a request to help with a problem a customer has been experiencing. The person you are trying to assist is probably a member of the IT team in...
Blog

Is secure-by-default an achievable reality?

We have come a long way in the cybersecurity sector in a relatively short period of time, but there remain many challenges in day-to-day operations that create security gaps in many organizations. One of the most common is tied to how we build our solutions, making sure they are secure out-of-the-box instead of only being evaluated during a pen test...
Blog

Is Your MSP Taking Its Own Security Seriously?

Most small and midsized businesses trust an IT services partner to help them secure their networks. A few years ago, high-profile cyberattacks targeting MSP vendors Kaseya and SolarWinds thrust the security risk of relying on a complex chain of vendors into the technology media and moved the Department of Homeland Security to issue a statement...
Blog

DNS Security in Healthcare: The Gem in Your Cybersecurity Arsenal

The ransomware, malware and phishing attacks going on in the healthcare industry are quite alarming these days. The customers' data in the healthcare industry is more sensitive than in most industries, and this has proven to be a sweet spot for threat actors. Recent research by Infloblox reported that in 2022, there were over 546 major data breaches...
Blog

Tripwire Enterprise: Reimagining a Winning Product

How many security products does it take to monitor an organization? Even a small company often finds itself working with multiple monitoring tools to gain visibility into its security posture. This creates multiple blind spots, as a security analyst needs to jump between different tools with different formats and configurations to research a...
Blog

Enhanced Data Analysis with Synthetic Datasets

Large data can offer a massive affordable advantage for companies. Scientists, information analysts, marketing professionals, and advertisers rely upon receiving valuable insights from substantial pools of consumer information. When examined correctly, this information can provide valuable insight for organizations that understand how to use it. ...
Guide

How Managed Services Can Help With Cybersecurity Compliance

Organizations are often overburdened with managing complex tools to handle their most important compliance responsibilities, and in many cases lack the internal headcount to manage those tools with highly-trained expertise. Managed services can solve your security staffing and resource challenges by arming your team with security expertise to maintain optimal compliance. Managed service providers...
Blog

A Sarbanes-Oxley Act (SOX) IT Compliance Primer

At the turn of the most recent century, the financial world was in a moment of unregulated growth, which lead to some serious corporate misdeeds in the United States. This presented the opportunity for two senators to enact a new law to ensure accurate and reliable financial reporting for public companies in the US. The result was the Sarbanes-Oxley...
Blog

Allowlisting and Blocklisting: What you need to know

The phone rings, displaying "Potential Spam," warning of the possible downfall of accepting the call. We also have the option to set specific ringtones for the special people in our lives, so we audibly know immediately who’s calling. For other callers, like the once-a-year important call from our insurance or investment rep, we'll at least add...