Escalating cyberthreats in the oil and gas industry underscore the need for substantial collaboration between public and private sectors to mitigate this national security risk, and much of this responsibility falls on the shoulders of individual pipeline operators who need to comply with the Transportation Security Administration (TSA) Security Directive. Despite being best...

Zero trust isn’t a new model, but its influence on the cybersecurity industry has strengthened over time since 1994. Zero trust became especially top-of-mind a few years ago when remote work and cloud services took off, prompting organizational leaders to rethink the way they enforced cybersecurity controls in an increasingly perimeter-less world. Is zero trust just another...

Is your organization using default security settings, or do you have a security configuration management (SCM) program in place to ensure your configurations are as secure as possible? Misconfigurations are a leading cause of unauthorized access and security breaches, creating entry points for hackers in servers, websites, software, and cloud infrastructure. The Open Worldwide...

File integrity monitoring (FIM) is a critical security control that helps organizations detect system changes in real-time that indicate impacts to compliance and potential cybersecurity incidents, empowering teams to respond rapidly. FIM is required by many major compliance standards such as North American Electric Reliability Corporation Critical Infrastructure Protection ...

Organizations are often overburdened with managing complex tools to handle their most important compliance responsibilities, and in many cases lack the internal headcount to manage those tools with highly-trained expertise. Managed services can solve your security staffing and resource challenges by arming your team with security expertise to maintain optimal compliance. ...

Is your organization ready for the new PCI DSS 4.0 Standard? If you’re already compliant with the most recent version of the Payment Card Industry Data Security Standard (PCI DSS), you’ve probably already begun transitioning to version 4.0 ahead of the upcoming deadline. To help you make the journey easier and more straightforward, Fortra’s Tripwire gathered strategic...

Maintaining compliance is a difficult job—both in scope and in practical application. Organizations need to comply with a vast array of regulations, and the number is constantly increasing. Compliance is consistently tightening; businesses and financial institutions now have to learn and dive into the new Payment Card Industry Data Security Standard (PCI DSS) 4.0 requirements...

There’s a lot more to file integrity monitoring than simply detecting change. Although FIM is a common policy requirement, there are many FIM capabilities and processes you can elect to implement or not. These can vary from a simple “checkbox” compliance tool to the option to build effective security and operational controls. These decisions directly affect the value your...