Resources

Pylon and cables
Blog

The State of the US National Cybersecurity Strategy for the Electric Grid

By Anastasios Arampatzis on Wed, 02/01/2023
The distribution systems of the U.S. energy grid — the portions of the grid that carry electricity to consumers — are growing more susceptible to cyber-attacks, in part due to the advent of monitoring and control technology and their reliance on them. However, the magnitude of the possible consequences of such attacks is not fully understood. Reports...
Compliance
NIST
Industrial Control Systems
Tripwire & Towerline: Easing the burden of the NERC CIP audit process
Blog

Tripwire & Towerline: Easing the burden of the NERC CIP audit process

By Guest Authors on Tue, 12/20/2022
When we speak of necessary evils, some images readily spring to mind. A dental appointment, automobile insurance, and many others. In cybersecurity, audits fit this image quite well. There are many uncomfortable aspects of audits, including the need to maintain accurate records, as well as finding the time to perform all the work required to satisfy...
Compliance
The Cross-Sector Cybersecurity Performance Goals (CPGs): What you need to know
Blog

The Cross-Sector Cybersecurity Performance Goals (CPGs): What you need to know

By Tyler Reguly on Wed, 11/09/2022
The Cross-Sector Cybersecurity Performance Goals (CPGs) are a new baseline released jointly by CISA, NIST, and the interagency community, with a goal of providing consistency across all critical infrastructure. The primary webpage for these goals gives us a great understanding of what they are (and are not). It is worth delving into those specifics...
Industrial Control Systems
New Canadian Cyberattack Data Says 80% of SMBs Are Vulnerable
Blog

New Canadian Cyberattack Data Says 80% of SMBs Are Vulnerable

By Guest Authors on Tue, 10/25/2022
If you were to take a look at the cybersecurity news cycle, you’d be forgiven for thinking that it’s only large enterprises with expansive customer bases and budgets that are the most vulnerable to attacks. But that’s not entirely true. Even if it’s at a much smaller scale, small- and medium-sized businesses (SMBs) still have stores of sensitive...
Cybersecurity
File Integrity & Change Monitoring
Incident Detection & Investigation
Egypt Financial Cybersecurity Framework Datasheet
Datasheet

The Egypt Financial Cybersecurity Framework

Central Bank of Egypt (CBE) identified key areas of focus to tailor a cybersecurity framework to the unique requirements of the Egyptian financial sector. This framework will serve as the foundational guidance for cybersecurity capability development within this critical sector. This is the kick-off of a larger-scale effort by the CBE to build a robust and sustainable cybersecurity ecosystem...
Compliance
Product Video

Chi-X Australia: Building Trust on the Back of Tripwire

Mon, 08/15/2022
Chi-X Australia is a securities and derivatives exchange transforming the Australian investment market through a focus on customers and innovation. The company delivers easy, cost-effective access to local and global investment opportunities. As a result, it has need for a scalable, flexible compliance and security solution that can enable it to function effectively around the world. Chi-X needed...
Guide

How Finance Companies Bank on Tripwire ExpertOps

Finance companies opt for managed services to stay compliant, bolster overburdened security teams, and get ongoing support in keeping their data safe from damaging breaches. The finance sector regularly finds itself on the front lines of emerging attack techniques; attackers commonly search for edge vulnerabilities and test new malware variations against financial systems. However, most breaches...
Compliance
PCI DSS
SOX
Datasheet

Cybersecurity Threats to the Financial Sector

Building customer trust is paramount to the success of any company, but perhaps nowhere more so than in the banking industry. Cyberattack strategies are increasingly innovative, putting pressure on banks to protect their data or make the headlines when the next big breach takes place. The Bangladesh cyber heist of 2016 is one infamous example of threat actors’ ingenuity: Hackers used malware to...
Case Study

Payment Processor for Businesses

As a recognized leader in the payment processing sector, this company offers its clients hundreds of secure payment methods across multiple platforms, around the globe. Onan average day it processes tens of millions of mobile, online and in-store transactions in 100+ currencies.After experiencing a security incident that was quickly contained, the company took the opportunity to revamp its entire...
Compliance
PCI DSS
Testing Banking Website Security: What You Need to Know
Case Study

Major Banking Institution Case Study

This multinational banking institution has been around for over 100 years, dedicated to helping a customer base of over 20 million people in countries all over the world.In order to serve such a large customer base and keep financial services at competitive rates, they’ve taken advantage of the latest in cloud technology to reduce the operating costs of their IT infrastructure and outward-facing...
Case Study

How Two Leading Energy Companies Protect Their Systems with Tripwire

Tripwire is best known for delivering industry-leading security solutions within enterprise IT, but did you know Tripwire is an established leader in OT environments as well? There’s more need for OT security now than ever, with energy production and distribution systems experiencing an increasing risk of cyberattack as they become remotely accessible via standard internet protocols. The energy...
Case Study

Two Large Financial Services Organizations

To remain competitive, organizations must be able to quickly adapt to support volatile business demands. For IT organizations, the unprecedented speed that images can be deployed into the cloud also brings complexity. Until the initial baseline of an image is captured, there is the potential for unauthorized modifications to pass undetected. Even without malicious intent, a seemingly insignificant...
Case Study

Leading Nationwide Provider of FDIC-Insured Financial Services

This nationally recognized financial solutions provider offers a set of services that enable smaller banks and other related institutions to compete with the industry’s dominant players. The company’s portfolio of FDIC-insured solutions enables its members and other key constituents to offer innovative services that otherwise might be too difficult or too costly to provide on their own.Continuous...
IT Security Operations & Asset Discovery
Case Study

Chi-X Australia Australian Equity Trading Exchange Operator

As a self-described “innovator,” Sydney-based Chi-X Australia is turning the Australiansecurities market landscape on its head. For the first time ever, Australian investors arebeing given a compelling alternative to the ASX, the country’s predominant exchangesince the mid-1980s. Chi-X has gone from a fledging startup in 2011 to now handlingregularly up to over 29% of all on-exchange equity trades...
Why Privacy Matters in Cybersecurity
Blog

Industrial Cybersecurity and the Florida Water Supply Attack with Dale Peterson

By Editorial Staff on Mon, 02/22/2021
Through the lens of the Florida water supply hack, Dale Peterson teaches how events like these remind us to take the necessary steps to maintain our cybersecurity. Founder and chair of S4 Events, Dale has been helping security professionals effectively and efficiently manage risk to their critical assets for over 15 years. https://open.spotify.com...
Industrial Control Systems
Financial services data protection: Are IT pros overconfident? Infographic
Blog

Are Financial Services IT Pros Overconfident in Data Breach Detection Skills?

Fri, 01/29/2016
Tripwire studied confidence vs. knowledge of financial services IT security pros on seven key security controls necessary to detect a data breach. For many controls IT pros believed they had the information necessary to detect a breach quickly but provided contradictory information about the specific data. ...
Vulnerability & Risk Management
Compliance
Blog

Five Men Arrested in Connection with the 2014 JPMorgan Hack

By David Bisson on Mon, 07/27/2015
In August of 2014, it was reported that a group of hackers had exploited a vulnerability in the websites of JPMorgan. After breaking into the company’s network, the attackers then allegedly staged additional attacks that were custom-made to JPMorgan’s servers, which gained them access to internal systems on which customer account data was stored. Several months later, investigators revealed that...