-
Tyler Reguly
Blog
HITRUST: the Path to Cyber Resilience
By John Salmi on Wed, 05/22/2024
Much has been made of cyber resilience in recent years. And with good reason: failing to bounce back quickly from a security event can have dramatic financial consequences. In early 2023, Royal Mail took several days to recover from a Lockbit cyberattack, losing upwards of £10 million in the process. However, for all the talk about resilience, the industry seems to be...
Blog
Insider Threats Maintain a Rising Trend
By Katrina Thompson on Tue, 05/14/2024
Image
“When the cat’s away, the mouse will play,” the old adage goes. Filings to anti-fraud non-profit Cifas would support that claim, as Insider Threat Database (ITD) reports rose by 14% this past year and are largely attributable to hard-to-monitor work-from-home employees mixed with “increasing financial pressures.” The report...
-
Steven Sletten
Blog
ANSI and the International Society of Automation Explained
By Steven Sletten on Wed, 05/08/2024
Image
As technologies advance and the world grows more complicated, collaboration and coordination have become increasingly important. Setting standards, sharing information, and bringing experts together are essential to safely developing technologies for national and global priorities, and the world needs organizations to fulfill...
Blog
The Impact of NIST SP 800-171 on SMBs
By Josh Breaker-Rolfe on Mon, 05/06/2024
Image
From more broad laws like GDPR to industry-specific regulations like HIPAA, most organizations today must comply with some kind of data protection guideline. Some businesses may even have to comply with numerous data protection regulations. As such, compliance with data protection regulations has become increasingly complicated....
Blog
"All for One and One for All": The EU Cyber Solidarity Act Strengthens Digital Defenses
By Anastasios Arampatzis on Wed, 04/24/2024
Image
Alexandre Dumas's timeless novel "The Three Musketeers" immortalized the ideal of unyielding solidarity, the enduring motto "All for one and one for all." In the face of ever-evolving threats in the digital realm, the European Union echoes this spirit with its landmark Cyber Solidarity Act. This new legislation recognizes that...
Blog
Enhancing Endpoint Security with Advanced Host-Based Intrusion Detection Capabilities
By Tripwire Guest Authors on Tue, 04/23/2024
Image
In 2023, companies lost about $4.45 million on average because of data breaches. As cyber threats advance, securing endpoints is more important than ever. An advanced Host-based Intrusion Detection System (HIDS) provides a sturdy remedy to improve endpoint security. By monitoring and examining system responses and device status,...
Blog
Security vs. Compliance: What's the Difference?
By Anthony Israel-Davis on Thu, 04/04/2024
Image
Security and compliance – a phrase often uttered in the same breath as if they are two sides of the same coin, two members of the same team, or two great tastes that go great together.
As much as I would like to see auditors, developers, and security analysts living in harmony like a delicious Reese’s cup, a recent gap analysis...
Blog
Oops, Malware! Now What? Dealing with Accidental Malware Execution
By Dilki Rathnayake on Tue, 04/02/2024
Image
On an ordinary day, you're casually surfing the web and downloading some PDF files. The document icons seem pretty legitimate, so you click without a second thought. But, to your surprise, nothing happens. A closer look reveals that what you believed to be a harmless PDF was, in fact, an executable file. Panic sets in as your...
Blog
Federated Learning for Cybersecurity: Collaborative Intelligence for Threat Detection
By Tripwire Guest Authors on Mon, 03/18/2024
Image
The demand for innovative threat detection and intelligence approaches is more pressing than ever. One such paradigm-shifting technology gaining prominence is Federated Learning (FL). This emerging concept harnesses the power of collaborative intelligence, allowing disparate entities to pool their insights without compromising...
Blog
The Importance of Host-Based Intrusion Detection Systems
By Steven Sletten on Wed, 03/13/2024
Image
What Is a Host-Based Intrusion Detection System (HIDS)?
A host-based intrusion detection system, or HIDS, is a network application that monitors suspicious and malicious behavior, both internally and externally.
The HIDS’ job is to flag any unusual patterns of behavior that could signify a breach. By bringing this activity to...
Blog
So You Want to Achieve NERC CIP-013-1 Compliance...
By Anastasios Arampatzis on Wed, 03/06/2024
Image
Energy efficiency and availability is a major concern for all countries and governments. The electric grid is a vital sector, and any malfunctions will create ripple effects on any nation’s economy. As the grid is heavily dependent on cyber-enabled technologies and a vast chain of suppliers, contractors, and partners, the...
Blog
Making Sense of Financial Services Cybersecurity Regulations
By Stefanie Shank on Thu, 02/29/2024
Image
The financial services sector faces unprecedented cybersecurity challenges in today's digital age. With the industry being a prime target for cybercriminals, understanding and adhering to cybersecurity regulations has never been more crucial. This article delves into the labyrinth of cybersecurity regulations affecting financial...
Blog
PCI DSS Compliance - Meeting the Third-Party Vendor Requirements
By Tripwire Guest Authors on Tue, 02/20/2024
Image
Today, almost every organization is engaged with a third-party vendor at some level when offering products or services. Take, for instance, an e-commerce business that may not be able to function properly unless multiple third-party integrations are involved, such as CRMs, payment gateways, live chat APIs, or a shipping gateway,...
Blog
The Dangers of Default: Cybersecurity in the Age of Intent-Based Configuration
By Faisal Parkar on Tue, 02/06/2024
Image
Technology has recently been evolving at the speed of light. We have seen the onset of increased cyber threats across all industries. Gone are the times when threat actors had a specific goal and target. We now live in an age where robots collect, collate, and save information for a more opportune and profitable day.
It is ever...
Blog
Managing Financial Crime Risks in Digital Payments
By Chester Avey on Thu, 02/01/2024
Image
The emergence of innovative Financial Technology (FinTech) has spearheaded rapid growth in the digital payments sector. In recent years, global payment revenues exceeded valuations of $2.2 trillion, with a steady Compound Annual Growth Rate (CAGR) expected in the next five years.
There is no denying the convenience benefits...
Blog
US Agencies Issue Cybersecurity Guide in Response to Cybercriminals Targeting Water Systems
By Graham Cluley on Mon, 01/22/2024
Image
US federal agencies have teamed up to release a cybersecurity best practice guidance for the water and wastewater sector (WWS).
The Cybersecurity and Infrastructure Security Agency (CISA), United States Environmental Protection Agency (EPA), and Federal Bureau of Investigation (FBI) have published the guide in an attempt to...
Blog
Resolving Top Security Misconfigurations: What you need to know
By Jeff Moline on Mon, 01/22/2024
Image
One of the most common factors that can lead to cybersecurity incidents is a security misconfiguration in software or application settings. The default settings that come with the implementation of these tools and solutions are often not configured securely, and many organizations do not invest the time and resources into...
Blog
Tips for Ensuring HIPAA Compliance
By Tripwire Guest Authors on Wed, 01/17/2024
Image
Like every other industry, the healthcare sector is barely recognizable when compared to its state 20 years ago. It, too, has been transfigured by technology. While this has brought many impactful benefits, it has also introduced at least one major challenge: keeping sensitive patient information private.
At the heart of this...