Resources

Blog

A Look at The 2023 Global Automotive Cybersecurity Report

From its inception, the automotive industry has been shaped by innovation and disruption. In recent years, these transformations have taken shape in rapid digitization, ever-growing Electric Vehicle (EV) infrastructure, and advanced connectivity. These shifts have redirected the automotive industry, meeting and surpassing customer expectations for...
Blog

How Retiring Gas and Coal Plants Affects Grid Stability

Legacy gas and coal plants are being aged out – and no one wants to pay enough to keep them going. With increased pressure from green energy laws and added competition from renewable sources, these monsters of Old Power are being shown the door. Considering they've predated and precipitated all Industrial Revolutions (except for this last one – that...
Blog

How to Advance ICS Cybersecurity: Implement Continuous Monitoring

Industrial control systems are fundamental to all industrial processes, from power generation to water treatment and manufacturing. ICS refers to the collection of devices that govern a process to ensure its safe and effective execution. These devices include Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS)...
Blog

The State of the US National Cybersecurity Strategy for the Electric Grid

The distribution systems of the U.S. energy grid — the portions of the grid that carry electricity to consumers — are growing more susceptible to cyber-attacks, in part due to the advent of monitoring and control technology and their reliance on them. However, the magnitude of the possible consequences of such attacks is not fully understood....
Blog

Tripwire Enterprise 9.0: What you need to know

Tripwire recently announced the release of Tripwire Enterprise (TE), version 9.0, Axon Agent 3.27, and TE Agent 9.0.0. While the full list of features may be viewed on our web site, as a product manager, I wanted to take some time to introduce some of the changes in this new release. What’s new in Tripwire Enterprise 9.0? The first significant...
Blog

The Future of Connected, Autonomous, Shared, and Electric (CASE) Vehicles is Upon Us.

The popularity of electric vehicles is partly a response to the desire of achieving sustainability and carbon footprint reduction. Automobile manufacturers are making substantial investments to tackle emissions issues, create environment-friendly vehicles, and align with Environmental, Social, and Governance (ESG) requirements. To achieve brand edge...
Blog

How FIM Protects Assets in a Borderless World

Recent advancements in the digital landscape have led to a new kind of paradigm, one where enterprise perimeters are no longer clearly defined or limited. The rapid uptake of remote working, cloud, and IoT led to these prominent shifts, resulting in users, applications, and data no longer residing exclusively within the perimeters of the enterprise....
Blog

Choosing the Right Industrial Cybersecurity Framework

It’s no surprise that industrial environments have become increasingly valuable targets for malicious behavior. The State of Security has featured many cybersecurity events across myriad industrial verticals, including but not limited to chemical manufacturing, transportation, power generation and petrochemical. Several of these industries have...
Blog

Tripwire Enterprise Use Cases – Advanced Monitoring

Many people remember where they were during historic events. Whether it is a personal, or a public occurrence, it’s just human nature to remember these significant moments. Every profession also has its share of memorable events. In medicine, those who were in the profession will remember where they were when they heard about the first heart...
Blog

Cyberattacks are targeting smaller healthcare companies and specialty clinics. But why?

The healthcare industry has been a favored target for cybercriminals for many years. In the first half of 2022 alone, 324 attacks against healthcare organizations have been reported. Attackers have primarily focused on large hospitals in years past, but there has been a sudden switch to smaller healthcare companies and specialty clinics. There...
Blog

The Cross-Sector Cybersecurity Performance Goals (CPGs): What you need to know

The Cross-Sector Cybersecurity Performance Goals (CPGs) are a new baseline released jointly by CISA, NIST, and the interagency community, with a goal of providing consistency across all critical infrastructure. The primary webpage for these goals gives us a great understanding of what they are (and are not). It is worth delving into those specifics...
Blog

Getting started with Zero Trust: What you need to consider

Have you ever walked up to an ATM after another person finished with the machine only to find they left it on a prompt screen asking, “Do you want to perform another transaction?” I have. Of course, I did the right thing and closed out their session before beginning my own transaction. That was a mistake an individual made by careless error which...
Blog

Privacy Updates in Q3 2022: Major Developments Across the Globe

The third quarter saw some major developments across the privacy space. In the U.S., we saw a federal bill for comprehensive privacy achieve more than ever before, children’s privacy proved to remain a top concern, and the Federal Trade Commission formally began its heavily criticized “Magnuson-Moss rulemaking” process. Not to be outdone, the...
Blog

Integrity Monitoring Use Cases: Security

Compliance is an essential aspect of every organization, and in business terms, it entails ensuring that organizations of all sizes, and their personnel, comply with national and international regulations, such as GDPR, HIPAA, and SOX. When guaranteeing compliance, many firms frequently overlook security. Gary Hibberd states that compliance...
Blog

New Canadian Cyberattack Data Says 80% of SMBs Are Vulnerable

If you were to take a look at the cybersecurity news cycle, you’d be forgiven for thinking that it’s only large enterprises with expansive customer bases and budgets that are the most vulnerable to attacks. But that’s not entirely true. Even if it’s at a much smaller scale, small- and medium-sized businesses (SMBs) still have stores of sensitive...
Blog

Why Law Firms Should Use Integrity Monitoring to Maintain Confidentiality

Law firms owe their clients several types of duties, such as the duty of care, duty to provide competent representation, as well as other ethical responsibilities. Their duties even extend to former clients and must be upheld long after they no longer have a formal attorney-client relationship. More specifically, lawyers have a duty to not disclose...
Blog

What the industry wants to improve on NIST Cybersecurity Framework 2.0

The NIST Cybersecurity Framework was meant to be a dynamic document that is continuously revised, enhanced, and updated. These upgrades allow the Framework to keep up with technological and threat developments, incorporate lessons learned, and transform best practices into standard procedures. NIST created the Framework in 2014 and updated it with...
Blog

Shifting Left with SAST, DAST, and SCA: Advanced Best Practices

In the past, teams incorporated security testing far after the development stage of the Software Development Lifecycle (SDLC). Security testing would influence whether the application would to proceed to production, or get passed back to the developers for remediation. This process caused delays while teams worked on remediation or, worse yet, it...
Blog

Integrity Monitoring Use Cases: Compliance

What is File Integrity Monitoring? The IT ecosystems of enterprises are highly dynamic. Typically, organizations react to this volatility by investing in asset discovery and Security Configuration Management (SCM). These core controls enable businesses to compile an inventory of authorized devices and monitor the configurations of those assets. In...
Blog

How Is IT/OT Convergence Transforming Smart Manufacturing?

For most modern businesses, there’s a divide between Information Technology (IT) and Operational Technology (OT). The difference between these equally integral facets of digital manufacturing is a subject currently under debate. Ultimately, information technology deals with information and data. In contrast, operational technology handles the...