Resources
Guide

Industrial Cybersecurity Experts Share 14 of Their Biggest Tips and Predictions

The task of building and running an effective cybersecurity program is a major challenge for any complex organization, but those in charge of industrial control systems (ICS) have even more to figure out than their strictly-IT counterparts. How can industrial organizations overcome the cybersecurity skills gap? What about the increasingly-difficult endeavor of bringing the IT...
Cybersecurity
Industrial Control Systems
Guide

6 Expert Industrial Cybersecurity Tips for CISOs

Digital attacks are a growing concern for industrial control system (ICS) security professionals. In a 2019 survey conducted by Dimensional Research, 88 percent of respondents told Tripwire that they were concerned about the threat of a digital attack. An even greater percentage (93 percent) attributed their concerns to the possibility of an attack producing a shutdown or...
Cybersecurity
Industrial Control Systems
Guide

Industrial Cybersecurity is Essential

Don’t believe there are real cyberthreats to your operations network and control systems? Data shows otherwise. Better foundational industrial cybersecurity practices can help prevent disruption to your operations and financial risk to your bottom line. ...
Cybersecurity
Industrial Control Systems
Datasheet

Tripwire ExpertOps and SOX

The Sarbanes-Oxley Act (SOX) requires all publicly held companies to establish internal controls and procedures for financial reporting to reduce the possibility of corporate fraud. SOX is not specific on the types of controls that are required, but points to the COBIT framework to provide organizations’ guidance on their IT governance. The Challenge Change is ever...
Compliance
SOX
Datasheet

Tripwire ExpertOps and NIST 800-171

Federal security managers expect that most federally run systems are actively engaging with FISMA compliance for protecting federal data and systems. However, as we all know, federal information does not remain only in federally operated systems. Data and IT systems connect via the Internet and other networks for business, operations and research. Information about citizens,...
Compliance
NIST
Datasheet

Tripwire Resident Engineers

The cybersecurity skills gap can leave many organizations without adequate staffing for the operation of their security tools. High turnover rates can also cause an organization to lose essential knowledge when team members leave who were familiar with the tools. To complicate matters further, the pandemic is driving the need for temporary cybersecurity support as agencies...
Compliance
NERC CIP
NIST
PCI DSS
SOX
Datasheet

Tripwire Resident Engineers for Federal Agencies

The cybersecurity skills gap leaves Federal agencies without adequate staffing for the operation of their security tools. High turnover rates can also cause agencies to lose essential knowledge when team members leave who were familiar with the tools. To complicate matters further, the pandemic is driving the need for temporary cybersecurity support as agencies navigate new,...
Compliance
NERC CIP
NIST
Datasheet

Improving your Cybersecurity Posture with the NIST Cybersecurity Framework

There isn’t an industry that hasn’t been affected by cyber threats, and the broadcast industry is no exception. In April 2015, France’s TV5Monde was attacked, resulting in eleven of its channels going dark and its social media outlets commandeered to display pro-Islamic State messages. This was preceded by an attack on WBOC in Salisbury, Maryland, where their Twitter account...
Compliance
NIST
Datasheet

Maintaining the Security and Integrity of Electronic Health Record Systems

The value of electronic health record (EHR) systems is immense. These digital records are designed to be available anytime and anywhere, connecting healthcare providers with patient data. EHRs are a central repository of patient medical histories, medications, diagnoses, immunization dates, allergies, lab results and radiology images. With access to this accurate patient...
Compliance
HIPAA
NIST
Datasheet

Department of Defense Overview: Integrated Security Controls to Protect Your Organization

Tripwire provides an integrated suite of solutions to help solve security challenges facing organizations within today’s Department of Defense. Tripwire tools have been used within government and military organizations in both tactical and non tactical environments to ensure system hardening through security configuration management, real time threat detection with continuous...
SaaS Security
File Integrity & Change Monitoring
Case Study

Tripwire and Astro Making Best Practices a Daily Show

Assessing and managing vulnerabilities is a core cybersecurity practice, but it can put a heavy strain on IT security and operations teams. In many cases, introducing vulnerability management as a service is what’s necessary to overcome the challenge of accumulating vulnerabilities across complex IT environments—especially when time and resources are limited. This was the case...
Vulnerability & Risk Management
SaaS Security
Compliance
Managed Security Services
Navigating Industrial Cybersecurity Thumb
Guide

Navigating Industrial Cybersecurity: A Field Guide

Nearly every aspect of modern life depends on industrial control systems (ICS) operating as expected. As ICS devices become increasingly connected, they also become increasingly vulnerable. By and large, commercial and critical infrastructure industrial orgs are underprepared for the digital convergence of their IT and OT environments. ICS operators need to get a robust...
Cybersecurity
Industrial Control Systems
What Are the Benefits of Adopting the Cloud in Industrial Cybersecurity?
Blog

What Are the Benefits of Adopting the Cloud in Industrial Cybersecurity?

By Joe Pettit on Tue, 03/01/2022
Image Cloud adoption has come a long way from its early days where corporate executives questioned the stewardship of their data. The initial suspicions of “where’s my data” have been laid to rest, as administrative tools and contractual obligations have emerged to give better visibility to, and accountability of, data custodianship....
Cybersecurity
Cloud Security
Industrial Control Systems
CIS Controls v8
Blog

CIS Control 09: Email and Web Browser Protections

By Andrew Swoboda on Wed, 10/20/2021
Image Web browsers and email clients are used to interact with external and internal assets. Both applications can be used as a point of entry within an organization. Users of these applications can be manipulated using social engineering attacks. A successful social engineering attack needs to convince users to interact with...
Cybersecurity
Cloud Security
SaaS Security
Compliance
CIS Controls
Why Privacy Matters in Cybersecurity
Blog

Delivering Electrons, Generating Data Lakes, and the Security & Privacy Considerations of Running a Modern Industrial Organization

By Editorial Staff on Thu, 09/30/2021
Image In this episode, Patrick Miller, Founder of Ampere Industrial Security, discusses what utilities and other industrial companies need to consider when it comes to the goldmines of data they're collecting from their machines and customers. He also explains why security and privacy needs to be incorporated in these operations by...
Cybersecurity
Industrial Control Systems
Design & Implementation of OEM ICS Cybersecurity Frameworks: The Good, The Bad, and The Ugly
Blog

Design & Implementation of OEM ICS Cybersecurity Frameworks: The Good, The Bad, and The Ugly

By Editorial Staff on Sun, 07/05/2020
Image The cyber threat landscape today continues to pose a myriad of unique challenges. This is especially the case for industrial organizations due to factors such as aging equipment, poor design or implementation, skills gaps and a lack of visibility. These shortcomings are exacerbated by the mean time to breach detection, which...
Cybersecurity
Industrial Control Systems
Cybersecurity in Education (K-12) with the CIS Controls
Blog

Cybersecurity in Education (K-12) with the CIS Controls

By Editorial Staff on Mon, 04/13/2020
Image Why is cybersecurity important to Education? Acknowledging recent reports of ransomware targeting educational institutions, it is no wonder that there have also been articles that attempt to lure in readers with “free” tools. What is disappointing is that these “free” tools are little more than marketing pieces that direct you...
Cybersecurity
Compliance
CIS Controls
Forensics in the Cloud: What You Need to Know
Blog

Forensics in the Cloud: What You Need to Know

By Tripwire Guest Authors on Tue, 08/20/2019
Image Cloud computing has transformed the IT industry, as services can now be deployed in a fraction of the time that it used to take. Scalable computing solutions have spawned large cloud computing companies such as Amazon Web Services (AWS), Google Cloud and Microsoft Azure. With a click of a button, personnel can create or reset...
Cybersecurity
Cloud Security