Guide
Essential PCI DSS v4.0 Transition Checklist
The proliferation of online transactions isn’t the only reason the PCI Council created the new 4.0 standard. Recent years have also seen increasingly sophisticated methods among cybercriminals, a surge in cloud use, and the rise of contactless payments. This spurred the need for an updated set of PCI DSS requirements, which were released in March 2022 and will become mandatory in March 2024 for...
Guide
Communicating Cybersecurity to Boards and Executives: A Workbook to Help Build Cybersecurity Literacy
We’ve all heard, “it’s not a matter of if you’ll be breached, but when.” If a breach occurs, is your organization prepared to detect it quickly? Now more than ever, corporate executives and boards are asking for assurance that the organization and its sensitive data is adequately protected.
This cybersecurity self-assessment is derived from the Cyber-Risk and Oversight Handbook developed by the...
Datasheet
The Tripwire NERC CIP Solution Suite
The North American Electric Reliability Corporation (NERC) maintains comprehensive reliability standards that define requirements for planning and operating the bulk electric system (BES). Among these are the Critical Infrastructure Protection (CIP) Cyber Security Standards, which specify a minimum set of controls and processes for power generation and transmission companies to follow to ensure...
Datasheet
Tripwire ExpertOps
Many IT teams are facing challenging skills gaps or struggling with optimizing their cybersecurity software. It might be that your team is too small for their responsibilities, or that you’re finding it difficult to attract, train, and retain talent. Turnover is a common problem, with organizations and agencies often losing skilled individuals to new opportunities. Fortunately, strategically...
Datasheet
Tripwire ExpertOps and HIPAA Compliance
The Health Insurance Portability and Accountability Act (HIPAA) was enacted to safeguard Protected Health Information (PHI) by mandating procedures and controls to assure the public that critical and private information is controlled from loss of confidentiality, integrity or availability. With few exceptions, an organization is subject to HIPAA if it exchanges data related to the health care...
Datasheet
Tripwire ExpertOps and NIST 800-171
Federal security managers expect that most federally run systems are actively engaging with FISMA compliance for protecting federal data and systems. However, as we all know, federal information does not remain only in federally operated systems. Data and IT systems connect via the Internet and other networks for business, operations and research. Information about citizens, banking and finance,...
Datasheet
Tripwire ExpertOps and PCI
The Payment Card Industry Data Security Standard (PCI DSS) was created to help organizations that process credit card payments, secure the cardholder environment to prevent credit card fraud, cyber threats and other security vulnerabilities. The latest version, 4.0, provides specific security guidance on handling, processing, transmitting and storing credit card data to minimize the theft,...
Datasheet
The Tripwire HIPAA Solution
The United States Health Insurance Portability and Accountability Act of 1996, or HIPAA, was enacted to safeguard Protected Health Information (PHI) by mandating procedures and controls to assure the public that critical and private information is controlled from loss of confidentiality, integrity or availability. With few exceptions, an organization is subject to HIPAA if it exchanges data...
Datasheet
Tripwire Resident Engineers
The cybersecurity skills gap can leave many organizations without adequate staffing for the operation of their security tools. High turnover rates can also cause an organization to lose essential knowledge when team members leave who were familiar with the tools. To complicate matters further, the pandemic is driving the need for temporary cybersecurity support as agencies navigate new, remote...
Datasheet
Tripwire Resident Engineers for Federal Agencies
The cybersecurity skills gap leaves Federal agencies without adequate staffing for the operation of their security tools. High turnover rates can also cause agencies to lose essential knowledge when team members leave who were familiar with the tools. To complicate matters further, the pandemic is driving the need for temporary cybersecurity support as agencies navigate new, remote work...
Datasheet
Tripwire’s Solutions for Automated, Continuous PCI Compliance
The Payment Card Industry Data Security Standard (PCI DSS) was created to help organizations that process credit card payments secure the cardholder environment to prevent credit card fraud, cyber threats, and other security vulnerabilities. The latest version, 4.0, provides specific security guidance on handling, processing, transmitting, and storing credit card data to minimize the theft,...
Datasheet
NERC CIP 013 Compliance
More attention is being paid to risks around the supply chain in the bulk electricity system (BES). When third-party vendors introduce new products, software and personnel into a power supplier’s environment, the potential for new cyber risks increases.
For this reason, the North American Electric Reliability Corporation (NERC) recently added a new set of requirements to its Critical...
Datasheet
Achieving Resilience While Fulfilling NERC CIP Requirements
Some of our nation’s most critical physical infrastructure is represented by the national Bulk Electric Systems (BES). Today’s digital world relies upon this interconnected network of power generation and transmission systems more than ever. To ensure the reliability and resilience of that network, providers must continually manage threats to the infrastructure, including many that relate to...
Datasheet
NERC CIP Best Practices: The Tripwire Approach
Industrial operators subject to the North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) standard know that achieving compliance is no minor feat, and serious strategic consideration is required to ensure efficient resource use in the compliance process. By meeting NERC CIP compliance, these companies take important steps towards securing their IT/OT...
Datasheet
NERC CIP Compliance with Tripwire and RedSeal
The NERC Critical Infrastructure Protection standards are designed to enhance reliability of the electrical supply by securing the connected assets on which that supply relies. When building a program for NERC CIP compliance, registered entities must balance the need to be audit ready with the resources required to achieve and maintain compliance. NERC CIP version 6 increases the amount of work...
Datasheet
NERC CIP Compliance with Tripwire and SigmaFlow
The NERC Critical Infrastructure Protection standards are designed to enhance the reliability of the electrical supply by securing the connected assets on which that supply relies. When building a program for NERC CIP compliance, registered entities must balance the need to be audit-ready with the resources required to achieve and maintain compliance. NERC CIP compliance, especially when...
Datasheet
Integrated ICS Compliance Automation with SigmaFlow
SigmaFlow is the industry leading solution for orchestrating NERC CIP compliance to achieve an ongoing state of Audit Readiness. Tripwire, Inc. is a leading global provider of advanced threat, security and compliance management solutions. Integrating these solutions offers an automated way to drastically reduce the time and resources required to manage NERC compliance and collect comprehensive...
Datasheet
Improving your Cybersecurity Posture with the NIST Cybersecurity Framework
There isn’t an industry that hasn’t been affected by cyber threats, and the broadcast industry is no exception. In April 2015, France’s TV5Monde was attacked, resulting in eleven of its channels going dark and its social media outlets commandeered to display pro-Islamic State messages. This was preceded by an attack on WBOC in Salisbury, Maryland, where their Twitter account and website were...
Datasheet
Maintaining the Security and Integrity of Electronic Health Record Systems
The value of electronic health record (EHR) systems is immense. These digital records are designed to be available anytime and anywhere, connecting healthcare providers with patient data. EHRs are a central repository of patient medical histories, medications, diagnoses, immunization dates, allergies, lab results and radiology images. With access to this accurate patient information, providers can...