The distribution systems of the U.S. energy grid — the portions of the grid that carry electricity to consumers — are growing more susceptible to cyber-attacks , in part due to the advent of monitoring and control technology and their reliance on them. However, the magnitude of the possible consequences of such attacks is not fully understood. Reports by the Government Accountability Office (GAO)...

Tripwire recently announced the release of Tripwire Enterprise (TE), version 9.0, Axon Agent 3.27, and TE Agent 9.0.0. While the full list of features may be viewed on our web site , as a product manager, I wanted to take some time to introduce some of the changes in this new release. What’s new in Tripwire Enterprise 9.0? The first significant change is in the appearance of the interface. We...

Recent advancements in the digital landscape have led to a new kind of paradigm, one where enterprise perimeters are no longer clearly defined or limited. The rapid uptake of remote working, cloud, and IoT led to these prominent shifts, resulting in users, applications, and data no longer residing exclusively within the perimeters of the enterprise. This has led to enterprise perimeters becoming...

Many people remember where they were during historic events. Whether it is a personal, or a public occurrence, it’s just human nature to remember these significant moments. Every profession also has its share of memorable events. In medicine, those who were in the profession will remember where they were when they heard about the first heart transplant or the discovery of a cure for a particular...

Have you ever walked up to an ATM after another person finished with the machine only to find they left it on a prompt screen asking, “Do you want to perform another transaction?” I have. Of course, I did the right thing and closed out their session before beginning my own transaction. That was a mistake an individual made by careless error which could have cost them hundreds of their own currency...

The third quarter saw some major developments across the privacy space. In the U.S., we saw a federal bill for comprehensive privacy achieve more than ever before, children’s privacy proved to remain a top concern, and the Federal Trade Commission formally began its heavily criticized “Magnuson-Moss rulemaking” process. Not to be outdone, the international community saw marked progress as well...

Compliance is an essential aspect of every organization, and in business terms, it entails ensuring that organizations of all sizes, and their personnel, comply with national and international regulations, such as GDPR, HIPAA, and SOX. When guaranteeing compliance, many firms frequently overlook security. Gary Hibberd states that compliance with laws or regulations is only the starting point for...

If you were to take a look at the cybersecurity news cycle, you’d be forgiven for thinking that it’s only large enterprises with expansive customer bases and budgets that are the most vulnerable to attacks. But that’s not entirely true. Even if it’s at a much smaller scale, small- and medium-sized businesses (SMBs) still have stores of sensitive information that’s appealing to bad actors — and...

Law firms owe their clients several types of duties, such as the duty of care, duty to provide competent representation, as well as other ethical responsibilities. Their duties even extend to former clients and must be upheld long after they no longer have a formal attorney-client relationship. More specifically, lawyers have a duty to not disclose any information about a client or prospective...

The NIST Cybersecurity Framework was meant to be a dynamic document that is continuously revised, enhanced, and updated. These upgrades allow the Framework to keep up with technological and threat developments, incorporate lessons learned, and transform best practices into standard procedures. NIST created the Framework in 2014 and updated it with CSF 1.1 in April 2018 . The National Institute of...

What is File Integrity Monitoring? The IT ecosystems of enterprises are highly dynamic. Typically, organizations react to this volatility by investing in asset discovery and Security Configuration Management (SCM). These core controls enable businesses to compile an inventory of authorized devices and monitor the configurations of those assets. In addition to managing changes to their...

The increasing popularity of online payment systems results from the world’s gradual transition to a cashless and contactless digital economy — an economy, projected in a recent Huawei white paper, to be worth $23 trillion by 2025. With digital commerce emerging as the largest segment in the projected $8.49 trillion global digital payments market in 2022, it’s not surprising that businesses are...

In March 2022, the Payment Card Industry Data Security Standard (PCI DSS) was updated with a number of new and modified requirements . Since their last update in 2018, there has been a rapid increase in the use of cloud technologies, contactless payments have become the norm, and the COVID-19 pandemic spurred a massive growth in e-commerce and online payments. At the same time, cybercriminals have...