-
Tyler Reguly
Blog
The Impact of NIST SP 800-171 on SMBs
By Josh Breaker-Rolfe on Mon, 05/06/2024
Image
From more broad laws like GDPR to industry-specific regulations like HIPAA, most organizations today must comply with some kind of data protection guideline. Some businesses may even have to comply with numerous data protection regulations. As such, compliance with data protection regulations has become increasingly complicated....
Blog
The Cyber Sleuth's Handbook: Digital Forensics and Incident Response (DFIR) Essentials
By Kirsten Doyle on Wed, 03/27/2024
Image
In the intricate landscape of cybersecurity, Digital Forensics and Incident Response (DFIR) stand as the sentinels guarding against the onslaught of digital threats. It involves a multifaceted approach to identifying, mitigating, and recovering from cybersecurity incidents.
In the physical world, the aftermath of a crime scene...
Blog
Resolving Top Security Misconfigurations: What you need to know
By Jeff Moline on Mon, 01/22/2024
Image
One of the most common factors that can lead to cybersecurity incidents is a security misconfiguration in software or application settings. The default settings that come with the implementation of these tools and solutions are often not configured securely, and many organizations do not invest the time and resources into...
Blog
Expert Insight for Securing Your Critical Infrastructure
By Ted Rassieur on Mon, 01/15/2024
Image
At Tripwire's recent Energy and NERC Compliance Working Group, we had the opportunity to speak with the Manager of Gas Measurement, Controls, & Cybersecurity at a large energy company. More specifically, we focused on SCADA and field assets of gas Operational Technology. The experience at the management level of such an...
Blog
Tips for Achieving Success With a NERC CIP Audit
By Jim Fisher on Wed, 12/13/2023
Image
Electrical utilities are responsible for just about everything we do. This presents a tremendous burden on those who operate those utilities. One way these organizations offer assurance is through the audit process. While audits can generate tremendous anxiety, good planning, and tools can help make the entire process go...
Blog
NIST CSF 2.0: What you need to know
By Antonio Sanchez on Mon, 12/11/2023
Image
Organizations looking to protect their sensitive data and assets against cyberattacks may lack the ability to build a cybersecurity strategy without any structured help. The National Institute of Standards and Technology (NIST) has a free, public framework to help any organization mature its IT security posture. Recently, the...
Blog
Guarding the Grid: Navigating the Current and Future Landscape of Utility Cybersecurity
By Travis Emerson on Mon, 11/27/2023
Image
Tripwire recently held its annual Energy and NERC Compliance Working Group. This year's attendees included more than 200 Tripwire customer utility personnel representing over 80 different registered entities from all across the US and Canada. The company sizes ranged from public utility districts and city municipalities to...
Blog
Fortifying IoT Devices: Unraveling the Art of Securing Embedded Systems
By Isla Sibanda on Fri, 10/13/2023
Image
Interconnected, data-enabled devices are more common now than ever before. By 2027, it is predicted that there will be more than 41 billion new IoT devices. The emergence of each new device offers a fresh vulnerability point for opportunistic bad actors.
In 2022, there were over 112 million cyberattacks carried out on IoT...
Blog
What is NERC? Everything you need to know
By Michael Betti on Tue, 10/03/2023
Image
Electric grids are part of every nation’s critical infrastructure. Every societal activity and business depends on reliable and safe electricity distribution. The US electric grid is a huge network of powerlines, distribution hubs, and renewable and non-renewable energy generators that is increasingly exposed to cyber-physical...
Blog
Closing Integrity Gaps with NIST CSF
By Lane Thames on Wed, 09/27/2023
Image
The then-new 2014 NIST Cybersecurity Framework (CSF) was designed to plug security gaps in operational technology. It’s still in use today and more relevant than ever. Fortra’s whitepaper provides a cohesive review of this security staple and how to glean the best out of it for your strategy.
A Brief History of NIST CSF
“The...
Blog
CISO to BISO – What's your next role?
By Gary Hibberd on Tue, 07/25/2023
Image
Introduction
For the longest time within the cybersecurity industry, we have had Chief Information Security Officers (CISOs) whose role is to set the strategic direction for Information Security within an organisation.
But what are the stepping stones to becoming a CISO?
In the past, this has been a difficult question to...
Blog
A Day in the Life of a SOC Team
By Fortra Staff on Tue, 04/18/2023
Image
This piece was originally published on Fortra’s AlertLogic.com Blog.
Managed detection and response (MDR) would be nothing without a SOC (security operations center). They’re on the frontline of our clients’ defenses — a living, breathing layer of intelligence and protection to complement our automated cybersecurity features....
Blog
The State of the US National Cybersecurity Strategy for the Electric Grid
By Anastasios Arampatzis on Wed, 02/01/2023
Image
The distribution systems of the U.S. energy grid — the portions of the grid that carry electricity to consumers — are growing more susceptible to cyber-attacks, in part due to the advent of monitoring and control technology and their reliance on them. However, the magnitude of the possible consequences of such attacks is not...
Blog
Getting started with Zero Trust: What you need to consider
By David Bruce on Mon, 11/07/2022
Image
Have you ever walked up to an ATM after another person finished with the machine only to find they left it on a prompt screen asking, “Do you want to perform another transaction?” I have. Of course, I did the right thing and closed out their session before beginning my own transaction. That was a mistake an individual made by...
Blog
What the industry wants to improve on NIST Cybersecurity Framework 2.0
By Anastasios Arampatzis on Mon, 10/24/2022
Image
The NIST Cybersecurity Framework was meant to be a dynamic document that is continuously revised, enhanced, and updated. These upgrades allow the Framework to keep up with technological and threat developments, incorporate lessons learned, and transform best practices into standard procedures. NIST created the Framework in 2014...