At our recent Energy and NERC Compliance Working Group, we took some time to share more about Fortra, the cybersecurity company that Tripwire is a part of. In case you missed it, Fortra is a rebranding of HelpSystems, an already established and trusted company that has acquired a few valuable cybersecurity companies along the way. One such company, Tripwire, is already a familiar name in the energy sector. These acquisitions elevate Fortra to a new level, not only expanding but also strengthening our product portfolio.
Can Fortra be the right cybersecurity ally for your organization?
Fortra is a global company with 20 locations, 2,700 employees, and 30,000 customers. Most of HelpSystems’ original focus was on IBM Power Server systems. However, the cornerstone of our business is always on finding the best solutions to help our customers.
Fortra’s objectives have grown to meet the changing landscape of technology. Two of the biggest developments over the years have been in the field of cybersecurity and the need to automate. These have formed a strong relationship, as the shortage of skills has demanded more automation to ease the burden on an over-burdened workforce. Moreover, we have listened to what our customers have wanted.
Our customers seek both a set of products that they can rely upon as well as a trusted partner who can help them find the best solution for a given problem. Fortra seeks to be your cybersecurity ally, making the job of security easier. Nick Hogg, Fortra’s director of technical training, and Ted Rassieur, who serves as a senior manager of Tripwire services delivery, hold many years of experience working with customers to understand their needs, as well as knowing how our products and services best meet those needs. They offered their thoughts about the Fortra products and how they can help along your NERC CIP journey, along with protecting your organization.
Nick knows that cybersecurity and NERC CIP compliance require detailed accountability for every action in an energy supplier’s environment. Both require a firm foundation and the ability to build upon that to create the best protection possible. Fortra provides all levels of cybersecurity, from security awareness training to the proper handling of sensitive data. We also offer penetration testing and red team exercises. From an automated perspective, products such as our vulnerability management and integrity management platform offer more protection. All of these components can help you to reduce the likelihood of an attack against your organization. Ted shared how Fortra’s offerings align with the NERC CIP requirements. For example, vulnerability management is part of CIP-010 R3, and general information protection aligns with CIP 11.
Fortra has over 100 solutions within its product portfolio. Our infrastructure protection solutions allow you to scan your environment and applications to identify where potential risks exist. Our results don’t just create a massive shopping list of potential risks. They apply intelligence to help prioritize so you can focus your internal resources on addressing the greatest risks to your organization.
Somewhere between 80% to 90% of the attacks against organizations will start with a simple phishing email coming to the organization, trying to trick an employee into surrendering some credentials. Within the data security suite, Fortra has solutions such as email security and anti-phishing controls, which can help you to identify phishing threats coming into the organization.
Enabling our customers to do more
Our aim is to enable customers to make the best use of their own resources to focus on those things that are very specific to the organization. One of our specialized approaches can be found in our security awareness training modules. We offer our training in 40 different languages, and the customer can pick different areas for relevant levels and exposures within the organization. For example, there are role-based modules, with training that is directed towards secure development principles, as well as phishing awareness training for C-level executives, using examples that are very specific to them. Security awareness training is listed in CIP4.
Fortra understands the importance of your security. We also know the significance of the NERC CIP requirements and how they can impact your business. Whether you are seeking to fulfill NERC requirements, or you are just looking to improve your overall security, we want to give you the confidence that we are more than just a vendor; we are a trusted ally for your cybersecurity.
To learn more about how Fortra’s solutions map directly to NERC CIP requirements, you can watch the recording of the session here: https://info.tripwire.com/Tripwire-Energy-NERC-Working-Group-2023-Thank-You.html