Image
New technology is interesting, but not at the expense of the basics. Look at what simple, fast and relatively easy things you should revisit. The data shows this actually will put a big dent in the problem.At the end of the day, close to all commodity attacks can be prevented just by fixing the basics. And yet, too many organizations are letting foundational controls get away from them. Too many companies think that by focusing on the latest, most advanced technologies, they can keep ahead of new cyberthreats. Of course, advanced technologies can be important as well and should be evaluated in the future, but foundational controls are where you need to start first to assure integrity and reduce the biggest portion of risk. Once these foundational controls are in place, you can add additional control capabilities – as your organization matures and your budgets allow/increase. Companies should specifically look to foundational controls because they assure the integrity of their systems. Integrity is one pillar of the information security's Confidentiality-Integrity-Availability (CIA) Triad. Of the three pillars, integrity is the least understood and most nebulous because the original focus of integrity was limited to data. What many people don’t realize is it’s the greatest threat to businesses and governments today because an integrity compromise can mean far more than data loss or corruption – it can result in catastrophic system failure (think critical infrastructure). The cybersecurity industry remains overwhelmingly focused on confidentiality. Its mantra is “encrypt everything.” The security paradigm remains focused on perimeter defence, and network security seeks to protect those endpoints with firewalls, certificates, passwords, and the like, creating a secure perimeter to keep the whole system safe. This is noble and essential to good security. But without integrity, or assessing whether the software and critical data within your networks and systems are compromised with malicious or unauthorized code or bugs, the keys that protect encrypted data are themselves vulnerable to malicious alteration. To address threats, security experts should assume compromise – that hackers and malware already have breached their defenses or soon will – and instead classify and mitigate threats. Towards that end, an integrity solution acts less like locks and more like an alarm. It monitors all parts of a network from the access points at the perimeter to the sensitive data within it and provides an alert if something changes unexpectedly. Tripwire offers an integrated suite of foundational controls that deliver integrity assurance. Our solutions for vulnerability management, asset management, configuration management and change monitoring address the integrity management needs of IT Security. They also help IT in many other ways:
- Know what assets you have and which ones to fix first
- Know the environment is in a known and trusted state—detect changes in real-time
- Detect and correct integrity drift
- Automate compliance on a continuous basis and reduce related costs
- Reduce MTTR by quickly identifying root causes of incidents
