Increasing Your Business’ Cyber Maturity with Fortra

Image

When building a tower, it helps to start with a sturdy foundation. Cyber maturity is the tower, and there are three levels that build it:

• Foundational IT/OT & Security Control Processes
• Fundamental Security Control Capabilities
• Advanced Security Control Capabilities

Fortra occupies a unique space in the industry because of the sheer size of the security portfolio. It’s one thing to advocate for “single-vendor solutions,” but it’s another when that can pigeonhole you into simply a single solution. Fortra has one of the widest solutions catalogs in the industry, resulting in being pioneers in providing single-source solution suites that are still able to be flexible, optimized, and fit your level of maturity.

And that’s what we’re going over today. How can the Fortra portfolio of products take you from where you are to where you want to be on the cyber maturity scale? We’ll dive into the steps in-depth, and as you read, you’ll be able to assess where you are and where Fortra can meet you for the journey to the top of the tower.

Happy building.

Foundational IT/OT & Security Control Processes

This is a great place to start. At this level, companies need to attain the following:

• Network Segmentation
• Vulnerability Management
• Patch Management
• Change Control
• Centralized Log Management
• Hardware & Software Inventory

Fortra has a few solutions to achieve this level. They can be leveraged alone, or – for added optimization – many have also been made like puzzle pieces to fit well into other complementary solutions.

Network segmentation can be attained through means like firewalls, virtual large area networks (VLANs), software-defined perimeter (SDP) and micro-segmentation techniques like access controls to implement the zero trust principle of least privilege. That way, segmentation is based on identity, not the device. Once your network is segmented, Frontline Vulnerability Manager (Frontline VM)TM gives you visibility over the various networks and assets you oversee, wherever they are.

Vulnerability Management is listed as CIS Control 7 and can be tackled by Fortra’s vulnerability management solutions that can be used to find, analyze, and prioritize areas of security concern.

Patch Management is critical component of vulnerability management.  Patching is key to reducing the potential attack surface by a bad actor and and maintaining system uptime.  Fortra’s Core Impact can automated the ongoing process of validating patches being applied to vulnerabilities.

Change Control is the process by which companies identify, authorize and manage alterations to an IT environment. Tripwire Enterprise can help control change by enabling capabilities such as:

• Capturing detailed configuration change in real-time
• Rolling back inappropriate changes
• Reconciling changes with organizational change policies

And more.

Centralized Log Management, or the record-keeping of security event files, is covered in CIS Control 8. Fortra provides tools for effective log management in numerous types of environments and for event log monitoring with automated problem resolution.

Hardware & Software Inventory, also referred to as asset management, is another key component of a foundational cybersecurity strategy. Listed as CIS Control 01, this step can leverage a passive asset discovery tool to help you always stay aware of what’s on your network.

Fundamental Security Control Capabilities

Once we’ve put our processes in place, it’s time to dig into the real work – integral security capabilities. These include:

• Intrusion Detection Systems and Intrusion Prevention Systems (IDS/IPS)
• Vulnerability Assessments
• Communication Baselines
• Identity & Access Management (IAM)
• System Hardening

In that department, Fortra has a number of cross-over solutions:

IDS/IPS are not single solutions but rather a set of technologies used to identify malicious attacks. Fortra’s suite of threat detection tools scans the field for foul play, followed up by solutions that prevent misconfiguration, ensure compliance, provide visibility, monitor the network and block malware from critical endpoints. They include:

• Powertech Exit Manager for IBM i
• Powertech SIEM Manager for IBM i
• Powertech Compliance Monitor for IBM i
• Powertech Antivirus
• Event Manager
• Tripwire Enterprise

Vulnerability Assessments are crucial to being able to do the next-level security work of finding out which part of your mapped enterprise to secure next. This type of service adds another layer of context and does the hard work of threat discovery, reporting, prioritization, response – and re-testing to make sure what was safe then is still safe now.

Communication Baselines are part of any zero-trust solution and are necessary to find when something deviates from the norm. What are normal traffic patterns? How many calls per day does a particular API receive? After baselines are established, Fortra’s Detection and Response solutions can automatically determine when something is off.

Identity & Access Management (IAM) solutions ensure the right people are accessing the right information at the right time. Fortra’s Core Security helps streamline user provisioning, password management and Privileged Access Management (PAM) to limit access to only those individuals who need it.

System Hardening refers to the multiple methods employed to reduce vulnerabilities within the network. To that end, Fortra’s Core Impact penetration testing software simulates the techniques used by today’s adversaries, guiding even new system administrators through automated, certified exploits.

Advanced Security Control Capabilities

At this point, your organization has achieved the basics and is ready to move on to more in-depth network security. Your assets are organized and accounted for; your network access is limited, secured, and monitored; now it’s time to catch next-level threats and secure your enterprise against the worst exploits– not just the most common.

To do this, it requires advanced capabilities. These include:

• Artificial Intelligence (AI)
• Machine Learning (ML)
• Sandboxing
• Threat Intelligence (TI)
• Endpoint Detection and Response (EDR)

Fortra leverages AI and machine learning in a plethora of solutions, including Agari Phishing Defense, Boldon James Data Classification, Phish Labs Digital Risk Protection, RPA Intelligent Document Processing and more. 

Fortra solutions leverage AI and machine learning in a variety of ways, such as

While a lot of these are offensive measures designed to vet out threats, AI and ML are also used in Detection and Response tools like Digital Guardian EDR and Alert Logic MDR. They look beyond the signatures and spot patterns of malicious behaviors so you can defend against not only the base-level threats but whatever’s up the food chain.

Fortra’s Clearswift provides an extra layer of protection for the inbox, “sandboxing” potentially malicious attachments and links to find out if they detonate – before you open them.

Along those lines, Threat Intelligence (TI) allows organizations to make informed decisions to focus on things that will provide the highest impact.  Fortra gathers data from various sources including our products, law enforcement agencies, partners, and the dark web.  A combination of tools, machine learning, and human expertise correlate every risk and indicator of compromise four our customer base.  These insights make up the Fortra Threat Brain which powers various solutions.

Go Farther with Fortra Integrations

All this to say – even the best, most use-case-specific solutions are better together. The value-add of having a large portfolio is that you can offer customers optimized solutions combined for maximum effectiveness, all from a single-source vendor. That means troubleshooting, deployment and ongoing upkeep are all easier, streamlining the bureaucracy and cutting red tape where security is concerned.

For instance, Agari email solutions integrate with SIEM and SOAR tools to accelerate incident response, and Digital Guardian integrates with numerous technology partners, including AWS, Cisco, IBM, Palo Alto and more.

The Fortra ecosystem is designed to meet any organization at their current level of security maturity and provide them with the right tools, partnerships and direction to get to the next level.

Contact the Fortra team with any questions, and to learn more about our products and solutions.