There are many rewards to being a world class cybersecurity solutions provider at a time when demand for effective solutions is exponentially greater than the existing supply – and getting greater by the minute.
But, perhaps the greatest reward is to be asked to model best practices and product capabilities for the greater good of business and missions in a world class lab. Better yet, to collaborate with the most widely recognized standards body in the world to establish such a model.
Tripwire is working with the National Cybersecurity Center of Excellence (NCCoE) in the Data Integrity: Detecting and Responding to Ransomware and Other Destructive Events Building Block Consortium to develop practical, interoperable cybersecurity approaches that address the real-world needs of complex Information Technology (IT) systems.
This project will detail methods and potential tool sets that can detect, mitigate, and contain data integrity events in the components of an enterprise network. It also will identify tools and strategies to aid in a security team’s response to such an event. NIST does not evaluate commercial products under this Consortium and does not endorse any product or service used.
Synchronously, we are also working in the Data Integrity: Identifying and Protecting Assets against Ransomware and Other Destructive Events Building Block Consortium.
Along with the already published Data Integrity: Recovering from Ransomware and Other Destructive Events Guide, this three-part series of detailed implementation resources, centered around the Data Integrity Building Block, will provide the practical steps required to implement a cybersecurity reference design that supports each core function (Identify, Protect, Detect, Respond, Recover) as identified by NIST’s Cybersecurity Framework.
First developed by the executive order of President Obama in 2013, the Framework’s adoption became a requirement for all federal agencies by order of President Trump in May 2017. Part of the NCCoE’s mission is to accelerate businesses’ adoption of standards-based, advanced security technologies that align with the Framework’s core functions.
Since then, companies have considered Tripwire functionality a key component to successfully implementing the NIST Cybersecurity Framework, because the controls found in Tripwire solutions provide support for all five functions.
Some of the focus areas for this project are obviously integrity monitoring and malicious malware detection. In those areas, Tripwire is providing Tripwire Enterprise with our newly introduced Tripwire Malware Detection.
This solution also provides for unauthorized activity detection, anomalous activity detection, a forensics and analytics tool, and some ability to mitigate malware and contain it either directly or through integrations.
The newest Data Integrity projects are in the “Build” phase. Stay tuned for details on when and how to download the finished guides. In the meantime, make sure to download a copy of Data Integrity: Recovering from Ransomware and Other Destructive Events, SP 1800-11.
Disclaimer: Certain commercial entities, equipment, products, or materials may be identified in order to describe an experimental procedure or concept adequately. Such identification is not intended to imply recommendation or endorsement by NIST or NCCoE, nor is it intended to imply that the entities, equipment, products, or materials are necessarily the best available for the purpose.