Working with a Reliable Partner for Cybersecurity Success

Image

Technology companies are often seen as revolving doors of constantly shifting personnel. Whether they are seeking a better work environment or chasing a higher paycheck, these staff changes can hurt an organization’s progress. Worse yet, the customers are often negatively impacted by these changes in the continuity of established relationships.

At Fortra, we're proud to have a higher average tenure than most organizations with many team members having been with the company for more than 20 years. We recently spoke with Troy Thompson, Director of Services at Fortra, who has more than two decades of experience with the Tripwire brand. In fact, Troy is one of the patent holders for Automated Change Approval in the Tripwire product. He shared some insights about his experiences and the importance of choosing a steady, reliable partner for cybersecurity success.

Tell us a little bit about your career and how you ended up being the Director of Services at Fortra.

Troy Thompson: I started at Tripwire in 1999. My initial role was to manage the support team. Over that time, we ended up with a really tight group. We were responsible for the online knowledge base, and world wide technical support out of Portland. The team didn't require a lot of management, so we started working on options for consulting. Our customers wanted onsite partnership to design and implement advanced configuration and automation with Tripwire, , and I was part of the group that went out to work directly with our customers.

I moved into an architecture and leadership role so I could have more involvement on a wider group of projects, a larger scope of customers and to be able to work with our selling team. Throughout that time period, we kept working on automation. At that point, I worked on the automated change approval technology with Gregor Torrence, and we received a patent for it. That really helped differentiate Tripwire as a brand and gave us a lot of latitude in the way we would perform integration and automation work with our customers. It enabled alignment of their processes with their own system of record.

I moved further into a leadership role and was responsible for education, managed services, and the sales engineering team for a while. Now, my primary focus is Fortra’s Customer Engagement and Delivery.

What are some of the biggest challenges organizations are facing right now from a cybersecurity and business perspective?

TT:  I see the challenges in three stages. The first one is to know what you have. A lot of organizations struggle with their asset inventory. They are trying to answer the questions: “What do I have? Is it the same all the time? Is it virtual containers, or is it physical gear? Is it some piece of attached hardware that monitors a door?” There could be anything there that could introduce a security weakness that can compromise the entire company.

The second challenge is for an organization to understand that for every asset, there must be a reason that the asset is there. If the organization can identify the assets, and also know why those assets are there, then they can move to the third challenge, which is to maintain the integrity of those assets. The organization needs to be confident that those assets are configured the way that they were initially set up. If the configuration has changed, can those changes be verified?

Based on your experience, how can organizations figure out what they have? What's one way of doing that?

TT: There are a couple of key aspects there. One of them is more advanced. If you have a daily automation task for discovery, it should be coupled with a Configuration Management Database (CMDB). That's probably one of the best ways to start keeping an organization on track; knowing exactly what's going on and updating it, even if it's active all the time. An active scan that's always run, that you always keep in synchronization with your CMDB. However, that does require a lot of time and attention. But, that time and attention pays for itself, as the organization doesn’t have to respond to things that they didn't know were there or things that have been removed that were still on an old asset list.

How important is integrity in security, compliance, and operations?

TT: Integrity can be summed up as the reputation of reliability. If you look at integrity and reliability as nearly the same thing, there's nothing more important than reliability in any IT or OT practice. If you're focused on reliability, how do you prove or expose that reliability? Well, it's the integrity of your system. Are you managing integrity, or are you relying on luck? Is it lucky that your systems are running? Is it lucky that your systems work? Or, do you have integrity in those systems and know for a fact that they are operating the way they were built, they are the way that you hardened them, and that they are at the same revision they were yesterday and no one has modified them?

The ability to know the environment and know the reputation for reliability is there; that's the way I view integrity. I've seen most of our customers look at integrity in the same way too. They, they want that reputation of reliability.

How can Tripwire and the Fortra product line help with integrity and reliability?

TT: We can start with some of the initial visibility pieces. Fortra offers a few different scanning and vulnerability engines which can help with asset discovery. That is a good place to start. From the Tripwire perspective, each one of those endpoints can be scanned as well. Tripwire integrates with many manufacturers to gather information on all the endpoints in an environment. By taking those steps, an organization can get a full view of the environment. With Fortra’s Tripwire Enterprise, even if an organization is uncertain about the origin of a particular configuration, it will become aware of the current state of that endpoint, and it can be monitored for any drift from that point.

What are the challenges that your customers are seeing when it comes to the cybersecurity skills gap, and how can they overcome that?

TT:  It may sound a little old-fashioned, however, I have seen the best value with an approach of finding a highly skilled partner. As an example, if you sit down with somebody who knows how to play guitar, that individual makes it look easy. But, when you try it, you may not get the same results. Similarly, if you can’t find a person to fill a position in the organization, when you work with a highly skilled partner, they can get your team skilled up to the level that can help the organization. A partner can bring the fundamental understanding of what the organization needs to know about a product, a process, or some type of practice or program. The handoff and knowledge transfer is massively important. When that training is conducted as it relates to the normal part of a person’s job, rather than in a separate environment, it gets stronger results.

One service that we offer is our resident engineer service at Tripwire. We didn't invent it intentionally. We didn't come up with any marketing. It was developed to provide a service to our customers who needed someone to come out and be their staff engineer for a period of time. The engineer could be there for a short time, but as the customer's team matures and changes, the staff benefits from the on-site support.

The other one is, of course, our managed services. In some cases, the customer is initially uninterested in how the product works, and they just want to see the reports that it generates. Over time, however, as they want to adjust the results, they start to learn the product. In turn, this curiosity closes the skills gap, giving them better visibility and security. The alignment of our internal product teams with services keeps the feedback loop very tight. Whether it's through our managed services, the resident engineer, or a consultant that's out for a project, the customer has a direct tie into the product team. This also gives the customers the ability to recommend product improvements.

What are some of the benefits for the customers as a result of the Tripwire becoming part of Fortra?

TT: The cross-training will directly benefit our customers. A customer can rely on more knowledge from our product teams. If one product is not exactly what the customer is seeking, we can direct them to the right offering to bring them more value and security. It is a fundamental approach to our relationships; to really connect with the customers and help them solve their security challenges.

Fortra is a software company focused on creating a simpler future for cybersecurity. Secure your data, stay ahead of threats, simplify your strategy and share your data safely. Learn more, today: https://www.fortra.com/