Blog

Why Privacy Matters in Cybersecurity
Blog

Industrial Cybersecurity and the Florida Water Supply Attack with Dale Peterson

By Editorial Staff on Mon, 02/22/2021
Through the lens of the Florida water supply hack, Dale Peterson teaches how events like these remind us to take the necessary steps to maintain our cybersecurity. Founder and chair of S4 Events, Dale has been helping security professionals effectively and efficiently manage risk to their critical assets for over 15 years. https://open.spotify.com...
Industrial Control Systems
NCSC Active Cyber Defence Report 2019: Evidence Based Vulnerability Management
Blog

NCSC Active Cyber Defence Report 2019: Evidence Based Vulnerability Management

By Anastasios Arampatzis on Fri, 07/26/2019
On 16 July 2019, UK’s National Cyber Security Centre (NCSC) released the second annual report of the Active Cyber Defence (ACD) program. The report seeks to show the effects that the program has on the security of the UK public sector and the wider UK cyber ecosystem. The Active Cyber Defence Program NCSC was set up in 2016 to be the single...
Vulnerability & Risk Management
A Guide to PCI DSS Merchant Levels and Penetration Testing
Blog

A Guide to PCI DSS Merchant Levels and Penetration Testing

By Tripwire Guest Authors on Tue, 02/27/2018
To distinguish the size of merchant companies and appropriately determine the level of testing required, the founding credit card companies created four different brackets ranging from Tier 1 to 4. Each tier is based on the number of transactions processed per year by the merchant and also dictates the testing a merchant must undertake. While...
Compliance
PCI DSS
Integrity: The New "I" in PCI Compliance
Blog

Integrity: The New "I" in PCI Compliance

By Editorial Staff on Thu, 01/18/2018
The retail industry saw more than its fair share of data breaches in 2017, with security incidents impacting at American supermarket chain Whole Foods Market and clothing companies Brooks Brothers, The Buckle, and Forever 21, to name a few. At least some of those events likely resulted from retailers' poor data breach preparation. Consider the fact that...
Compliance
PCI DSS
Financial services data protection: Are IT pros overconfident? Infographic
Blog

Are Financial Services IT Pros Overconfident in Data Breach Detection Skills?

Fri, 01/29/2016
Tripwire studied confidence vs. knowledge of financial services IT security pros on seven key security controls necessary to detect a data breach. For many controls IT pros believed they had the information necessary to detect a breach quickly but provided contradictory information about the specific data.   ...
Vulnerability & Risk Management
Compliance
Blog

Five Men Arrested in Connection with the 2014 JPMorgan Hack

By David Bisson on Mon, 07/27/2015
In August of 2014, it was reported that a group of hackers had exploited a vulnerability in the websites of JPMorgan. After breaking into the company’s network, the attackers then allegedly staged additional attacks that were custom-made to JPMorgan’s servers, which gained them access to internal systems on which customer account data was stored. Several months later, investigators revealed that...
OpenSSL to Fix 'High' Severity Security Flaw
Blog

80% of Retailers Failed Interim PCI Compliance Assessments

By Editorial Staff on Wed, 03/11/2015
  Despite retailers’ continuous improvement in compliance with the Payment Card Industry (PCI) security standards, four out of five companies are still failing at interim assessments, according to Verizon’s latest report. The report highlights that the overall state of compliance grew significantly in 2014, with 20 percent of organizations achieving...
Compliance
PCI DSS