The Future is Hybrid: Practicing Security in the Hybrid Cloud

By now, many organizations have adopted the cloud in some way. We saw organizations moving whole servers over to the cloud at the beginning, but now we see small parts of a system being moved to the cloud and new cloud native offerings. We’ll use the analogies of Lincoln Logs and Legos to describe these deployment models.


Third-party data breach exposes GE employees' personal information

Past and present employees of General Electric (GE) are learning that their sensitive information has been exposed by a data breach at a third-party service provider. Fortune 500 company GE says it was recently informed of a security breach at one of its partners, Canon Business Process Services.

Who's Responsible for Industrial Cybersecurity and Securing OT Environments?

Who are the key stakeholders involved when it comes to securing OT environments? Kristen Polous, General Manager of Industrial Cybersecurity at Tripwire, discusses who should be responsible for ICS security and how these stakeholders can work together to address cyber risks.

The Biggest Challenge Affecting Industrial Cybersecurity Organizations

Implementing a robust cybersecurity program is no small feat, especially for critical infrastructure organizations. Kristen Polous, General Manager of Industrial Cybersecurity at Tripwire, shares the number one challenge affecting industrial cybersecurity customers today and how to overcome it.

Free Cyber Safety Resources during COVID-19

Whether you are reading this from somewhere in the United States or overseas, chances are you are doing it from the comfort of your home. Not because you chose to but because you were asked to do so in order to prevent Coronavirus disease 2019 (COVID-19) from spreading any further. If you are a parent, working remotely with your kids at home, you are probably facing additional challenges.


Dispelling 5 Myths and Misconceptions Surrounding File Integrity Monitoring (FIM)

File integrity monitoring (FIM) started back in 1997 when Gene Kim launched Tripwire and its “Change Audit” solution. Just a few years later, Change Audit became FIM; this rebranded tool worked with the 12 security controls identified in Visa’s Cardholder Information Security Program (CISP). CISP became PCI DSS 1.0, and things continued to evolve after that. Which brings us to the present day.


COVID-19 Scam Roundup - Week of 3/16/20

Malicious actors are increasingly leveraging COVID-19 as a theme for new digital fraud attacks. In February 2020, for instance, Action Fraud received 21 reports of fraud relating to the coronavirus. This number of reports more than doubled to 46 between March 1 and March 13, 2020. Between March 14 and March 18, 2020, the United Kingdom’s national fraud reporting center collected 38 reports alone. Those 105 reports represented a collective total of £970,000 in losses.


How Organizations Can Fight to Retain Talent Amidst the Infosec Skills Gap

In a previous post, I shared some expert insight into how organizations can address the challenges of hiring skilled talent despite the ongoing infosec skills gap. Organizations can’t rest easy once they’ve brought on new talent, however. They need to make sure they hold onto their existing workforce. That’s easier said than done. Cybersecurity Ventures forecasted that a total of 3.5 million infosec-positions will be unfilled in 2021.


Whatever happened to cryptojacking?

A couple of years ago it felt like you couldn’t turn your head in any direction without seeing another headline about cryptomining and – its more evil sibling – cryptojacking. Countless websites were hijacked, and injected with cryptocurrency-mining code designed to exploit the resources of visiting computers. Victims included the likes of the LA Times, and political fact-checking website Politifact.