Keep Your Guard: Stay Compliant and Be Secure

•

0 likes•2,486 views

NERC CIPv6’s deadline has come and gone and yet there are many organizations still struggling to stay compliant. While maintaining continuous compliance is a daunting task, compliance does not equal security. Assuring your environment is not compromised with a security breach that brings critical infrastructure down is a top priority. Over 295 incidents on Industrial Control Systems (ICS) were cited in 2015 (ICS-CERT) and most were in energy and manufacturing sectors.

Technology

Keep Your Guard: Stay Compliant
and Be Secure
September 14th, 2016

Presenters
Director, Product Management
IT Security and Risk Strategist
Twitter: @terlin
terlin@tripwire.com
Vice President, Services
Tim Erlin Karl Perman Bill Kearson
Director, Information Security

3
Current State of Industry
Tripwire Research: http://www.tripwire.com/company/research
Could a cyberattack on operational technology in your organization cause physical damage?
* November, 2015, 150 IT professionals in energy, utilities and oil & gas

4
Current State of Industry
Tripwire Research: http://www.tripwire.com/company/research
Does your organization have the ability to accurately track all the threats targeting your OT
networks?
* November, 2015, 150 IT professionals in energy, utilities and oil & gas

5
Current State of Industry
Tripwire Research: http://www.tripwire.com/company/research
What compliance requirements are the biggest driver for your purchase of cyber
security products?
* November, 2015, 150 IT professionals in energy, utilities and oil & gas

Compliance Challenge: Baselines
•  What does NERC CIP require:
–  CIP-010 R1: Develop conﬁguraLon baselines, authorize and document
changes to baselines (OS including ﬁrmware, soQware, ports, security
patches)
–  CIP-010 R2: Monitor and invesLgate changes to baselines
•  Tips for Achieving and Maintaining Compliance
–  AutomaLon; reducing manual eﬀort can dramaLcally reduce audit
burden.
–  Deﬁne baseline process for your organizaLon
–  Have a conﬁguraLon change management system including change
authorizaLon process

Compliance Challenge: Logging
•  What does NERC CIP require:
–  CIP-007 R4: Log security events, generate alerts, retain and review logs
–  CIP-006 R2.2: Logging of visitor access
–  CIP-009 R1.5: Data preservaLon for determining cause of Cyber Security Incident
–  CIP-005 R1.5: DetecLng malicious communicaLons
•  Tips for Achieving and Maintaining Compliance
–  NormalizaLon rules; choose a product that can normalize logs from systems in your
environment.
–  Don’t pay for log storage; choose a tool that licenses by asset, not by events per
second or data stored.
–  Implement a logging process including clearly deﬁned roles and responsibiliLes

Security: Secure ConﬁguraLons
•  What gaps does CIP compliance leave open:
–  Frequency of review; 35 days is not oQen enough!
–  Use of conﬁguraLon informaLon
–  Remember oﬀense as well as defense

•  Tips for going beyond NERC CIP compliance to security
–  Use a conﬁguraLon baseline tool that can monitor in real Lme.
–  Expand the baseline conﬁguraLon items promulgated by CIP
–  Fuse conﬁguraLon data with threat intelligence

Security: Security Event
Management
•  What gaps does CIP compliance leave open:
–  Stateful correlaLon of events; 5 failed logins followed by
success
–  Track events that mafer to your organizaLon in addiLon to CIP
requirements
•  Tips for going beyond NERC CIP compliance to security
–  Use a log management tool that can track state across events
–  Use key performance indicators to measure eﬀecLveness
–  Event analysis correlated with threat intelligence

Conclusion
•  CIP is only a baseline; go further for security
•  Good CIP compliance may not protect you from all of
the current security threats
•  A process driven approach should make compliance
less burdensome in the long run (deﬁned and
repeatable processes)
•  Automate where you can as manual processes are
fraught with resource constraints and errors

TRIPWIRE PROPRIETARY & CONFIDENTIAL. NOT FOR DISTRIBUTION. INTERNAL USE ONLY.
Questions

Implementing IT changes is imperative to the infrastructure of a business, but it can also open the door to breaches, viruses and malware, such as ransomware. So, how can organizations manage change effectively, maintain compliance and still reduce security risk? One answer lies in change management across your IT systems. Jeff Lawson, Sr. Director, Product Management at Tripwire, and Geoff Hancock, Principal at Advanced Cybersecurity Group, cover: -How IT operations and security teams can cooperate to improve IT stability and reduce security risk. -How to reduce risks associated with poor configuration management. -How leveraging Tripwire Enterprise for change detection enhances your change control process and keeps your systems, and organization, operating effectively and securely.

Industrial Cyber Security: What You Don't Know Might Hurt You (And Others...)

Tripwire

Cyber security experts David Meltzer, Chief Research Officer at Tripwire; Tony Gore, CEO at Red Trident Inc.; and John Powell, Senior Critical Infrastructure Engineer at Red Trident Inc., discuss the practical 1-2-3 basics of industrial cyber security and how to get started automating asset management. Attendees will also learn how to build an effective strategy for protecting industrial assets – networks, endpoints and controllers. Key Takeaways: · Learn how to automate and simplify the inventory process and secure your assets · Understand what cyber security standards may apply to your unique environment · Hear real-world tips on how to prioritize and work across functional silos within your company · Receive an industrial cyber security assessment checklist to help gauge your starting point

Tripwire IP360 Vulnerability Management

Tripwire

Growing Pains for Human Resources

Human Capital Media

In a growing firm, Human Resources is often trying to maintain order in an environment of chaos. From recruiting and onboarding through process management and cultural changes, HR is the department that experiences a company’s growing pains most acutely. But if HR is constantly putting out fires, how can your staff focus on its greater mission of serving the evolving workforce and strengthening the company? This webinar will examine some of the troubling challenges, emerging trends and truly innovative ideas that are transforming HR today. You will learn how innovative HR departments are managing: Workload management challenges Content management challenges Access Management challenges

Stop Chasing the Version: Compliance with CIPv5 through CIPv99

Tripwire

For many energy companies, readying for compliance with the latest version of NERC Critical Infrastructure Protection (CIP) standards, whether they be v5, v6, v7 or beyond is not the first priority – delivering reliable energy to the BES is. So, how does a company deal not only with the impending changes of CIP v5, but do so in a manner that best positions them for compliance with future versions and secures their cyber environment? Join our live webcast on Thursday February 5 to hear from ICF, Tripwire, and AssurX industry experts who are helping organizations already grappling with the new and upcoming CIP requirements, implementing a risk based approach, the steps they are taking to get ahead of the curve, and addressing the uncertainty. Key Takeaways - Regarding Readiness for NERC CIPv5 (and beyond): •Best approaches for achieving compliance in a changing environment. (i.e. v5, v6, v7). •How to save time, resources, and achieve automation with practical guidance on compliance efforts for current and future CIP requirements. •Practical highlights and key controls from those already working on the most pressing issues.

PCI Breach Scenarios and the Cyber Threat Landscape with Brian Honan

Tripwire

The new Payment Card Industry Data Security Standard version 3.0 is the global compliance standard for organizations processing credit card payments and it’s more security-centric than ever. Regardless of your PCI DSS compliance audit readiness, how will PCI 3.0 help protect against common cyber threats? How are cyber criminals able to routinely steal credit card and personal information, and what can you do now to protect your customer and transaction data? Brian Honan (CISM,CGEIT, CRISC) is an information systems and cybersecurity specialist and a member of the Advisory Group on Internet Security to Europol’s Cyber Crime Centre (EC3) on breach investigations. Honan joins Joel Barnes (CISSP), Senior Systems Engineer for Tripwire, to share recent and likely breach scenarios that PCI compliant organizations face now. You will learn: •The top three things PCI compliant organizations overlook most frequently •The most likely attacks scenarios targeting PCI compliant organizations and how to protect against them •How to prepare for the inevitable breach: building an effective breach response plan

Industrial Cyber Security: What is Application Whitelisting?

honeywellgf

In terms of industrial cyber security “application whitelisting” is an emerging approach to combating viruses and malware. It allows software to run that’s considered safe and blocks all other programs. The basic concept behind application whitelisting is to create a list that permits only good known files to execute, rather than attempting to block malicious code and activity. Visit https://www.honeywellprocess.com/en-US/explore/services/industrial-it-solutions/Pages/default.aspx today.

Mobile First, Security First!

Tripwire

Too often, organizations purchase SIEM and log management solutions to check a compliance checkbox. These organizations miss a huge opportunity to improve security while meeting compliance requirements. In this white paper, security and compliance eWPxpert Dr. Anton Chuvakin explains how to take advantage of this opportunity. Whitepaper here: http://www.tripwire.com/register/a-pragmatic-approach-to-siem-buy-for-compliance-use-for-security/

SIEM in NIST Cyber Security Framework

Bernie Leung, P.E., CISSP

SIEM Alone is Not Enough

Tripwire

This presentation addresses: -True shortcomings of traditional SIEM solutions -Why security controls that are utilized in isolation are limited in providing useful indicators of data breaches -How an alternative approach to IT security that combines state data from multiple security controls provides more advanced incident detection, adds a layer of risk context, and provides more intelligent security for protecting your data

The Firewall Policy Hangover: Alleviating Security Management Migraines

AlgoSec

The Firewall Policy Hangover: Alleviating Security Management Migraines provides a brief history of the evolution of firewalls, examines how complexity leads to misconfiguration risk and concludes with a discussion on firewall policy management best practices and real-life lessons learned. Additionally, this presentation shares research from “The State of Network Security 2012” that examines: • the challenges of managing network security policies • the impact of changing business requirements • the benefits and limitations of emerging firewall technology

I.T. Geeks Can't Talk to Management

Tripwire

Tripwire has released results from an extensive study focused on the state of risk-based security management with the Ponemon Institute. The study examined the disconnect between an organizations commitments to risk-based security management and its ability to develop the collaboration, communication styles and culture necessary for effective security programs across the organization. The study respondents included 749 U.S. and 571 U.K. professionals in the following areas: IT security, IT operations, IT risk management, business operations, compliance/internal audit and enterprise risk management. “Risk-based security is an extremely complex problem where predictability and outcomes are constantly changing,” said Dr. Larry Ponemon, chairman and founder of the Ponemon Institute. “This means that even the most secure and sophisticated organizations experience risk because there are too many variables in play. Effective communication and collaboration across the organization are crucial in mitigating this risk.” The full report can be found here: http://www.tripwire.com/register/the-state-of-risk-based-security-2013-full-report/

IT Governance Roles and Data Governance - Hernan Huwyler

Hernan Huwyler, MBA CPA

A Case Study of the Capital One Data Breach

Anchises Moraes

Are existing compliance requirements sufficient to prevent data breaches? This session will provide a technical assessment of the 2019 Capital One data breach, illustrating the technical modus operandi of the attack and identify related compliance requirements based on the NIST Cybersecurity Framework. Attendees will learn the unexpected impact of corporate culture on overall cyber security posture. This talk was presented at RSA Conference 2021 (Session RMG-T15) on May 18, 2021. Original paper available for download at SSRN: Novaes Neto, Nelson and Madnick, Stuart E. and Moraes G. de Paula, Anchises and Malara Borges, Natasha, A Case Study of the Capital One Data Breach (28/04/2020). https://ssrn.com/abstract=3570138

QSA Shares PCI 3.0 Advice & Checklist

Tripwire

It’s big. It’s bigger than you think. On January 1, 2015, the Payment Card Industry Data Security Standard (PCI DSS) version 3.0 becomes the global PCI audit standard. In this webinar, PCI QSA Jeff Hall shares the biggest gotchas that he’s encountered while working with clients. Key insights will include: • How will auditors’ requirements increase notably? • What are the foreseeable problem hot spots? • Why won't steps for passing PCI 2.0 cut it for 3.0? You’ll also get a helpful checklist for 3.0 late starters!

Information Security Management

EC-Council

Tripwire enterprise 87_datasheet

Devaraj Sl

CMMC Certification

ControlCase

Isms3

aaditya

Cyber Security in the Digital Age: A Survey and its Analysis

Rahul Neel Mani

Gpc case study_eng_0221

SALIH AHMED ISLAM

10 Steps to Better Security Incident Detection

Tripwire

* Why many organizations don’t successfully detect security breaches * How to best use existing security information and event management and log management tools * Other sources, including external ones, that can provide early indicators of a security breach * How to maximize the security resources you already have Watch the webcast here: http://www.tripwire.com/register/10-steps-to-better-security-incident-detection/

Nist.sp.800 37r2

newbie2019

Integrating Cybersecurity into Supply Chain Risk Management

Priyanka Aash

Cyber–supply chain risks pose a new set of challenges for businesses (loss of critical IP, unwanted functionality in products) which jeopardize brand reputation and shareholder value. This session will present case study research from NIST on cutting-edge practices and tools that today’s industry leaders in supply chain risk management are deploying to secure their supply chains from end to end. (Source: RSA USA 2016-San Francisco)

IT Risk Management

Tudor Damian

Almost every business decision requires executives and managers to balance risk and reward, and efficiency in that process is essential to an enterprise’s success. Too often though, IT risk (business risk related to the use of IT) is overlooked. While other business risks such as market, credit and operational risks have long been incorporated into the decision-making processes, IT risk has usually been relegated to technical specialists outside the boardroom, despite falling under the same risk category as other business risks: failure to achieve strategic objectives. This session intends to address business risks related to the use of IT, looking at industry standards, frameworks and best practices, as well as focusing on real world examples and specific plans on how to implement IT Risk Management on every level of your company.

Logging, monitoring and auditing

Piyush Jain

Practical steps for assessing tablet & mobile device securityEnclaveSecurity

Threat Intelligence from Honeypots for Active Defense

Tripwire

As cyber adversaries increase the sophistication and persistence of their attacks, old methods treating all threats the same become increasingly inadequate. One method for gaining better context around these threats is the use of “honeypots.” A honeypot is a security resource deliberately designed to be probed, attacked and compromised, for the purpose of gathering intelligence around an attacker. By tricking our adversaries into believing that they have gained access to our systems, we can watch their activities, where they connect from, what malware they upload to systems and other crucial information. Furthermore, when integrated with other threat intelligence and automation tools, we can leverage this data to not only provide context around the threat but also to initiate an immediate response to block the attacker and share the data across our organizations or with others. In this webcast, security engineer Ioannis Koniaris, developer of Honeydrive, a popular Linux distribution that comes with several honeypot applications pre-installed, discuss with us how various open source honeypot tools work and how they can be used to gather threat intelligence data. Tripwire security researcher Ken Westin will present how to make use of the honeypot data collected to provide richer analytics and enhance your defenses.

"Backoff" Malware: How to Know If You're Infected

Tripwire

The US-CERT organization recently updated its Alert TA14-212A, which warns that Point-of-Sale (POS) memory-scraping malware has been found in 3 separate forensic investigations. The Secret Service estimates over 1000+ businesses of all types that accept credit card transactions may be affected. Most may not know it yet. Join us to learn key “Indicators of Compromise” (IOCs) for Backoff, and what you can do about it.

What's hot

A Pragmatic Approach to SIEM: Buy for Compliance, Use for Security

Tripwire

SIEM in NIST Cyber Security Framework

Bernie Leung, P.E., CISSP

SIEM Alone is Not Enough

Tripwire

The Firewall Policy Hangover: Alleviating Security Management Migraines

AlgoSec

I.T. Geeks Can't Talk to Management

Tripwire

IT Governance Roles and Data Governance - Hernan Huwyler

Hernan Huwyler, MBA CPA

A Case Study of the Capital One Data Breach

Anchises Moraes

QSA Shares PCI 3.0 Advice & Checklist

Tripwire

Information Security Management

EC-Council

Tripwire enterprise 87_datasheet

Devaraj Sl

CMMC Certification

ControlCase

Isms3

aaditya

Cyber Security in the Digital Age: A Survey and its Analysis

Rahul Neel Mani

Gpc case study_eng_0221

SALIH AHMED ISLAM

10 Steps to Better Security Incident Detection

Tripwire

Nist.sp.800 37r2

newbie2019

Integrating Cybersecurity into Supply Chain Risk Management

Priyanka Aash

IT Risk Management

Tudor Damian

Logging, monitoring and auditing

Piyush Jain

Practical steps for assessing tablet & mobile device securityEnclaveSecurity

What's hot (20)

A Pragmatic Approach to SIEM: Buy for Compliance, Use for Security

SIEM in NIST Cyber Security Framework

SIEM Alone is Not Enough

The Firewall Policy Hangover: Alleviating Security Management Migraines

I.T. Geeks Can't Talk to Management

IT Governance Roles and Data Governance - Hernan Huwyler

A Case Study of the Capital One Data Breach

QSA Shares PCI 3.0 Advice & Checklist

Information Security Management

Tripwire enterprise 87_datasheet

CMMC Certification

Isms3

Cyber Security in the Digital Age: A Survey and its Analysis

Gpc case study_eng_0221

10 Steps to Better Security Incident Detection

Nist.sp.800 37r2

Integrating Cybersecurity into Supply Chain Risk Management

IT Risk Management

Logging, monitoring and auditing

Practical steps for assessing tablet & mobile device security

Viewers also liked

Threat Intelligence from Honeypots for Active Defense

Tripwire

"Backoff" Malware: How to Know If You're Infected

Tripwire

Tripwire University: Cyberwar Boot Camp – Introduction and Overview

Tripwire

Achieving Continuous Monitoring with Security Automation

Tripwire

This presentation provides: An overview of continuous monitoring Discusses federal requirements for continuing monitoring Explains why it is critical for risk mitigation Describes an effective continuous monitoring strategy that brings together data from different security controls in one place Watch the webcast here: http://www.tripwire.com/register/achieving-continuous-monitoring-easily-with-security-automation/

PCI Change Detection: Thinking Beyond the Checkbox

Tripwire

Passing PCI compliance can be a painful experience. According to Verizon’s 2015 PCI report, only 9% of breached organizations were compliant with Requirement 11—a fundamental requirement which ensures that an organization is prepared for a range of attack types. Does your organization have the change detection requirement under control? Tim Erlin, Director of Security and Risk Strategist for Tripwire, and Glenn Rogers, Acting CIO for the Girl Scouts of Northern California, provide a practical discussion on: • How GSNorCal saved time and money by changing their PCI approach • The three most common change detection audit mistakes and how to correct them • A sneak peek at the impact of PCi v3.2 released this year

Taking the Pain out of PCI Compliance

Tripwire

Passing PCI audits can be a painful experience, but it doesn’t have to be that way. Tripwire solutions are used by eight of the top ten global retailers and we’ve helped thousands of customers achieve and maintain PCI compliance since version one of the PCI regulations. Aaron Warner, Systems Engineer Manager at Tripwire, shows you how to: -Avoid the top three mistakes of PCI compliance audits -Build audit-ready PCI reports with less effort -Stay PCI compliant once you’ve passed an audit

Tripwire University Boot Camp – Economy of Bad

Tripwire

Christopher Beier, Sr. Product Manager of SCM products, explores how a marketplace exists for those who operate in the “economy of bad.” He explains how this economy manifests itself, what the role breaches play, what the value of product is and how stolen information fuels this economy. He reviews some of the types of attackers and what their motivations are, showing common attacker methods and attack types.

Tripwire University Boot Camp – The Shifting Landscape: Know Your Battlefield

Tripwire

Survival of the Fittest: How to Build a Cyber Resilient Organization

Tripwire

Cyber threats are growing increasingly complex, and with the explosion of the internet of things (IoT), organizations need to take steps to protect themselves and their customers. Intel has projected there will be over 200 billion IoT devices by 2020, and online data volumes are expected to grow up to 50 times what they are today. Infotech and security leaders are now evaluating a new cyber resilient architecture that can adapt and scale with rapid business digitalization and new IT models. Simplifying the security stack is no longer just a cost-saving priority – with cybercrime threatening to cost $6 trillion by 2021, it is also a prerequisite for uninterrupted visibility, responsiveness and resilience. In this webinar, guest speaker Jeff Pollard, Principal Analyst at Forrester, and David Meltzer, Chief Technology Officer at Tripwire, discuss the growing challenges of cyber threats and share steps you can take now to build a cyber resilient organization. Topics include: -How to identify and cut the technology bloat in your security operations. -Challenges and opportunities as IT transitions from on-premise to in the cloud. -Eliminating blind spots and dark spots for uninterrupted visibility, regardless of the endpoint or its location. -How to re-evaluate strategic planning so that you can align your security programs to new business models.

8 Tips on Creating a Security Culture in the Workplace

Tripwire

The RMF: New Emphasis on the Risk Management Framework for Government Organiz...

Tripwire

The realities of security, compliance and IT Operations are forcing Federal organizations to rethink risk management. The Risk Management Framework (RMF), created by the DoD, provides a solid foundation for security program design and FISMA compliance that can help reduce risk in your environment. Federal Security and Compliance Expert Sean Sherman and Tripwire Senior Systems Engineer Steven Tipton discuss: · The RMF process and requirements · Pragmatic advice on getting started with RMF · How Tripwire solutions fit into each step of the RMF process Join us for an in-depth look at NIST-RMF and its cost effective organizational benefits.

An Essential Guide to EU GDPR

Tripwire

GDPR is the most significant change to data protection in a generation and an imminent global issue that will dominate data privacy, management and regulation discussions in 2017. According to recent research, over half of businesses lack preparedness for GDPR. With a quarter of the EU’s grace period over and with fines of up to €20 million (or 4% of global turnover), there is a lot at stake for companies falling behind the May 2018 deadline. So, where do you start? Join renowned information security consultant and GDPR expert, Brian Honan, along with Tim Erlin, Senior Director, Security and IT Risk Strategist at Tripwire as they walk you through the essential steps to accelerate your GDPR preparedness. In this session you will learn: • The key facts about the GDPR regulations • The implications of the new rules and how they will impact your business • Practical steps your business can take to prepare • How your existing security frameworks (ISO/NIST/CSC) can help set the foundation • How Tripwire can help

Viewers also liked (12)

Threat Intelligence from Honeypots for Active Defense

"Backoff" Malware: How to Know If You're Infected

Tripwire University: Cyberwar Boot Camp – Introduction and Overview

Achieving Continuous Monitoring with Security Automation

PCI Change Detection: Thinking Beyond the Checkbox

Taking the Pain out of PCI Compliance

Tripwire University Boot Camp – Economy of Bad

Tripwire University Boot Camp – The Shifting Landscape: Know Your Battlefield

Survival of the Fittest: How to Build a Cyber Resilient Organization

8 Tips on Creating a Security Culture in the Workplace

The RMF: New Emphasis on the Risk Management Framework for Government Organiz...

An Essential Guide to EU GDPR

Similar to Keep Your Guard: Stay Compliant and Be Secure

Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?

CA Technologies

March cybersecurity powerpoint

Courtney King

2015 Conference Brochure - Trust Security Agility - Businesses Better Prepare...Neil Curran MSc CISSP CRISC CGEIT CISM CISA

Cyber security white paper final PMD 12_28_16Dave Darnell

The Unpleasant Truths of Modern Business Cybersecurity

Global Knowledge Training

From the largest to the smallest company, the inescapable truth is that with the click of a few keys or even a simple phone call, intruders can bypass all of your carefully constructed security. According to the Ponemon Institute's 2015 Cost of Data Breach Study, the average total cost of a data breach increased from $3.52 million to $3.79 million in 2014. While a number of major data breaches have made the news, often overlooked are the events and decisions that set the stage for the breach to occur. In this hour-long webinar, Global Knowledge instructor Phill Shade will walk through a number of key areas in which today's decisions set the stage for tomorrow's breach.

Mission possible splunk+paloaltonetworks_6_2015Splunk

Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...

Erin Sweeney

You face an increasing number of cyber threats that are difficult to detect and defeat. Beating them might seem like Mission: Impossible. It's not. Palo Alto Networks and Splunk with their next-generation, best-of-breed technologies have developed a joint solution to make defeating these threats Mission: Possible. Join us on Tuesday, June 30, in Santa Clara for a workshop providing hands-on exposure to both technologies. You'll walk away knowing how to: Prevent known and unknown threats at both the network and endpoint through a wide range of integrated technologies including: firewall, application visibility and control, cloud-based malware analysis, advanced endpoint protection, mobile workforce security, and data loss prevention (Palo Alto Networks) Harness all the raw log files and event data generated by any user, system, or application in your IT infrastructure (aka "big data") to quickly perform Security Information Event Management (SIEM)-like use cases including: advanced threat and anomaly detection, incident investigations and forensics, and security/compliance reporting and analytics (Splunk) Automatically pass data on threats from Splunk to Palo Alto Networks to enable automated remediation Are you a security or networking professional looking to get hands-on experience with these next-generation technologies? Don't let your network self-destruct.

Tomorrow Starts Here - Security Everywhere

Cisco Canada

TLS 1.3’s Fourth Anniversary:What Have We Learned About Implementation and N...

Enterprise Management Associates

In 2018, EMA surveyed IT practitioners and technology decision-makers to gauge their awareness of the TLS 1.3 standard for network encryption. In 2022, EMA revisited the adoption of the TLS 1.3 standard by going back to IT networking professionals, security experts, and business leaders to discover what they have learned throughout the implementation process and the benefits they gained through their adoption and usage. These slides, based on the webinar presented by Christopher Steffen, managing research director for security and risk management at leading IT research firm EMA, cover some of the findings from this study.

When Downtime Isn’t an Option: Performance Optimization Analytics in the Era ...

CA Technologies

In the era of the customer, preventing system downtime and fixing performance issues before they occur is more critical than ever. Discover how the power of IT analytics can help you deliver improved customer experience through root cause analysis and actionable insight to prevent problems before they occur and resolve them faster if they do. See how you can correlate data from multiple sources for real-time prediction and increased insights into the behavior of your mainframe systems and databases. Whether you are currently doing IT analytics manually, using a variety of tools, an expert or a novice, you won’t want to miss this informative session and learn about new analytics innovations that can help you reduce costs, increase operational efficiency and delight your customers. For more information, please visit http://cainc.to/Nv2VOe

Engineering Services Forum L&T & A123 Systems

Information Services Group (ISG)

Adapt or Die: The Evolution of Endpoint Security

Tripwire

The rapid transformation of the digital landscape and the proliferation of new business models are bringing sweeping changes to IT organizations everywhere. In order to keep up with the accelerating cycles of change and keep your company safe in an increasingly hostile threat landscape, your organization’s endpoint protection strategy must evolve. In this interactive webinar, Eric Ogren, Senior Security Analyst at 451 Research and Gajraj Singh, VP of Product Marketing at Tripwire will provide insight into proactive steps you can take to improve your endpoint security. Topics include: • The top three things you can do today to improve the effectiveness of your endpoint security program. • How to gain sufficient endpoint visibility to effectively reduce breaches. • The likely evolution of endpoints and how technology is adapting to protect them. • How to incorporate the evolutions of endpoint detection into security investment decisions.

Internet of Things - A Different Kind of Scary v2FitCEO, Inc. (FCI)

Pactera - Cloud, Application, Cyber Security Trend 2016

Kyle Lai

In this presentation, we discuss about the trend on application, cloud and cyber security. We analyze surveys on several hundred of companies to show the trend on security concerns, threats, and what controls companies are looking to do. It also introduce Pactera's cybersecurity capabilities in providing end-to-end managed services for application security testing, secure code review, penetration testing, application security - secure coding practice training, third-party supplier security risk assessment, data governance and ISO 27001 based assessments.

The Connors Group Cyber Security Infographic

The Connors Group

Scalar Customer Case Study: Toronto 2015 Pan Am/Parapan Am Games

Scalar Decisions

Toronto will soon host the largest international multi-sport Games in Canada, when more than 7,600 athletes from 41 countries across the Americas will compete at the TORONTO 2015 Pan Am/Parapan Am Games. Understandably, IT security is top of mind for the Organizing Committee (known as TO2015). The event will rely on a number of applications and web portals, which include an interactive volunteer portal, athlete accreditation management tools and a travel logistics site. Securing the data centre where these applications reside is of critical importance, ensuring risks are mitigated, threats are prevented and regulatory requirements are met.

Cloud Security for Dummies Webinar — The Identity Edition

Netskope

Join "Cloud Security for Dummies" authors Ravi Ithal and Krishna Narayanaswamy, along with Patrick Harding, CTO from Ping Identity for this special “Identity Edition” of the Cloud Security for Dummies webinar series. In this panel-style discussion, the experts will compare notes, debate approaches, and share stories from the cloud security and identity and access management front lines. IT security professionals will walk away with best practices on: - Finding and assessing risk of all cloud apps running in your enterprise - Onboarding new apps and bringing them into the secure Single Sign On fold - Using identity to enable access and enforce usage and content policies - Dealing with security issues such as poor reputation users and compromised accounts - Communicating and coaching users

How Training and Consulting Companies Can Position CISSP, CISM and CRISC

ITpreneurs

Interested to sell more security training? What's covered in the slide deck: - IT Security Trends - Overview of CISSP, CISM and CRISC - Market Potential - Positioning Security Frameworks - Relation of CISSP, CISM and CRISC to ISO 27001 - The Need for IT Security Training What are the latest trends in Information Security training landscape? How to position these well-known certifications of ISC2’s CISSP, ISACA’s CISM and CRISC successfully? How do they relate to the established information security governance standard of ISO 27001.

Cyber Security IT GRC Management Model and Methodology.

360factors

[Webinar] Why Security Certification is Crucial for IoT Success

Electric Imp

[View the Webinar] - https://electrici.mp/2v1fQlI Electric Imp CEO, Hugo Fiennes, and UL’s Director of Connected Technologies, Rachna Stegall discuss the unique demands of helping to secure the IoT — and why independent certification is even more critical in the fast-evolving world. Join us to hear Fiennes & Stegall share candid insights into why establishing an IoT Security Benchmark, such as UL 2900-2-2 Cybersecurity Certification, is critical for due diligence of edge to enterprise technologies — and the future of commercial, industrial and consumer IoT overall.

Similar to Keep Your Guard: Stay Compliant and Be Secure (20)

Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?

March cybersecurity powerpoint

2015 Conference Brochure - Trust Security Agility - Businesses Better Prepare...

Cyber security white paper final PMD 12_28_16

The Unpleasant Truths of Modern Business Cybersecurity

Mission possible splunk+paloaltonetworks_6_2015

Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...

Tomorrow Starts Here - Security Everywhere

TLS 1.3’s Fourth Anniversary:What Have We Learned About Implementation and N...

When Downtime Isn’t an Option: Performance Optimization Analytics in the Era ...

Engineering Services Forum L&T & A123 Systems

Adapt or Die: The Evolution of Endpoint Security

Internet of Things - A Different Kind of Scary v2

Pactera - Cloud, Application, Cyber Security Trend 2016

The Connors Group Cyber Security Infographic

Scalar Customer Case Study: Toronto 2015 Pan Am/Parapan Am Games

Cloud Security for Dummies Webinar — The Identity Edition

How Training and Consulting Companies Can Position CISSP, CISM and CRISC

Cyber Security IT GRC Management Model and Methodology.

[Webinar] Why Security Certification is Crucial for IoT Success

More from Tripwire

Mind the Cybersecurity Gap - Why Compliance Isn't Enough

Tripwire

Data Privacy Day 2022: Tips to Ensure Data Privacy

Tripwire

Key Challenges Facing IT/OT: Hear From The Experts

Tripwire

When you think of Information Technology (IT) and Operational Technology (OT), which side are you on? You may not feel that you fall on any side of that technological skirmish, but when you stop to carefully consider the differences in these two disciplines, it is nearly impossible to avoid a tendentious leaning. However, the time may be upon us when the conflicts of IT and OT will be put to rest for the broader purpose of making businesses more agile, efficient, resilient and ultimately, more profitable. We spoke with experts in the field who offered their insights about the challenges facing IT and OT convergence. Here’s what they shared!

Tripwire Energy Working Group: TIV Demo

Tripwire

Tripwire Energy Working Group Session w/Dale Peterson

Tripwire

Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through

Tripwire

Tripwire Energy Working Group: Customer Session with Chase Cole

Tripwire

Tripwire Energy Working Group: Keynote w/Patrick Miller

Tripwire

World Book Day: Cybersecurity’s Quietest Celebration

Tripwire

Tripwire Retail Security 2020 Survey: Key Findings

Tripwire

As online sales surge, retail cybersecurity professionals are taking additional precautions to protect their organizations and their customers’ data. On top of this, the COVID-19 pandemic has driven even more consumers to turn to online shopping. Tripwire worked with Dimensional Research to better understand cybersecurity programs in the retail industry as they prepared for the holiday season. Download the full report here: https://www.tripwire.com/solutions/solutions-by-industry/retail-and-hospitality/retail-holiday-cybersecurity-survey-report

Key Findings: Tripwire COVID-19 Cybersecurity Impact Report

Tripwire

The Adventures of Captain Tripwire: Coloring Book!

Tripwire

Industrial Cybersecurity: Practical Tips for IT & OT Collaboration

Tripwire

The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...

Tripwire

Tripwire 2019 Skills Gap Survey: Key Findings

Tripwire

A Look Back at 2018: The Most Memorable Cyber Moments

Tripwire

Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass Audits

Tripwire

Major healthcare providers are tasked with protecting patient data and maintaining complex security compliance requirements enforced through rigorous audits. Mercy Health, a major Midwestern hospital system, became a Tripwire customer in 2013. Using Tripwire technology, they created a successful IT service by integrating their ITSM tool, streamlining their reporting process and more. Mercy Health and Tripwire show you how to: -Implement effective change management -Strengthen security in Epic records systems -Streamline the audit process

Tripwire State of Cyber Hygiene 2018 Report: Key Findings

Tripwire

Defend Your Data Now with the MITRE ATT&CK Framework

Tripwire

MITRE is a not-for-profit organization that operates federally-funded research and development centers. Their ATT&CK framework is a useful cybersecurity model illustrating how adversaries behave and explaining the tactics you should use to mitigate risk and improve security. ATT&CK stands for “adversarial tactics, techniques and common knowledge.” This presentation explores a methodology for pairing proven industry frameworks like MITRE ATT&CK with threat modeling practices to quickly detect and respond to cyber threats. With this approach, industrial organizations can slice their infrastructure into smaller components, making it easier to secure their assets and minimize the attack surface. Takeaways include how to: -Make the most out of their threat intelligence feeds -Report on progress and compliance -Negotiate trust relationships in the intelligence sharing cycle -Improve their organization’s overall security posture

Defending Critical Infrastructure Against Cyber Attacks

Tripwire

In our increasingly connected world, networks of machines help critical infrastructure run more efficiently and prevent downtime. However, systems which were once isolated are now being exposed to digital security threats that operators never considered. Joseph Blankenship of Forrester Research and Gabe Authier of Tripwire discuss the evolving threat landscape and how we can protect these critical assets from cyber threats. Topics covered include: -Examples of some of the most recent cyber-attacks to critical infrastructure -Why traditional IT security approaches won't work -Recommended approaches for securing critical infrastructure

More from Tripwire (20)

Mind the Cybersecurity Gap - Why Compliance Isn't Enough

Data Privacy Day 2022: Tips to Ensure Data Privacy

Key Challenges Facing IT/OT: Hear From The Experts

Tripwire Energy Working Group: TIV Demo

Tripwire Energy Working Group Session w/Dale Peterson

Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through

Tripwire Energy Working Group: Customer Session with Chase Cole

Tripwire Energy Working Group: Keynote w/Patrick Miller

World Book Day: Cybersecurity’s Quietest Celebration

Tripwire Retail Security 2020 Survey: Key Findings

Key Findings: Tripwire COVID-19 Cybersecurity Impact Report

The Adventures of Captain Tripwire: Coloring Book!

Industrial Cybersecurity: Practical Tips for IT & OT Collaboration

The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...

Tripwire 2019 Skills Gap Survey: Key Findings

A Look Back at 2018: The Most Memorable Cyber Moments

Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass Audits

Tripwire State of Cyber Hygiene 2018 Report: Key Findings

Defend Your Data Now with the MITRE ATT&CK Framework

Defending Critical Infrastructure Against Cyber Attacks

Recently uploaded

Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf

91mobiles

State of ICS and IoT Cyber Threat Landscape Report 2024 preview

Prayukth K V

The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development. The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers: State of global ICS asset and network exposure Sectoral targets and attacks as well as the cost of ransom Global APT activity, AI usage, actor and tactic profiles, and implications Rise in volumes of AI-powered cyberattacks Major cyber events in 2024 Malware and malicious payload trends Cyberattack types and targets Vulnerability exploit attempts on CVEs Attacks on counties – USA Expansion of bot farms – how, where, and why In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East Why are attacks on smart factories rising? Cyber risk predictions Axis of attacks – Europe Systemic attacks in the Middle East Download the full report from here: https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/

Free Complete Python - A step towards Data Science

RinaMondal9

Monitoring Java Application Security with JDK Tools and JFR Events

Ana-Maria Mihalceanu

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

FIDO Alliance

GridMate - End to end testing is a critical piece to ensure quality and avoid...

ThomasParaiso2

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...

James Anderson

Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management. The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM). Speakers: Bob Boule Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle. Gopinath Rebala Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.

Elevating Tactical DDD Patterns Through Object Calisthenics

Dorra BARTAGUIZ

After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!

UiPath Test Automation using UiPath Test Suite series, part 4

DianaGray10

Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap. The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies. Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques What will you get from this session? 1. Insights into SAP testing best practices 2. Heatmap utilization for testing 3. Optimization of testing processes 4. Demo Topics covered: Execution from the test manager Orchestrator execution result Defect reporting SAP heatmap example with demo Speaker: Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP

Uni Systems Copilot event_05062024_C.Vlachos.pdf

Uni Systems S.M.S.A.

PHP Frameworks: I want to break free (IPC Berlin 2024)

Ralf Eggert

In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development. This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.

Generative AI Deep Dive: Advancing from Proof of Concept to Production

Aggregage

A tale of scale & speed: How the US Navy is enabling software delivery from l...

sonjaschweigert1

Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved: - Reduction in onboarding time from 5 weeks to 1 day - Improved developer experience and productivity through actionable findings and reduction of false positives - Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO) Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production. We will cover: - How to remove silos in DevSecOps - How to build efficient development pipeline roles and component templates - How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence) - How to streamline operations with automated policy checks on container images

GraphRAG is All You need? LLM & Knowledge Graph

Guy Korland

Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs. 1. Unifying Large Language Models and Knowledge Graphs: A Roadmap. https://arxiv.org/abs/2306.08302 2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs: https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/

Epistemic Interaction - tuning interfaces to provide information for AI support

Alan Dix

Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024 https://alandix.com/academic/papers/synergy2024-epistemic/ As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.

The Future of Platform Engineering

Jemma Hussein Allen

Microsoft - Power Platform_G.Aspiotis.pdf

Uni Systems S.M.S.A.

GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...

Neo4j

Dr. Sean Tan, Head of Data Science, Changi Airport Group Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.

Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...

James Anderson

Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...

SOFTTECHHUB

The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing. One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.

Recently uploaded (20)

Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf

State of ICS and IoT Cyber Threat Landscape Report 2024 preview

Free Complete Python - A step towards Data Science

Monitoring Java Application Security with JDK Tools and JFR Events

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

GridMate - End to end testing is a critical piece to ensure quality and avoid...

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...

Elevating Tactical DDD Patterns Through Object Calisthenics

UiPath Test Automation using UiPath Test Suite series, part 4

Uni Systems Copilot event_05062024_C.Vlachos.pdf

PHP Frameworks: I want to break free (IPC Berlin 2024)

Generative AI Deep Dive: Advancing from Proof of Concept to Production

A tale of scale & speed: How the US Navy is enabling software delivery from l...

GraphRAG is All You need? LLM & Knowledge Graph

Epistemic Interaction - tuning interfaces to provide information for AI support

The Future of Platform Engineering

Microsoft - Power Platform_G.Aspiotis.pdf

GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...

Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...

Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...

Keep Your Guard: Stay Compliant and Be Secure

1. Keep Your Guard: Stay Compliant and Be Secure September 14th, 2016

2. Presenters Director, Product Management IT Security and Risk Strategist Twitter: @terlin terlin@tripwire.com Vice President, Services Tim Erlin Karl Perman Bill Kearson Director, Information Security

3. 3 Current State of Industry Tripwire Research: http://www.tripwire.com/company/research Could a cyberattack on operational technology in your organization cause physical damage? * November, 2015, 150 IT professionals in energy, utilities and oil & gas

4. 4 Current State of Industry Tripwire Research: http://www.tripwire.com/company/research Does your organization have the ability to accurately track all the threats targeting your OT networks? * November, 2015, 150 IT professionals in energy, utilities and oil & gas

5. 5 Current State of Industry Tripwire Research: http://www.tripwire.com/company/research What compliance requirements are the biggest driver for your purchase of cyber security products? * November, 2015, 150 IT professionals in energy, utilities and oil & gas

6. Compliance Challenge: Baselines •  What does NERC CIP require: –  CIP-010 R1: Develop configuraLon baselines, authorize and document changes to baselines (OS including firmware, soQware, ports, security patches) –  CIP-010 R2: Monitor and invesLgate changes to baselines •  Tips for Achieving and Maintaining Compliance –  AutomaLon; reducing manual effort can dramaLcally reduce audit burden. –  Define baseline process for your organizaLon –  Have a configuraLon change management system including change authorizaLon process

7. Compliance Challenge: Logging •  What does NERC CIP require: –  CIP-007 R4: Log security events, generate alerts, retain and review logs –  CIP-006 R2.2: Logging of visitor access –  CIP-009 R1.5: Data preservaLon for determining cause of Cyber Security Incident –  CIP-005 R1.5: DetecLng malicious communicaLons •  Tips for Achieving and Maintaining Compliance –  NormalizaLon rules; choose a product that can normalize logs from systems in your environment. –  Don’t pay for log storage; choose a tool that licenses by asset, not by events per second or data stored. –  Implement a logging process including clearly deﬁned roles and responsibiliLes

8. Compliance is Not Security

9. Security: Secure ConfiguraLons •  What gaps does CIP compliance leave open: –  Frequency of review; 35 days is not oQen enough! –  Use of configuraLon informaLon –  Remember offense as well as defense •  Tips for going beyond NERC CIP compliance to security –  Use a configuraLon baseline tool that can monitor in real Lme. –  Expand the baseline configuraLon items promulgated by CIP –  Fuse configuraLon data with threat intelligence

10. Security: Security Event Management •  What gaps does CIP compliance leave open: –  Stateful correlaLon of events; 5 failed logins followed by success –  Track events that mafer to your organizaLon in addiLon to CIP requirements •  Tips for going beyond NERC CIP compliance to security –  Use a log management tool that can track state across events –  Use key performance indicators to measure eﬀecLveness –  Event analysis correlated with threat intelligence

11. Conclusion •  CIP is only a baseline; go further for security •  Good CIP compliance may not protect you from all of the current security threats •  A process driven approach should make compliance less burdensome in the long run (deﬁned and repeatable processes) •  Automate where you can as manual processes are fraught with resource constraints and errors

12. TRIPWIRE PROPRIETARY & CONFIDENTIAL. NOT FOR DISTRIBUTION. INTERNAL USE ONLY. Questions

Keep Your Guard: Stay Compliant and Be Secure

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (12)

Similar to Keep Your Guard: Stay Compliant and Be Secure

Similar to Keep Your Guard: Stay Compliant and Be Secure (20)

More from Tripwire

More from Tripwire (20)

Recently uploaded

Recently uploaded (20)

Keep Your Guard: Stay Compliant and Be Secure