Resources

Blog

CMS ARS: A Blueprint for US Healthcare Data Security and Compliance

By Kirsten Doyle on Thu, 03/20/2025

Protecting sensitive patient information is more critical than ever. With technologies evolving at a breakneck pace and the number of cyber threats targeting healthcare entities in the United States skyrocketing, healthcare organizations must have robust policies and guardrails in place to ensure patients' confidential information doesn't fall into the wrong hands.One of the essential frameworks...

Blog

How to Secure Your Information on AWS: 10 Best Practices

By Katrina Thompson on Wed, 03/19/2025

About one in three organizations that leverage cloud service providers (CSPs) use Amazon Web Services (AWS), according to November 2024 research from Synergy Research Group. This means two things. One is that when attackers are looking to get the most out of a single exploit, they will likely craft them to target AWS systems. And two, that AWS data security best practices are a timely topic for a...

Blog

Best Practices for Securing Your SaaS Environment

By Fortra Staff on Mon, 01/27/2025

Can you imagine a modern working world without Software-as-a-Service (SaaS) applications? Productivity, communication, and project management solutions have transformed the modern workplace, enabling hybrid and remote working, helping to cut costs, and offering unprecedented opportunities for collaboration and innovation. Without them, the business world would grind to a halt.But these...

Blog

What’s the Difference Between DSPM, CSPM, and CIEM?

By Katrina Thompson on Mon, 12/16/2024

DSPM, CSPM, and CIEM are more than just a mouthful of acronyms. They are some of today’s most sophisticated tools for managing data security in the cloud.While they are all distinct entities and go about protecting data in different ways, the fact that they all seem to do very much the same thing can lead to a lot of confusion. This, in turn, can sell each of these unique solutions short – after...

Blog

CIS Control 09: Email and Web Browser Protections

By Matthew Jerzewski on Wed, 12/11/2024

Web browsers and email clients are used to interact with external and internal assets. Both applications can be used as a point of entry within an organization. Users of these applications can be manipulated using social engineering attacks. A successful social engineering attack needs to convince users to interact with malicious content. A successful attack could give an attacker an entry point...

Blog

DSPM vs CSPM: Key Insights for Effective Cloud Security Management

By Josh Breaker-Rolfe on Mon, 11/25/2024

Most modern organizations have complex IT infrastructures made up of various components like Software-as-a-Service (SaaS), Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), public cloud, and sometimes hybrid environments. While these infrastructures bring significant benefits, including improved scalability, flexibility, and cost savings, increasing complexity has made it...

Blog

Data Security Best Practices for Cloud CRM Systems as Adoption Surges

By Joseph Chukwube on Mon, 09/30/2024

For the past few years, the CRM market has witnessed steady growth and it is projected to reach $89 billion by 2024. Estimates are that this growth will continue into the foreseeable future. Essentially, CRM systems have come to stay and have become the backbone of many organizations.However, the bleak state of cybersecurity cuts across many industries, and CRM systems are equally vulnerable....

Blog

Navigating the Cloud Chaos: 2024's Top Threats Revealed

By Kirsten Doyle on Mon, 09/16/2024

Misconfigurations (when cloud computing assets are set up incorrectly, leaving them vulnerable to unauthorized access, data breaches, and operational disruptions) and inadequate change control top the list of cloud security threats in 2024, rising from third place the year before. It's clear that the transition to cloud computing has amplified the challenges of configuration management, making it...

Blog

Tips for Ensuring HIPAA Compliance

By Tripwire Guest Authors on Wed, 01/17/2024

Like every other industry, the healthcare sector is barely recognizable when compared to its state 20 years ago. It, too, has been transfigured by technology. While this has brought many impactful benefits, it has also introduced at least one major challenge: keeping sensitive patient information private. At the heart of this privacy challenge...

Blog

Why Therapists need Data Protection and Cybersecurity

By Gary Hibberd on Tue, 01/16/2024

Cybersecurity in Mental Healthcare - The Overlooked Risk Did you know the New-Age Therapeutic sector is unregulated? If that surprises you, then you’re not alone. I was a little surprised, too. Yes, there are various professional bodies a practitioner can join, and there are courses they can attend, but they aren’t forced to. It should be noted...

Blog

An Introduction to AWS Security

By Gilad David Maayan on Fri, 01/12/2024

Cloud providers are becoming a core part of IT infrastructure. Amazon Web Services (AWS), the world's biggest cloud provider, is used by millions of organizations worldwide and is commonly used to run sensitive and mission-critical workloads. This makes it critical for IT and security professionals to understand the basics of AWS security and take...

Blog

Cloud Security Optimization: A Process for Continuous Improvement

By Gilad David Maayan on Thu, 12/28/2023

Cloud optimization is the process of correctly selecting and assigning the right resources to a workload or application with the ultimate goal of minimizing costs while improving performance and efficiency. These resources can range from computational power, memory, and storage to network capabilities. The cloud optimization process involves...

Blog

The 2023 ISC2 Cybersecurity Workforce Study Delves into Cloud Security and AI

By Katrina Thompson on Mon, 12/11/2023

The security industry is at a critical juncture. Capturing the state of affairs is a recent report released by the International Information System Security Certification Consortium, or ISC2. “A perfect storm” As they state in their Executive Summary, “Our study shows that a perfect storm of economic uncertainty, rapidly emerging technologies,...

Blog

The Six Pillars of Cybersecurity

By Gary Hibberd on Thu, 11/16/2023

Winter is coming In the ever-evolving landscape of cloud computing, ensuring robust security measures has never been more important. In the new ISO 27001:2022 standard, there is a new requirement for organisations to establish control of their Cloud services, which includes every flavor of cloud from Software as a Service (SaaS) to Platform as a...

Blog

Cloud Watching Report: Key Takeaways

By Anirudh Chand on Mon, 11/13/2023

The capabilities of cloud computing have changed the digital landscape significantly, and the popularity of cloud solutions only continues to increase. According to Gartner, the market for public cloud services is expected to surpass 700 billion USD by the end of 2024. The growth of cloud technologies presents a wealth of new opportunities for IT...

Blog

Plastic surgeries warned by the FBI that they are being targeted by cybercriminals

By Graham Cluley on Wed, 10/18/2023

Plastic surgeries across the United States have been issued a warning that they are being targeted by cybercriminals in plots designed to steal sensitive data including patients' medical records and photographs that will be later used for extortion. The warning, which was issued by the FBI yesterday and is directed towards plastic surgery offices...

Guide

How Managed Services Can Help With Cybersecurity Compliance

Organizations are often overburdened with managing complex tools to handle their most important compliance responsibilities, and in many cases lack the internal headcount to manage those tools with highly-trained expertise. Managed services can solve your security staffing and resource challenges by arming your team with security expertise to maintain optimal compliance. Managed service providers...

Compliance

CIS Controls

FISMA

GDPR

HIPAA

NERC CIP

NIST

PCI DSS

SOX

Product Video

How Tripwire Helped Walgreens Take a Proactive Approach to Security

Mon, 08/15/2022

Walgreens, founded in 1901, is one of the largest pharmacy companies in the U.S., handling online and in-store sales as well as processing the prescription needs of millions of customers. It needed a security solution that would give them an integrated, all-up view into its IT ecosystem. Its Tripwire ExpertOps solution has given the company a much more proactive view and approach to its security...

Guide

Multi-Cloud Security Best Practice Guide

When you opt to use multiple cloud providers, you’re implementing a multi-cloud strategy. This practice is increasingly common, and can refer to mixing SaaS (software as a service) and PaaS (platform as a service) offerings as well as public cloud environments that fall under the IaaS (infrastructure as a service) category. The most common public cloud environments today are Amazon Web Services ...

Guide

Meeting Multiple Compliance Objectives Simultaneously With the CIS Controls

The CIS Controls are a set of recommendations comprised of controls and benchmarks. They are intended to serve as a cybersecurity “best practice” for preventing damaging attacks. The recommendations are meant to provide a holistic approach to cybersecurity and to be effective across all industries. Adhering to them serves as an effective foundation for any organization’s security and compliance...

Compliance

CIS Controls

FISMA

GDPR

HIPAA

NIST

PCI DSS

CMS ARS: A Blueprint for US Healthcare Data Security and Compliance

How to Secure Your Information on AWS: 10 Best Practices

Best Practices for Securing Your SaaS Environment

What’s the Difference Between DSPM, CSPM, and CIEM?

CIS Control 09: Email and Web Browser Protections

DSPM vs CSPM: Key Insights for Effective Cloud Security Management

Data Security Best Practices for Cloud CRM Systems as Adoption Surges

Navigating the Cloud Chaos: 2024's Top Threats Revealed

Tips for Ensuring HIPAA Compliance

Why Therapists need Data Protection and Cybersecurity

An Introduction to AWS Security

Cloud Security Optimization: A Process for Continuous Improvement

The 2023 ISC2 Cybersecurity Workforce Study Delves into Cloud Security and AI

The Six Pillars of Cybersecurity

Cloud Watching Report: Key Takeaways

Plastic surgeries warned by the FBI that they are being targeted by cybercriminals

How Managed Services Can Help With Cybersecurity Compliance

How Tripwire Helped Walgreens Take a Proactive Approach to Security

Multi-Cloud Security Best Practice Guide

Meeting Multiple Compliance Objectives Simultaneously With the CIS Controls

Contact Information

Privacy Policy

Cookie Policy

Impressum